354300x80000000000000003904893Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.176{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56238-false10.0.1.12-8000- 11241100x80000000000000003904894Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.176{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc11ad7540d7f4372022-01-11 12:18:08.176root 11241100x80000000000000003904895Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.176{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96bf085f449daba42022-01-11 12:18:08.176root 11241100x80000000000000003904896Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.177{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db32b0c0ba30a47f2022-01-11 12:18:08.177root 11241100x80000000000000003904897Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.177{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b1b57b11f35958d2022-01-11 12:18:08.177root 11241100x80000000000000003904898Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.177{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0758e9354852a882022-01-11 12:18:08.177root 11241100x80000000000000003904899Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.177{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.324b66ef3fbe410a2022-01-11 12:18:08.177root 11241100x80000000000000003904900Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.177{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae2464790da4c9602022-01-11 12:18:08.177root 11241100x80000000000000003904901Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.177{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ad1529a19a77f012022-01-11 12:18:08.177root 11241100x80000000000000003904902Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.177{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6333089d0dda49e42022-01-11 12:18:08.177root 11241100x80000000000000003904903Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.177{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ad52a79da4716de2022-01-11 12:18:08.177root 11241100x80000000000000003904904Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.177{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5dda1a4e4794d9a62022-01-11 12:18:08.177root 11241100x80000000000000003904905Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.177{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e4a1096feb263e82022-01-11 12:18:08.177root 11241100x80000000000000003904906Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.177{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1e2f4c1fd4c9c232022-01-11 12:18:08.177root 11241100x80000000000000003904907Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.177{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dad3f56d9030a5422022-01-11 12:18:08.177root 11241100x80000000000000003904908Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.177{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ae7b347ab6e70ad2022-01-11 12:18:08.177root 11241100x80000000000000003904909Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.178{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05834bb164eb92652022-01-11 12:18:08.178root 11241100x80000000000000003904910Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.178{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b55d014ca38aed32022-01-11 12:18:08.178root 11241100x80000000000000003904911Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.178{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a97656b8e05ee45c2022-01-11 12:18:08.178root 11241100x80000000000000003904912Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.178{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f00d005787abee942022-01-11 12:18:08.178root 11241100x80000000000000003904913Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.178{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00a5c6454bea26382022-01-11 12:18:08.178root 11241100x80000000000000003904914Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a0ada31372131822022-01-11 12:18:08.583root 11241100x80000000000000003904915Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9032f05d73871d72022-01-11 12:18:08.583root 11241100x80000000000000003904916Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d66181c2f187fea42022-01-11 12:18:08.583root 11241100x80000000000000003904917Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.853e5317e95fd8322022-01-11 12:18:08.583root 11241100x80000000000000003904918Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd7490125c2f6ac22022-01-11 12:18:08.584root 11241100x80000000000000003904919Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a43d79f38daabf8a2022-01-11 12:18:08.584root 11241100x80000000000000003904920Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b7612e9a92f12e32022-01-11 12:18:08.584root 11241100x80000000000000003904921Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5393482ce353ef792022-01-11 12:18:08.584root 11241100x80000000000000003904922Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e2dc115869d1a6a2022-01-11 12:18:08.584root 11241100x80000000000000003904923Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2ab3bcde701ff1f2022-01-11 12:18:08.584root 11241100x80000000000000003904924Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e053baf03275e5b52022-01-11 12:18:08.585root 11241100x80000000000000003904925Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43df7c4362f05e1c2022-01-11 12:18:08.585root 11241100x80000000000000003904926Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.257d981c91dbaf332022-01-11 12:18:08.585root 11241100x80000000000000003904927Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f58beafb5e6175402022-01-11 12:18:08.585root 11241100x80000000000000003904928Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d91eb7c31630ddea2022-01-11 12:18:08.586root 11241100x80000000000000003904929Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49b345ea9e0273dd2022-01-11 12:18:08.586root 11241100x80000000000000003904930Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ec17d28803b6c202022-01-11 12:18:08.587root 11241100x80000000000000003904931Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d9580dbf628fbf12022-01-11 12:18:08.588root 11241100x80000000000000003904932Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c468c475d0dd7972022-01-11 12:18:08.588root 11241100x80000000000000003904933Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1505af7d8054358d2022-01-11 12:18:08.589root 11241100x80000000000000003904934Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c41bfd4e8e1fc84c2022-01-11 12:18:09.083root 11241100x80000000000000003904935Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d12f9f4db18431f22022-01-11 12:18:09.083root 11241100x80000000000000003904936Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.499bf8bf6c21f4f62022-01-11 12:18:09.084root 11241100x80000000000000003904937Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.27bc3c07751c80b12022-01-11 12:18:09.084root 11241100x80000000000000003904938Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.837991c13a67ade72022-01-11 12:18:09.084root 11241100x80000000000000003904939Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9b856782b0e05fa2022-01-11 12:18:09.084root 11241100x80000000000000003904940Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8ff63bb345095a72022-01-11 12:18:09.084root 11241100x80000000000000003904941Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ac5505fb93bcad12022-01-11 12:18:09.084root 11241100x80000000000000003904942Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd7a27d6757a08f42022-01-11 12:18:09.084root 11241100x80000000000000003904943Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.edfd55d9d8f8e8732022-01-11 12:18:09.084root 11241100x80000000000000003904944Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9038b29d35d7dcf12022-01-11 12:18:09.085root 11241100x80000000000000003904945Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5cf6019679d5962c2022-01-11 12:18:09.085root 11241100x80000000000000003904946Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1661a270265c9fe82022-01-11 12:18:09.085root 11241100x80000000000000003904947Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54aa0b48812ccad62022-01-11 12:18:09.085root 11241100x80000000000000003904948Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6d6a05c01c1672d2022-01-11 12:18:09.085root 11241100x80000000000000003904949Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f9ff62a62811c8072022-01-11 12:18:09.085root 11241100x80000000000000003904950Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02ff47740451bed42022-01-11 12:18:09.085root 11241100x80000000000000003904951Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e62ccb7a91ef4b332022-01-11 12:18:09.085root 11241100x80000000000000003904952Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25356d30c9424c472022-01-11 12:18:09.085root 11241100x80000000000000003904953Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3221c41fe327739f2022-01-11 12:18:09.086root 11241100x80000000000000003904954Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f360bd4cb5822e792022-01-11 12:18:09.086root 11241100x80000000000000003904955Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11497742b86355452022-01-11 12:18:09.086root 11241100x80000000000000003904956Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2552c6395b4cfd862022-01-11 12:18:09.086root 11241100x80000000000000003904957Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb2079dbded8ad832022-01-11 12:18:09.583root 11241100x80000000000000003904958Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b905f7c17b279272022-01-11 12:18:09.583root 11241100x80000000000000003904959Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a0975c02499b8012022-01-11 12:18:09.583root 11241100x80000000000000003904960Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57b7e3d4a87cb08e2022-01-11 12:18:09.583root 11241100x80000000000000003904961Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6556916314b4f0f2022-01-11 12:18:09.584root 11241100x80000000000000003904962Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0dbcc7b89fa6ebb22022-01-11 12:18:09.584root 11241100x80000000000000003904963Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc67081a39fbf3e22022-01-11 12:18:09.584root 11241100x80000000000000003904964Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.71643eea6ddd285e2022-01-11 12:18:09.584root 11241100x80000000000000003904965Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc7aa8e43274d01a2022-01-11 12:18:09.584root 11241100x80000000000000003904966Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a01817c50ef16e562022-01-11 12:18:09.584root 11241100x80000000000000003904967Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5943adfe7a8e3d2b2022-01-11 12:18:09.584root 11241100x80000000000000003904968Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.92a623fe97ca8d8a2022-01-11 12:18:09.584root 11241100x80000000000000003904969Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dcd280a7afd9362e2022-01-11 12:18:09.585root 11241100x80000000000000003904970Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1d27f9cbd3804932022-01-11 12:18:09.585root 11241100x80000000000000003904971Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c1902c988504b4d2022-01-11 12:18:09.585root 11241100x80000000000000003904972Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a95f1a07b1ccdc582022-01-11 12:18:09.585root 11241100x80000000000000003904973Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.442ff8aa591881ba2022-01-11 12:18:09.585root 11241100x80000000000000003904974Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76c7c9f1a469714b2022-01-11 12:18:09.585root 11241100x80000000000000003904975Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a34d4beb2747cd82022-01-11 12:18:09.586root 11241100x80000000000000003904976Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a98b7cc2237e8772022-01-11 12:18:09.586root 11241100x80000000000000003904977Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c932670a979343032022-01-11 12:18:10.084root 11241100x80000000000000003904978Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4fc6f88a200a3932022-01-11 12:18:10.084root 11241100x80000000000000003904979Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.704f703792c86a492022-01-11 12:18:10.084root 11241100x80000000000000003904980Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd4d64ddfd850a592022-01-11 12:18:10.084root 11241100x80000000000000003904981Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c30239a165e5acf62022-01-11 12:18:10.084root 11241100x80000000000000003904982Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39053893f7e007aa2022-01-11 12:18:10.084root 11241100x80000000000000003904983Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cbf36d203eacc2142022-01-11 12:18:10.084root 11241100x80000000000000003904984Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef5bde50b1b0d3b32022-01-11 12:18:10.084root 11241100x80000000000000003904985Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.582c71449a28c4db2022-01-11 12:18:10.085root 11241100x80000000000000003904986Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16c717630307de542022-01-11 12:18:10.085root 11241100x80000000000000003904987Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.efbb4a3ae414f4aa2022-01-11 12:18:10.085root 11241100x80000000000000003904988Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8399e435c4346252022-01-11 12:18:10.085root 11241100x80000000000000003904989Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7aa5e7d3fec7a8d72022-01-11 12:18:10.085root 11241100x80000000000000003904990Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd525c982721ac0f2022-01-11 12:18:10.085root 11241100x80000000000000003904991Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6daea813d570c712022-01-11 12:18:10.085root 11241100x80000000000000003904992Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef74998fbf7bf0b22022-01-11 12:18:10.085root 11241100x80000000000000003904993Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f38fbff72e742aea2022-01-11 12:18:10.086root 11241100x80000000000000003904994Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4295afd3aed0c9b82022-01-11 12:18:10.086root 11241100x80000000000000003904995Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f20123b8b6ed0ee2022-01-11 12:18:10.086root 11241100x80000000000000003904996Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbabf3593bb6dbb42022-01-11 12:18:10.086root 11241100x80000000000000003904997Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc4965adfd8a71922022-01-11 12:18:10.583root 11241100x80000000000000003904998Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aad3c695b10f6d062022-01-11 12:18:10.583root 11241100x80000000000000003904999Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa768fcd0745b1d42022-01-11 12:18:10.583root 11241100x80000000000000003905000Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7c04f54ca81066b2022-01-11 12:18:10.583root 11241100x80000000000000003905001Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4735e5b538b3d2ed2022-01-11 12:18:10.583root 11241100x80000000000000003905002Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.308c8c71bb9b896d2022-01-11 12:18:10.583root 11241100x80000000000000003905003Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47fc886f28bf287d2022-01-11 12:18:10.584root 11241100x80000000000000003905004Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6fdce5c0510aa0b72022-01-11 12:18:10.584root 11241100x80000000000000003905005Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec5c8599475dcbe32022-01-11 12:18:10.584root 11241100x80000000000000003905006Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b012c2754f1ab0352022-01-11 12:18:10.584root 11241100x80000000000000003905007Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.057d4535967275d02022-01-11 12:18:10.584root 11241100x80000000000000003905008Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3649062c41ead302022-01-11 12:18:10.584root 11241100x80000000000000003905009Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.750f758dd33956f62022-01-11 12:18:10.584root 11241100x80000000000000003905010Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6beb818a3ab1b5b22022-01-11 12:18:10.584root 11241100x80000000000000003905011Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1639c0ad547b7452022-01-11 12:18:10.584root 11241100x80000000000000003905012Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e18b42171ddb91bb2022-01-11 12:18:10.584root 11241100x80000000000000003905013Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4213a5155fd10d972022-01-11 12:18:10.584root 11241100x80000000000000003905014Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96010b1fad652c1b2022-01-11 12:18:10.584root 11241100x80000000000000003905015Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.032f15cf05c38b802022-01-11 12:18:10.584root 11241100x80000000000000003905016Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ef3ce6939004c0d2022-01-11 12:18:10.584root 11241100x80000000000000003905017Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2cd1e28c3b394b202022-01-11 12:18:11.083root 11241100x80000000000000003905018Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9dc8daa124dbd0662022-01-11 12:18:11.083root 11241100x80000000000000003905019Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0d7228150c7fcef2022-01-11 12:18:11.083root 11241100x80000000000000003905020Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe89cd55fa937f182022-01-11 12:18:11.083root 11241100x80000000000000003905021Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc19df8fc7bb45bb2022-01-11 12:18:11.084root 11241100x80000000000000003905022Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47b78a0de956aa562022-01-11 12:18:11.084root 11241100x80000000000000003905023Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f4d7d73646fa3d822022-01-11 12:18:11.084root 11241100x80000000000000003905024Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1e0facd8bd6498da2022-01-11 12:18:11.084root 11241100x80000000000000003905025Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.52c24d90adf07ac22022-01-11 12:18:11.084root 11241100x80000000000000003905026Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f113dec12f9242972022-01-11 12:18:11.084root 11241100x80000000000000003905027Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.667a2660442c5c422022-01-11 12:18:11.084root 11241100x80000000000000003905028Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91fd04fed3a98ea02022-01-11 12:18:11.084root 11241100x80000000000000003905029Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad03c2add84206e32022-01-11 12:18:11.084root 11241100x80000000000000003905030Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62213d091cd60f932022-01-11 12:18:11.085root 11241100x80000000000000003905031Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6be1e8639850823f2022-01-11 12:18:11.085root 11241100x80000000000000003905032Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9661e9c1131a1ffe2022-01-11 12:18:11.085root 11241100x80000000000000003905033Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.075b975c148415df2022-01-11 12:18:11.085root 11241100x80000000000000003905034Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.629fc9ec212253bc2022-01-11 12:18:11.085root 11241100x80000000000000003905035Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c200a02de459b6272022-01-11 12:18:11.085root 11241100x80000000000000003905036Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b16f965d61315482022-01-11 12:18:11.085root 11241100x80000000000000003905037Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0b1c80a8ff0f0f62022-01-11 12:18:11.583root 11241100x80000000000000003905038Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b803fa9af8be44812022-01-11 12:18:11.583root 11241100x80000000000000003905039Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.921aa21d79a957d62022-01-11 12:18:11.583root 11241100x80000000000000003905040Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de25dcd0b6a050ab2022-01-11 12:18:11.584root 11241100x80000000000000003905041Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ebcbed4631833add2022-01-11 12:18:11.584root 11241100x80000000000000003905042Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b12f854f935fcec2022-01-11 12:18:11.584root 11241100x80000000000000003905043Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8dcd20c6c2b174402022-01-11 12:18:11.584root 11241100x80000000000000003905044Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1e4d794739e5d8792022-01-11 12:18:11.584root 11241100x80000000000000003905045Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.380a61afa4ab05b32022-01-11 12:18:11.584root 11241100x80000000000000003905046Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ba0e8d7e51cb9a22022-01-11 12:18:11.584root 11241100x80000000000000003905047Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.645388f126e49e2c2022-01-11 12:18:11.584root 11241100x80000000000000003905048Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c00c2c5aaa9ad2c02022-01-11 12:18:11.584root 11241100x80000000000000003905049Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1df0e96f700e95dd2022-01-11 12:18:11.585root 11241100x80000000000000003905050Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6cf8cb3a018509012022-01-11 12:18:11.585root 11241100x80000000000000003905051Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4595980667cac4cd2022-01-11 12:18:11.585root 11241100x80000000000000003905052Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63e067b73f2c72442022-01-11 12:18:11.585root 11241100x80000000000000003905053Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a54136c0d0a1f37a2022-01-11 12:18:11.585root 11241100x80000000000000003905054Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d62c98236b565892022-01-11 12:18:11.585root 11241100x80000000000000003905055Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.113e155fff28c7a12022-01-11 12:18:11.585root 11241100x80000000000000003905056Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb2a621761c4e2b52022-01-11 12:18:11.585root 11241100x80000000000000003905057Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c4f580f6285ab1672022-01-11 12:18:12.084root 11241100x80000000000000003905058Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.edfa491da1630dbe2022-01-11 12:18:12.084root 11241100x80000000000000003905059Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfceee9f434fef5e2022-01-11 12:18:12.084root 11241100x80000000000000003905060Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.337edc5de7d1466c2022-01-11 12:18:12.084root 11241100x80000000000000003905061Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.014f533650bfb41b2022-01-11 12:18:12.084root 11241100x80000000000000003905062Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e060a5097e1f35ca2022-01-11 12:18:12.084root 11241100x80000000000000003905063Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9cdaf34ad34d590c2022-01-11 12:18:12.084root 11241100x80000000000000003905064Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ee3beb64fc292c02022-01-11 12:18:12.084root 11241100x80000000000000003905065Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53e0653dc73917c52022-01-11 12:18:12.084root 11241100x80000000000000003905066Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c18e784b1a66c002022-01-11 12:18:12.084root 11241100x80000000000000003905067Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9201185e0803a732022-01-11 12:18:12.084root 11241100x80000000000000003905068Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5cc7813351113b962022-01-11 12:18:12.085root 11241100x80000000000000003905069Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5df995f28b6a9cd62022-01-11 12:18:12.085root 11241100x80000000000000003905070Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e282ca05cb6619362022-01-11 12:18:12.085root 11241100x80000000000000003905071Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c05b1b5350c33352022-01-11 12:18:12.085root 11241100x80000000000000003905072Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48c63835fa800eb82022-01-11 12:18:12.085root 11241100x80000000000000003905073Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bdf2e9a7f87ba81c2022-01-11 12:18:12.085root 11241100x80000000000000003905074Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf77204af5c79de32022-01-11 12:18:12.085root 11241100x80000000000000003905075Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed1adc23c20272742022-01-11 12:18:12.085root 11241100x80000000000000003905076Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.edf4cdd4266d2c6e2022-01-11 12:18:12.085root 11241100x80000000000000003905077Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e2171316f7fa1652022-01-11 12:18:12.583root 11241100x80000000000000003905078Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6c67b47cf1542b62022-01-11 12:18:12.583root 11241100x80000000000000003905079Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa8a17171b4766dc2022-01-11 12:18:12.583root 11241100x80000000000000003905080Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.759795d5039d1ad82022-01-11 12:18:12.584root 11241100x80000000000000003905081Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77f6a7acfbf3c7442022-01-11 12:18:12.584root 11241100x80000000000000003905082Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2fef95fe3d8086bb2022-01-11 12:18:12.584root 11241100x80000000000000003905083Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43c21a23b0e6bc172022-01-11 12:18:12.584root 11241100x80000000000000003905084Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.347cf2f333bf37262022-01-11 12:18:12.584root 11241100x80000000000000003905085Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1c239580e4fc1d02022-01-11 12:18:12.584root 11241100x80000000000000003905086Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.725121f7dfe905a02022-01-11 12:18:12.585root 11241100x80000000000000003905087Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.925499d8b77951112022-01-11 12:18:12.585root 11241100x80000000000000003905088Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6021c8be654b01752022-01-11 12:18:12.585root 11241100x80000000000000003905089Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6fbd58cabf04f83e2022-01-11 12:18:12.585root 11241100x80000000000000003905090Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.013056c692a078302022-01-11 12:18:12.586root 11241100x80000000000000003905091Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c42540b0f6dd4d502022-01-11 12:18:12.586root 11241100x80000000000000003905092Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62d89a0f6310742b2022-01-11 12:18:12.586root 11241100x80000000000000003905093Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d49f342e563143dc2022-01-11 12:18:12.586root 11241100x80000000000000003905094Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c30b460a9a03ab52022-01-11 12:18:12.587root 11241100x80000000000000003905095Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7e030442b8d039c2022-01-11 12:18:12.587root 11241100x80000000000000003905096Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ee9ad4a4a6d4c9a2022-01-11 12:18:12.587root 11241100x80000000000000003905097Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66a3fda54338b1bb2022-01-11 12:18:12.587root 11241100x80000000000000003905098Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5882a14dc27f4bfd2022-01-11 12:18:12.588root 11241100x80000000000000003905099Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66d1cdc51e3700e62022-01-11 12:18:13.084root 11241100x80000000000000003905100Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b3453a8451ec6e72022-01-11 12:18:13.084root 11241100x80000000000000003905101Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3bff0756e1f65db22022-01-11 12:18:13.084root 11241100x80000000000000003905102Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4bc5df798bd571632022-01-11 12:18:13.084root 11241100x80000000000000003905103Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.293000e18580c3522022-01-11 12:18:13.084root 11241100x80000000000000003905104Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5959cdc4a470a4a52022-01-11 12:18:13.084root 11241100x80000000000000003905105Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d7f07ebbd5dc9c12022-01-11 12:18:13.084root 11241100x80000000000000003905106Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be4e2d3ab785dbc32022-01-11 12:18:13.085root 11241100x80000000000000003905107Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.638497c73c926dc02022-01-11 12:18:13.085root 11241100x80000000000000003905108Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.27affb6444dfff162022-01-11 12:18:13.085root 11241100x80000000000000003905109Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0af3f960e0be54b2022-01-11 12:18:13.085root 11241100x80000000000000003905110Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e24df88937a3c912022-01-11 12:18:13.085root 11241100x80000000000000003905111Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2993fe08ea0369332022-01-11 12:18:13.086root 11241100x80000000000000003905112Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.849da916904105042022-01-11 12:18:13.086root 11241100x80000000000000003905113Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f16ad4b28fae38392022-01-11 12:18:13.086root 11241100x80000000000000003905114Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.891db97fa0b8ba012022-01-11 12:18:13.086root 11241100x80000000000000003905115Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a62206b1528b7bf2022-01-11 12:18:13.086root 11241100x80000000000000003905116Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a9fecf43155e12d2022-01-11 12:18:13.086root 11241100x80000000000000003905117Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6dd1526296b01e02022-01-11 12:18:13.086root 11241100x80000000000000003905118Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8153e97e561cfd962022-01-11 12:18:13.086root 354300x80000000000000003905119Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.244{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56240-false10.0.1.12-8000- 11241100x80000000000000003905120Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.266c495be9eda16a2022-01-11 12:18:13.584root 11241100x80000000000000003905121Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4d3c73c2a51e74e2022-01-11 12:18:13.584root 11241100x80000000000000003905122Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.116c2a80f7e0e3202022-01-11 12:18:13.584root 11241100x80000000000000003905123Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce5c3f6a895743782022-01-11 12:18:13.584root 11241100x80000000000000003905124Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a294d6bcf500bba2022-01-11 12:18:13.584root 11241100x80000000000000003905125Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d3d35933d9b28d42022-01-11 12:18:13.584root 11241100x80000000000000003905126Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7c5174dec6633bb2022-01-11 12:18:13.585root 11241100x80000000000000003905127Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d43cb9b5a93c5442022-01-11 12:18:13.585root 11241100x80000000000000003905128Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.caf5dc9d4c5791092022-01-11 12:18:13.585root 11241100x80000000000000003905129Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e88c4c511ba8ca12022-01-11 12:18:13.585root 11241100x80000000000000003905130Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b5d1b0fd23aaa6a22022-01-11 12:18:13.586root 11241100x80000000000000003905131Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc432e401b8b7d272022-01-11 12:18:13.586root 11241100x80000000000000003905132Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.634b55a569462ed22022-01-11 12:18:13.586root 11241100x80000000000000003905133Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7036ed33d6d57e622022-01-11 12:18:13.586root 11241100x80000000000000003905134Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42f832a83a185e162022-01-11 12:18:13.586root 11241100x80000000000000003905135Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2666138fc6c8a90f2022-01-11 12:18:13.586root 11241100x80000000000000003905136Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15e65b8628f83b082022-01-11 12:18:13.586root 11241100x80000000000000003905137Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.070aea4fbc008ea22022-01-11 12:18:13.586root 11241100x80000000000000003905138Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.871ee507071c311a2022-01-11 12:18:13.587root 11241100x80000000000000003905139Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.011f8938ba0f62552022-01-11 12:18:13.587root 11241100x80000000000000003905140Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f6193288fa4c0c72022-01-11 12:18:13.587root 11241100x80000000000000003905141Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3ed4bb5b27e324f2022-01-11 12:18:14.083root 11241100x80000000000000003905142Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61901b7147f6d91e2022-01-11 12:18:14.083root 11241100x80000000000000003905143Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04de3527a8dcb1a82022-01-11 12:18:14.083root 11241100x80000000000000003905144Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.92d0a9b36a522e212022-01-11 12:18:14.083root 11241100x80000000000000003905145Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0e1632556ed37d92022-01-11 12:18:14.084root 11241100x80000000000000003905146Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce7d212c84caec502022-01-11 12:18:14.084root 11241100x80000000000000003905147Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.daf8047246e18b512022-01-11 12:18:14.084root 11241100x80000000000000003905148Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ecea566dafffc5ec2022-01-11 12:18:14.084root 11241100x80000000000000003905149Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69f7d0d15dc4830c2022-01-11 12:18:14.084root 11241100x80000000000000003905150Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef96bfb104036ae22022-01-11 12:18:14.084root 11241100x80000000000000003905151Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e78f368285b96982022-01-11 12:18:14.084root 11241100x80000000000000003905152Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c87fd14db8b0af02022-01-11 12:18:14.084root 11241100x80000000000000003905153Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ccd2c7fc147f37a52022-01-11 12:18:14.084root 11241100x80000000000000003905154Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2131e7b5019989512022-01-11 12:18:14.084root 11241100x80000000000000003905155Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3214e6c3fe1f0b662022-01-11 12:18:14.085root 11241100x80000000000000003905156Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a5d34819a6a50992022-01-11 12:18:14.085root 11241100x80000000000000003905157Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a63a50bf8c90eb3e2022-01-11 12:18:14.085root 11241100x80000000000000003905158Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86351482dc262f4f2022-01-11 12:18:14.085root 11241100x80000000000000003905159Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f874139a088d6242022-01-11 12:18:14.085root 11241100x80000000000000003905160Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1032d4a7591887ee2022-01-11 12:18:14.085root 11241100x80000000000000003905161Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7724bc018a454f372022-01-11 12:18:14.085root 11241100x80000000000000003905162Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ace3a4df4aded9c2022-01-11 12:18:14.085root 11241100x80000000000000003905163Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff21b2dba2cf1c082022-01-11 12:18:14.085root 11241100x80000000000000003905164Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de882cff4e2554282022-01-11 12:18:14.085root 11241100x80000000000000003905165Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.428622f53beb74d72022-01-11 12:18:14.583root 11241100x80000000000000003905166Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4989e3c06d44e312022-01-11 12:18:14.584root 11241100x80000000000000003905167Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.502844f1b12e77b62022-01-11 12:18:14.584root 11241100x80000000000000003905168Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f54bd098f91708e2022-01-11 12:18:14.584root 11241100x80000000000000003905169Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2bf5981f5a87d3902022-01-11 12:18:14.584root 11241100x80000000000000003905170Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0eb1afcb445286582022-01-11 12:18:14.584root 11241100x80000000000000003905171Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c2948cfc2ae72d92022-01-11 12:18:14.584root 11241100x80000000000000003905172Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de9ecff339f822482022-01-11 12:18:14.584root 11241100x80000000000000003905173Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ebef1d65158065092022-01-11 12:18:14.584root 11241100x80000000000000003905174Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0af62da29dcacd32022-01-11 12:18:14.585root 11241100x80000000000000003905175Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa64a2b1d259513e2022-01-11 12:18:14.585root 11241100x80000000000000003905176Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.419b54e22a2db7732022-01-11 12:18:14.585root 11241100x80000000000000003905177Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d68a2cc4b4d67ea2022-01-11 12:18:14.585root 11241100x80000000000000003905178Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cbbd7f86a28cc83e2022-01-11 12:18:14.585root 11241100x80000000000000003905179Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfa81a88bd1123c22022-01-11 12:18:14.585root 11241100x80000000000000003905180Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1932ec870ce22b682022-01-11 12:18:14.586root 11241100x80000000000000003905181Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8fccb51a2e2b5f02022-01-11 12:18:14.586root 11241100x80000000000000003905182Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1311838db885cef72022-01-11 12:18:14.586root 11241100x80000000000000003905183Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82c2bc9338a2023d2022-01-11 12:18:14.586root 11241100x80000000000000003905184Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17456603ca0398162022-01-11 12:18:14.586root 11241100x80000000000000003905185Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7d004f9a811e5672022-01-11 12:18:14.586root 11241100x80000000000000003905186Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ed0d27868e1d1cd2022-01-11 12:18:15.083root 11241100x80000000000000003905187Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d51805da12c8db192022-01-11 12:18:15.083root 11241100x80000000000000003905188Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d19da11a3a0c91d92022-01-11 12:18:15.084root 11241100x80000000000000003905189Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2665702c4f6207e2022-01-11 12:18:15.084root 11241100x80000000000000003905190Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f21afb6a13d77f552022-01-11 12:18:15.084root 11241100x80000000000000003905191Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26059849a26d94552022-01-11 12:18:15.084root 11241100x80000000000000003905192Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2967717e5b8fa4692022-01-11 12:18:15.084root 11241100x80000000000000003905193Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81a206ce7d56caf02022-01-11 12:18:15.084root 11241100x80000000000000003905194Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5435607b76b796222022-01-11 12:18:15.085root 11241100x80000000000000003905195Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.723357837404bfe92022-01-11 12:18:15.085root 11241100x80000000000000003905196Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.87022b2350dde9f72022-01-11 12:18:15.085root 11241100x80000000000000003905197Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e84e3c308122f222022-01-11 12:18:15.085root 11241100x80000000000000003905198Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec973ac4a098453f2022-01-11 12:18:15.085root 11241100x80000000000000003905199Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67511fc5482d8a302022-01-11 12:18:15.085root 11241100x80000000000000003905200Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.618c81a29f95fca62022-01-11 12:18:15.085root 11241100x80000000000000003905201Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3854105a9d05a6832022-01-11 12:18:15.086root 11241100x80000000000000003905202Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d5fd76e25494de92022-01-11 12:18:15.086root 11241100x80000000000000003905203Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.308ce157ccd16ffe2022-01-11 12:18:15.086root 11241100x80000000000000003905204Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c55133381cd7efe22022-01-11 12:18:15.086root 11241100x80000000000000003905205Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c32500df0c7ff9612022-01-11 12:18:15.086root 11241100x80000000000000003905206Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b1ccca0cc3c502e2022-01-11 12:18:15.086root 11241100x80000000000000003905207Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0fc0ef6069f456372022-01-11 12:18:15.086root 11241100x80000000000000003905208Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5747448953249082022-01-11 12:18:15.087root 11241100x80000000000000003905209Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.94e56ce905ae5bf52022-01-11 12:18:15.583root 11241100x80000000000000003905210Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0318f4d284de66732022-01-11 12:18:15.583root 11241100x80000000000000003905211Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.628da2336a7c048f2022-01-11 12:18:15.584root 11241100x80000000000000003905212Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff35e59f70cbd2b32022-01-11 12:18:15.584root 11241100x80000000000000003905213Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fef9b18162101e032022-01-11 12:18:15.584root 11241100x80000000000000003905214Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe0d714ca32a56d12022-01-11 12:18:15.584root 11241100x80000000000000003905215Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ec4b9e55bea42cd2022-01-11 12:18:15.584root 11241100x80000000000000003905216Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7487717a8a2f08162022-01-11 12:18:15.584root 11241100x80000000000000003905217Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cee34716cb9f17652022-01-11 12:18:15.584root 11241100x80000000000000003905218Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.75d7e5e50058c9b42022-01-11 12:18:15.585root 11241100x80000000000000003905219Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b42f2a5e2fff9deb2022-01-11 12:18:15.585root 11241100x80000000000000003905220Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cff163492543de412022-01-11 12:18:15.585root 11241100x80000000000000003905221Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4cef4442fcf782322022-01-11 12:18:15.585root 11241100x80000000000000003905222Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8ea3a149371630b2022-01-11 12:18:15.585root 11241100x80000000000000003905223Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ba17266e2f19ce12022-01-11 12:18:15.586root 11241100x80000000000000003905224Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90ce93d205e5e6022022-01-11 12:18:15.586root 11241100x80000000000000003905225Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e7798e29dad70f02022-01-11 12:18:15.586root 11241100x80000000000000003905226Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca6bd775a304557e2022-01-11 12:18:15.586root 11241100x80000000000000003905227Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee0b9febea5a91192022-01-11 12:18:15.586root 11241100x80000000000000003905228Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38a800f0475c75582022-01-11 12:18:15.587root 11241100x80000000000000003905229Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a22ebc61a63565b2022-01-11 12:18:15.587root 11241100x80000000000000003905230Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38d781f4541a8abf2022-01-11 12:18:15.587root 11241100x80000000000000003905231Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4eb5c331195504a2022-01-11 12:18:15.587root 11241100x80000000000000003905232Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e73a182357c4699f2022-01-11 12:18:15.587root 11241100x80000000000000003905233Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e25d6bc697a972f2022-01-11 12:18:15.588root 11241100x80000000000000003905234Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f65602d48039cd522022-01-11 12:18:15.588root 11241100x80000000000000003905235Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0953fc60f18bc4b52022-01-11 12:18:16.083root 11241100x80000000000000003905236Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3de2308a781360b52022-01-11 12:18:16.084root 11241100x80000000000000003905237Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.892f6116c22d6afe2022-01-11 12:18:16.084root 11241100x80000000000000003905238Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.468ed33b938741802022-01-11 12:18:16.084root 11241100x80000000000000003905239Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.797376e189d3c49f2022-01-11 12:18:16.084root 11241100x80000000000000003905240Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.60d1e8565fe01dda2022-01-11 12:18:16.084root 11241100x80000000000000003905241Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c3819507db4f60bd2022-01-11 12:18:16.084root 11241100x80000000000000003905242Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69b5f3695493c96a2022-01-11 12:18:16.084root 11241100x80000000000000003905243Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7baab67090297fb22022-01-11 12:18:16.084root 11241100x80000000000000003905244Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55ada4eccbd91fb72022-01-11 12:18:16.085root 11241100x80000000000000003905245Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9583e0e8729e9b3b2022-01-11 12:18:16.085root 11241100x80000000000000003905246Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee40879208eaa19e2022-01-11 12:18:16.085root 11241100x80000000000000003905247Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1dc7268ff8b626e2022-01-11 12:18:16.085root 11241100x80000000000000003905248Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56ee7774b554a4ce2022-01-11 12:18:16.085root 11241100x80000000000000003905249Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a63b38078f147122022-01-11 12:18:16.085root 11241100x80000000000000003905250Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79048545c42461482022-01-11 12:18:16.085root 11241100x80000000000000003905251Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9dd0f3798e2897c2022-01-11 12:18:16.086root 11241100x80000000000000003905252Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae61d43fa4bc2ade2022-01-11 12:18:16.086root 11241100x80000000000000003905253Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9db350e2602bff2c2022-01-11 12:18:16.086root 11241100x80000000000000003905254Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bde055a8ba65103e2022-01-11 12:18:16.086root 11241100x80000000000000003905255Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32c8d4597269ad272022-01-11 12:18:16.086root 11241100x80000000000000003905256Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c75178e0506a7fd2022-01-11 12:18:16.584root 11241100x80000000000000003905257Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.71198a2f0027c0b72022-01-11 12:18:16.584root 11241100x80000000000000003905258Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.24f7a5a958fbbd052022-01-11 12:18:16.584root 11241100x80000000000000003905259Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.567f4cbc3c0011d92022-01-11 12:18:16.584root 11241100x80000000000000003905260Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2675caa15570ddbd2022-01-11 12:18:16.584root 11241100x80000000000000003905261Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a8487b49342bd1e2022-01-11 12:18:16.584root 11241100x80000000000000003905262Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65abf10cf7be81f92022-01-11 12:18:16.584root 11241100x80000000000000003905263Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.07b9a2c1b93e31182022-01-11 12:18:16.584root 11241100x80000000000000003905264Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbefca617ca5f5e82022-01-11 12:18:16.585root 11241100x80000000000000003905265Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.255a655f6e1b71c92022-01-11 12:18:16.585root 11241100x80000000000000003905266Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19a4a4b9fbc3824e2022-01-11 12:18:16.585root 11241100x80000000000000003905267Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81ad6ef1bb172ec62022-01-11 12:18:16.585root 11241100x80000000000000003905268Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f38bb873037127a2022-01-11 12:18:16.585root 11241100x80000000000000003905269Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23eee873dac43c842022-01-11 12:18:16.585root 11241100x80000000000000003905270Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2da5e62d72856622022-01-11 12:18:16.585root 11241100x80000000000000003905271Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46d09b4fd3b3c7b62022-01-11 12:18:16.585root 11241100x80000000000000003905272Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49d3b3eeb0068eb62022-01-11 12:18:16.585root 11241100x80000000000000003905273Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d26521df2de5076e2022-01-11 12:18:16.585root 11241100x80000000000000003905274Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e5064ef31a69dbd2022-01-11 12:18:16.585root 11241100x80000000000000003905275Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.64210dda16932eca2022-01-11 12:18:16.585root 11241100x80000000000000003905276Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.815feeed986a3b272022-01-11 12:18:16.585root 11241100x80000000000000003905277Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1dbf2eb30266be672022-01-11 12:18:17.083root 11241100x80000000000000003905278Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd741f381bfd5dcc2022-01-11 12:18:17.083root 11241100x80000000000000003905279Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6a119e564cb722c2022-01-11 12:18:17.083root 11241100x80000000000000003905280Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19ef2cb9a9fcec5c2022-01-11 12:18:17.083root 11241100x80000000000000003905281Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23a5bc20253ba15d2022-01-11 12:18:17.084root 11241100x80000000000000003905282Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e672be93f2f2ee442022-01-11 12:18:17.084root 11241100x80000000000000003905283Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91b93cc97046a6bf2022-01-11 12:18:17.084root 11241100x80000000000000003905284Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7a6f3a84fb679f92022-01-11 12:18:17.084root 11241100x80000000000000003905285Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dfd2be0ff59d9ccf2022-01-11 12:18:17.084root 11241100x80000000000000003905286Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.461ab386e2ee91062022-01-11 12:18:17.084root 11241100x80000000000000003905287Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f346d496ea361f72022-01-11 12:18:17.084root 11241100x80000000000000003905288Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3fd2f25102cb3cb52022-01-11 12:18:17.084root 11241100x80000000000000003905289Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d6d7699386c9da22022-01-11 12:18:17.085root 11241100x80000000000000003905290Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa87dc2c572fa1fb2022-01-11 12:18:17.085root 11241100x80000000000000003905291Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b93c31cc82c57b972022-01-11 12:18:17.085root 11241100x80000000000000003905292Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4aafb2a68147b5712022-01-11 12:18:17.085root 11241100x80000000000000003905293Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.14c2382d4a60d8bc2022-01-11 12:18:17.085root 11241100x80000000000000003905294Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9303c40a31501f8a2022-01-11 12:18:17.085root 11241100x80000000000000003905295Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f754e5e4cd7574c22022-01-11 12:18:17.085root 11241100x80000000000000003905296Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f73e1c658765c272022-01-11 12:18:17.085root 11241100x80000000000000003905297Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b8bfa9517831fe872022-01-11 12:18:17.086root 11241100x80000000000000003905298Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac49560362fc142c2022-01-11 12:18:17.086root 11241100x80000000000000003905299Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.784b13ca20af89f52022-01-11 12:18:17.086root 11241100x80000000000000003905300Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4d0e6a0f2331be162022-01-11 12:18:17.583root 11241100x80000000000000003905301Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0726d6fe3979d78f2022-01-11 12:18:17.583root 11241100x80000000000000003905302Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d21b8d0e46fe4222022-01-11 12:18:17.583root 11241100x80000000000000003905303Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81927349fb3019e82022-01-11 12:18:17.583root 11241100x80000000000000003905304Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ecd8faf2da24823c2022-01-11 12:18:17.584root 11241100x80000000000000003905305Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f9c3b3816bc80772022-01-11 12:18:17.584root 11241100x80000000000000003905306Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.401ffb34a87563cc2022-01-11 12:18:17.584root 11241100x80000000000000003905307Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9a2b488294f912c2022-01-11 12:18:17.584root 11241100x80000000000000003905308Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e23529894159804a2022-01-11 12:18:17.584root 11241100x80000000000000003905309Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.510b9b5c33e8654b2022-01-11 12:18:17.584root 11241100x80000000000000003905310Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6aeb6b538fd720d2022-01-11 12:18:17.584root 11241100x80000000000000003905311Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8cda26723683ac862022-01-11 12:18:17.584root 11241100x80000000000000003905312Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f618536ed03b5d62022-01-11 12:18:17.584root 11241100x80000000000000003905313Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff72861cd1b5cddd2022-01-11 12:18:17.584root 11241100x80000000000000003905314Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bfb543e82bd5654d2022-01-11 12:18:17.584root 11241100x80000000000000003905315Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.546323c4a00db0102022-01-11 12:18:17.585root 11241100x80000000000000003905316Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab21e4953c3da6632022-01-11 12:18:17.585root 11241100x80000000000000003905317Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a4a04ba7509a5402022-01-11 12:18:17.585root 11241100x80000000000000003905318Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca10804cda576a8f2022-01-11 12:18:17.585root 11241100x80000000000000003905319Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.353e60e7762f7dd42022-01-11 12:18:17.585root 11241100x80000000000000003905320Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae49e586973bbc8e2022-01-11 12:18:17.585root 11241100x80000000000000003905321Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1e33eeabf2fe23a2022-01-11 12:18:17.585root 11241100x80000000000000003905322Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e429fdda14ae43b2022-01-11 12:18:17.585root 11241100x80000000000000003905323Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4a8e3ff410ba30c2022-01-11 12:18:18.083root 11241100x80000000000000003905324Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86d0eb44ec3d883f2022-01-11 12:18:18.083root 11241100x80000000000000003905325Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3341be3c21bde2262022-01-11 12:18:18.083root 11241100x80000000000000003905326Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e9a60a98ce3d9e02022-01-11 12:18:18.083root 11241100x80000000000000003905327Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8743c8f9edaec85e2022-01-11 12:18:18.083root 11241100x80000000000000003905328Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6b933146a445b272022-01-11 12:18:18.083root 11241100x80000000000000003905329Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e49dc60276eec3d12022-01-11 12:18:18.084root 11241100x80000000000000003905330Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73496d8580a933f72022-01-11 12:18:18.084root 11241100x80000000000000003905331Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd20c90ed4ecda812022-01-11 12:18:18.084root 11241100x80000000000000003905332Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.422cb834293282a42022-01-11 12:18:18.084root 11241100x80000000000000003905333Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7c8c7d16c937d892022-01-11 12:18:18.084root 11241100x80000000000000003905334Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32ce12b031d74a442022-01-11 12:18:18.084root 11241100x80000000000000003905335Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2cf4fd1b24de30d12022-01-11 12:18:18.084root 11241100x80000000000000003905336Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3cc37bc54ba45e92022-01-11 12:18:18.084root 11241100x80000000000000003905337Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4c800fe6065722a2022-01-11 12:18:18.084root 11241100x80000000000000003905338Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4de62d3ba2e532d92022-01-11 12:18:18.084root 11241100x80000000000000003905339Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2251428cfd3860d82022-01-11 12:18:18.084root 11241100x80000000000000003905340Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0f8cf752c69b8832022-01-11 12:18:18.084root 11241100x80000000000000003905341Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2332dea9f03f4ab62022-01-11 12:18:18.084root 11241100x80000000000000003905342Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3055d66f8e1cd2192022-01-11 12:18:18.085root 11241100x80000000000000003905343Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c90d1474fb376a0e2022-01-11 12:18:18.085root 11241100x80000000000000003905344Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d644d4c30d602ba2022-01-11 12:18:18.085root 11241100x80000000000000003905345Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c05ef83066c7d6982022-01-11 12:18:18.583root 11241100x80000000000000003905346Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61abb639042328942022-01-11 12:18:18.583root 11241100x80000000000000003905347Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74ac547663d213952022-01-11 12:18:18.583root 11241100x80000000000000003905348Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a821bceeb17bb04a2022-01-11 12:18:18.583root 11241100x80000000000000003905349Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4622a10b4e1fe7fd2022-01-11 12:18:18.583root 11241100x80000000000000003905350Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.27b48d4159a33f1f2022-01-11 12:18:18.584root 11241100x80000000000000003905351Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.913e974b815d7dae2022-01-11 12:18:18.584root 11241100x80000000000000003905352Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.24e291b6b75947b72022-01-11 12:18:18.584root 11241100x80000000000000003905353Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.304aef772a8a0a142022-01-11 12:18:18.584root 11241100x80000000000000003905354Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12f630a0e7b22cf72022-01-11 12:18:18.584root 11241100x80000000000000003905355Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e3c20d2d624983e2022-01-11 12:18:18.584root 11241100x80000000000000003905356Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a23ab5f7359417fd2022-01-11 12:18:18.584root 11241100x80000000000000003905357Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.131c241e50a2dbc72022-01-11 12:18:18.585root 11241100x80000000000000003905358Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ecb8be6323c9bf92022-01-11 12:18:18.585root 11241100x80000000000000003905359Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f738a1698c8f8662022-01-11 12:18:18.585root 11241100x80000000000000003905360Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3715c6ff9cac149f2022-01-11 12:18:18.585root 11241100x80000000000000003905361Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.98caf47011431d882022-01-11 12:18:18.585root 11241100x80000000000000003905362Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbde4f7cdeb4ab732022-01-11 12:18:18.585root 11241100x80000000000000003905363Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cdde67f73ff0c2c02022-01-11 12:18:18.585root 11241100x80000000000000003905364Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.24587993d6e83acc2022-01-11 12:18:18.586root 11241100x80000000000000003905365Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b4937e18c8958232022-01-11 12:18:18.586root 11241100x80000000000000003905366Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c3f64d5b57c94d12022-01-11 12:18:18.586root 11241100x80000000000000003905367Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.150da9f0cae2c1692022-01-11 12:18:18.586root 354300x80000000000000003905368Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.072{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56242-false10.0.1.12-8000- 11241100x80000000000000003905369Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.073{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e49aeb16e391cac22022-01-11 12:18:19.073root 11241100x80000000000000003905370Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.073{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a074df7d889cdee2022-01-11 12:18:19.073root 11241100x80000000000000003905371Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.074{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.916c2b287c93ce462022-01-11 12:18:19.074root 11241100x80000000000000003905372Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.074{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.345b79e0250671f12022-01-11 12:18:19.074root 11241100x80000000000000003905373Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.074{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ecb99c88d162d282022-01-11 12:18:19.074root 11241100x80000000000000003905374Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.074{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c89b4ca74f16e832022-01-11 12:18:19.074root 11241100x80000000000000003905375Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.074{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96697f8f8425159f2022-01-11 12:18:19.074root 11241100x80000000000000003905376Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.074{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83435e2083de3e852022-01-11 12:18:19.074root 11241100x80000000000000003905377Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.074{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f30c3246e5c555ba2022-01-11 12:18:19.074root 11241100x80000000000000003905378Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.075{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19aec5597ce9fe8b2022-01-11 12:18:19.075root 11241100x80000000000000003905379Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.075{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.98e30793947c56bc2022-01-11 12:18:19.075root 11241100x80000000000000003905380Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.075{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0abbc3a7041ffc442022-01-11 12:18:19.075root 11241100x80000000000000003905381Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.075{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.545cfed003d992412022-01-11 12:18:19.075root 11241100x80000000000000003905382Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.075{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97f02e516543497d2022-01-11 12:18:19.075root 11241100x80000000000000003905383Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.075{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d96951641e3daa52022-01-11 12:18:19.075root 11241100x80000000000000003905384Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.075{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7675876dd27ce94a2022-01-11 12:18:19.075root 11241100x80000000000000003905385Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.075{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6e5c1b37baf61972022-01-11 12:18:19.075root 11241100x80000000000000003905386Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.075{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7549e08617a296b2022-01-11 12:18:19.075root 11241100x80000000000000003905387Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.076{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82cfc0b399bf90462022-01-11 12:18:19.076root 11241100x80000000000000003905388Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.076{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51577c444de9b4f82022-01-11 12:18:19.076root 11241100x80000000000000003905389Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.076{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c7d3ab6d3070ae32022-01-11 12:18:19.076root 11241100x80000000000000003905390Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.076{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6898aa24c6b279722022-01-11 12:18:19.076root 11241100x80000000000000003905391Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.076{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0fea6f8563a42cd2022-01-11 12:18:19.076root 11241100x80000000000000003905392Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.076{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5aa92c2aba18fb8a2022-01-11 12:18:19.076root 11241100x80000000000000003905393Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.026f5d63fb68a99b2022-01-11 12:18:19.334root 11241100x80000000000000003905394Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2e1777ef5f7c2be2022-01-11 12:18:19.334root 11241100x80000000000000003905395Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed5d0382f767a6bf2022-01-11 12:18:19.334root 11241100x80000000000000003905396Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3557b713cb3c0732022-01-11 12:18:19.334root 11241100x80000000000000003905397Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.481f8d403aa082c42022-01-11 12:18:19.334root 11241100x80000000000000003905398Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16418b71f97b73152022-01-11 12:18:19.334root 11241100x80000000000000003905399Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c76244b58dd02bdf2022-01-11 12:18:19.334root 11241100x80000000000000003905400Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c84aa3e71149c852022-01-11 12:18:19.334root 11241100x80000000000000003905401Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2b96752bf68a1192022-01-11 12:18:19.335root 11241100x80000000000000003905402Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d34bcaed730d79182022-01-11 12:18:19.335root 11241100x80000000000000003905403Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1a9afdfa237938f2022-01-11 12:18:19.335root 11241100x80000000000000003905404Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0815df3c0db002662022-01-11 12:18:19.335root 11241100x80000000000000003905405Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95a6dfd2f3d7337f2022-01-11 12:18:19.335root 11241100x80000000000000003905406Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9fbe4753e573ccc2022-01-11 12:18:19.335root 11241100x80000000000000003905407Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8de5f90f68ff4a202022-01-11 12:18:19.336root 11241100x80000000000000003905408Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dffb5c3aa04617ad2022-01-11 12:18:19.336root 11241100x80000000000000003905409Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.208266d7830129f12022-01-11 12:18:19.336root 11241100x80000000000000003905410Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.721a04ee2ed4a4f92022-01-11 12:18:19.336root 11241100x80000000000000003905411Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5b0dc3f9c0f8da82022-01-11 12:18:19.336root 11241100x80000000000000003905412Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff3d80d6019f7fff2022-01-11 12:18:19.336root 11241100x80000000000000003905413Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d97cdcc35d0680a22022-01-11 12:18:19.336root 11241100x80000000000000003905414Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9645c796523e63952022-01-11 12:18:19.337root 11241100x80000000000000003905415Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20b533b545c4649e2022-01-11 12:18:19.833root 11241100x80000000000000003905416Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b561afa849a701c62022-01-11 12:18:19.833root 11241100x80000000000000003905417Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4285cd12aa8a3162022-01-11 12:18:19.834root 11241100x80000000000000003905418Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5406ad14806e5eb2022-01-11 12:18:19.834root 11241100x80000000000000003905419Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9bb8302c5ca8cc4d2022-01-11 12:18:19.834root 11241100x80000000000000003905420Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5799371a8d0cae22022-01-11 12:18:19.834root 11241100x80000000000000003905421Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7852ad98359ccd582022-01-11 12:18:19.834root 11241100x80000000000000003905422Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2c103123233a23b2022-01-11 12:18:19.834root 11241100x80000000000000003905423Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f55a409ab2edf3c2022-01-11 12:18:19.834root 11241100x80000000000000003905424Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc895d1ab6e6efcf2022-01-11 12:18:19.834root 11241100x80000000000000003905425Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20818f3c6791bc542022-01-11 12:18:19.834root 11241100x80000000000000003905426Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93e9e7d467ad16832022-01-11 12:18:19.834root 11241100x80000000000000003905427Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3cd33d2b5f91ef502022-01-11 12:18:19.834root 11241100x80000000000000003905428Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.985a4b7082c42c812022-01-11 12:18:19.835root 11241100x80000000000000003905429Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b8c5bee10028df92022-01-11 12:18:19.835root 11241100x80000000000000003905430Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f38e52f507796f02022-01-11 12:18:19.835root 11241100x80000000000000003905431Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.418bba584a02d2d22022-01-11 12:18:19.835root 11241100x80000000000000003905432Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d233b80b40d03b412022-01-11 12:18:19.835root 11241100x80000000000000003905433Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.140956d58066306a2022-01-11 12:18:19.835root 11241100x80000000000000003905434Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3e1202e36ac78c32022-01-11 12:18:19.835root 11241100x80000000000000003905435Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4582525ab8c372ab2022-01-11 12:18:19.835root 11241100x80000000000000003905436Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54c2be5fab19c81d2022-01-11 12:18:19.835root 11241100x80000000000000003905437Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7179100cae116b42022-01-11 12:18:20.334root 11241100x80000000000000003905438Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce1a3ffec6df6b3e2022-01-11 12:18:20.334root 11241100x80000000000000003905439Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dbf75a27cc2000012022-01-11 12:18:20.334root 11241100x80000000000000003905440Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4d85ed72934f23dc2022-01-11 12:18:20.335root 11241100x80000000000000003905441Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c6ee3005abf59d92022-01-11 12:18:20.335root 11241100x80000000000000003905442Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93849956d3627e112022-01-11 12:18:20.335root 11241100x80000000000000003905443Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80814fc821ca1aa12022-01-11 12:18:20.336root 11241100x80000000000000003905444Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51f03a8efe1d502e2022-01-11 12:18:20.336root 11241100x80000000000000003905445Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d77cff7e59c9c5602022-01-11 12:18:20.336root 11241100x80000000000000003905446Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d0f6f72af97f33f92022-01-11 12:18:20.336root 11241100x80000000000000003905447Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5361f48b0d997c52022-01-11 12:18:20.336root 11241100x80000000000000003905448Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af3486fdf24bc5792022-01-11 12:18:20.336root 11241100x80000000000000003905449Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4eb90e672ad5c00e2022-01-11 12:18:20.337root 11241100x80000000000000003905450Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de1142b8ff7d23822022-01-11 12:18:20.337root 11241100x80000000000000003905451Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c4d001415b1d8fb2022-01-11 12:18:20.337root 11241100x80000000000000003905452Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26abb756d76b73d32022-01-11 12:18:20.337root 11241100x80000000000000003905453Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.799681dfd9ba10922022-01-11 12:18:20.337root 11241100x80000000000000003905454Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eea14e0ed14e662f2022-01-11 12:18:20.337root 11241100x80000000000000003905455Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.27090cf98975393b2022-01-11 12:18:20.337root 11241100x80000000000000003905456Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5200d7ca192023b2022-01-11 12:18:20.337root 11241100x80000000000000003905457Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb9cd968578574fd2022-01-11 12:18:20.337root 11241100x80000000000000003905458Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f1dd147d75b4a5a2022-01-11 12:18:20.337root 11241100x80000000000000003905459Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0fa6e05abcca86f2022-01-11 12:18:20.833root 11241100x80000000000000003905460Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.adca8f7aa43925732022-01-11 12:18:20.833root 11241100x80000000000000003905461Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9a861e70220f7742022-01-11 12:18:20.834root 11241100x80000000000000003905462Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4577bac74641104a2022-01-11 12:18:20.834root 11241100x80000000000000003905463Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.882b583df35997142022-01-11 12:18:20.834root 11241100x80000000000000003905464Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8906698ad8b36e232022-01-11 12:18:20.834root 11241100x80000000000000003905465Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77d331464bdbb4362022-01-11 12:18:20.834root 11241100x80000000000000003905466Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4180b0fc2fde63362022-01-11 12:18:20.834root 11241100x80000000000000003905467Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0624e2f1cf0702bc2022-01-11 12:18:20.834root 11241100x80000000000000003905468Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.428a66a2ecdd91112022-01-11 12:18:20.834root 11241100x80000000000000003905469Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08397c6c3633d4552022-01-11 12:18:20.834root 11241100x80000000000000003905470Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6e4d1ee7172b1cc2022-01-11 12:18:20.834root 11241100x80000000000000003905471Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97850ccdbecfc15b2022-01-11 12:18:20.835root 11241100x80000000000000003905472Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3f981ffa8d1d8ae2022-01-11 12:18:20.835root 11241100x80000000000000003905473Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f34aa75b560c1892022-01-11 12:18:20.835root 11241100x80000000000000003905474Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9df1e571af42d7cc2022-01-11 12:18:20.835root 11241100x80000000000000003905475Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad61140a8fa75c342022-01-11 12:18:20.835root 11241100x80000000000000003905476Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e070c0f6339644eb2022-01-11 12:18:20.835root 11241100x80000000000000003905477Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49380a45a4d6e0092022-01-11 12:18:20.835root 11241100x80000000000000003905478Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d5f47439411fb332022-01-11 12:18:20.836root 11241100x80000000000000003905479Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83e9ad33c3c039c22022-01-11 12:18:20.836root 11241100x80000000000000003905480Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9de44f2d3a4ff6db2022-01-11 12:18:20.836root 11241100x80000000000000003905481Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a661b7670f7e2352022-01-11 12:18:21.334root 11241100x80000000000000003905482Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.783a3af25bb202de2022-01-11 12:18:21.334root 11241100x80000000000000003905483Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d56aff0a638ba6da2022-01-11 12:18:21.334root 11241100x80000000000000003905484Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ebc00cb6a4f104d2022-01-11 12:18:21.335root 11241100x80000000000000003905485Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b339aa2b7082c1e42022-01-11 12:18:21.335root 11241100x80000000000000003905486Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da85f4adb31fb3ee2022-01-11 12:18:21.335root 11241100x80000000000000003905487Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.28e791d832b0f00e2022-01-11 12:18:21.335root 11241100x80000000000000003905488Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa902af7ead74fdf2022-01-11 12:18:21.335root 11241100x80000000000000003905489Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6de3b03dcebf15e2022-01-11 12:18:21.335root 11241100x80000000000000003905490Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.336873986393e8482022-01-11 12:18:21.336root 11241100x80000000000000003905491Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.060ec81d73f8b5702022-01-11 12:18:21.336root 11241100x80000000000000003905492Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3841fb3a71f702c92022-01-11 12:18:21.336root 11241100x80000000000000003905493Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b09dce4cd4e2db7d2022-01-11 12:18:21.336root 11241100x80000000000000003905494Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97f37424a579536c2022-01-11 12:18:21.336root 11241100x80000000000000003905495Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e7ce147898d15cd2022-01-11 12:18:21.336root 11241100x80000000000000003905496Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4418c6e3264f3bd82022-01-11 12:18:21.336root 11241100x80000000000000003905497Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8fa9e6fff57778682022-01-11 12:18:21.336root 11241100x80000000000000003905498Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5f16f1e7c51357e2022-01-11 12:18:21.336root 11241100x80000000000000003905499Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e22970ce7ba457202022-01-11 12:18:21.336root 11241100x80000000000000003905500Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84e8fd94768165152022-01-11 12:18:21.336root 11241100x80000000000000003905501Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2958f7b3fc09ed102022-01-11 12:18:21.338root 11241100x80000000000000003905502Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91a5c21330a56f922022-01-11 12:18:21.338root 11241100x80000000000000003905503Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.87d305844c5ab2bc2022-01-11 12:18:21.338root 11241100x80000000000000003905504Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9f96cdff016b8342022-01-11 12:18:21.338root 11241100x80000000000000003905505Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.748209391cca9ca12022-01-11 12:18:21.338root 11241100x80000000000000003905506Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ac0dcc3a03b2f632022-01-11 12:18:21.338root 11241100x80000000000000003905507Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42ef9729fd365a462022-01-11 12:18:21.338root 11241100x80000000000000003905508Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e917bddeed623972022-01-11 12:18:21.338root 11241100x80000000000000003905509Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae8d0571813255ae2022-01-11 12:18:21.833root 11241100x80000000000000003905510Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51a68ee9584f8b062022-01-11 12:18:21.833root 11241100x80000000000000003905511Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dcb1b33809307ab22022-01-11 12:18:21.833root 11241100x80000000000000003905512Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f31aa733828cd9c2022-01-11 12:18:21.834root 11241100x80000000000000003905513Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9dd24c684346fadd2022-01-11 12:18:21.834root 11241100x80000000000000003905514Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.24145395096c72332022-01-11 12:18:21.834root 11241100x80000000000000003905515Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2685c7ebbc580ee22022-01-11 12:18:21.834root 11241100x80000000000000003905516Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9321e6af89739f5a2022-01-11 12:18:21.835root 11241100x80000000000000003905517Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c21fb5fdd3932472022-01-11 12:18:21.835root 11241100x80000000000000003905518Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d645e5ca2f228fe2022-01-11 12:18:21.835root 11241100x80000000000000003905519Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d381b4ac6749f122022-01-11 12:18:21.835root 11241100x80000000000000003905520Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.425d7f282f0f621d2022-01-11 12:18:21.835root 11241100x80000000000000003905521Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a407bbcf141e4bf2022-01-11 12:18:21.835root 11241100x80000000000000003905522Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee6848283a84b80c2022-01-11 12:18:21.835root 11241100x80000000000000003905523Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec85b2f5399b2c682022-01-11 12:18:21.836root 11241100x80000000000000003905524Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e5ee0a63af145c772022-01-11 12:18:21.836root 11241100x80000000000000003905525Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dff62161e45a7a5a2022-01-11 12:18:21.836root 11241100x80000000000000003905526Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bbaa659cf1ea119a2022-01-11 12:18:21.836root 11241100x80000000000000003905527Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ff160bcb7db8e5a2022-01-11 12:18:21.836root 11241100x80000000000000003905528Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.71af8071f95192402022-01-11 12:18:21.836root 11241100x80000000000000003905529Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.edad98082775c37a2022-01-11 12:18:21.836root 11241100x80000000000000003905530Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e160c4d20bf4d822022-01-11 12:18:21.836root 11241100x80000000000000003905531Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d19e0c031a30f5202022-01-11 12:18:22.334root 11241100x80000000000000003905532Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.567aabb1d531ad312022-01-11 12:18:22.334root 11241100x80000000000000003905533Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0752fc4d541b8f102022-01-11 12:18:22.334root 11241100x80000000000000003905534Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.068380276e2cf8df2022-01-11 12:18:22.334root 11241100x80000000000000003905535Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b12353528198dbe2022-01-11 12:18:22.334root 11241100x80000000000000003905536Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de40c2c9a064a70c2022-01-11 12:18:22.334root 11241100x80000000000000003905537Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11009e2f174f3d652022-01-11 12:18:22.335root 11241100x80000000000000003905538Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f5315f86f9d54e0c2022-01-11 12:18:22.335root 11241100x80000000000000003905539Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1471195ba8a1435d2022-01-11 12:18:22.335root 11241100x80000000000000003905540Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc4cbcf43874ba1e2022-01-11 12:18:22.335root 11241100x80000000000000003905541Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b8db050790caf042022-01-11 12:18:22.335root 11241100x80000000000000003905542Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a732162ea1de9452022-01-11 12:18:22.335root 11241100x80000000000000003905543Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4ad347214d6937d2022-01-11 12:18:22.335root 11241100x80000000000000003905544Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5fd4cc26c1a302b22022-01-11 12:18:22.335root 11241100x80000000000000003905545Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4a65b240c1e2e692022-01-11 12:18:22.335root 11241100x80000000000000003905546Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01be0f05d16f73ae2022-01-11 12:18:22.336root 11241100x80000000000000003905547Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ebdfc51fae862922022-01-11 12:18:22.336root 11241100x80000000000000003905548Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a9695613ff4cc632022-01-11 12:18:22.336root 11241100x80000000000000003905549Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.868e10feae7ad59e2022-01-11 12:18:22.336root 11241100x80000000000000003905550Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd502305974eb8182022-01-11 12:18:22.336root 11241100x80000000000000003905551Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cab70e1539cfea7e2022-01-11 12:18:22.336root 11241100x80000000000000003905552Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.611abbf4ada3f28b2022-01-11 12:18:22.336root 11241100x80000000000000003905553Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7593f0e41ddbc28f2022-01-11 12:18:22.834root 11241100x80000000000000003905554Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b9c999ad7c4d58b2022-01-11 12:18:22.834root 11241100x80000000000000003905555Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db0b2b4fef9f4acc2022-01-11 12:18:22.834root 11241100x80000000000000003905556Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ee4e6923f2e709d2022-01-11 12:18:22.834root 11241100x80000000000000003905557Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9004aa3809f796a2022-01-11 12:18:22.835root 11241100x80000000000000003905558Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.547e2372105fa7ed2022-01-11 12:18:22.835root 11241100x80000000000000003905559Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d9950bc46a89d122022-01-11 12:18:22.835root 11241100x80000000000000003905560Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.58f94d790cf4b53c2022-01-11 12:18:22.835root 11241100x80000000000000003905561Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7eefdb81f2a51b82022-01-11 12:18:22.835root 11241100x80000000000000003905562Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b07b472a394f5fc2022-01-11 12:18:22.835root 11241100x80000000000000003905563Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d35b1975c8cbe4052022-01-11 12:18:22.836root 11241100x80000000000000003905564Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e5f27e7d52b37742022-01-11 12:18:22.836root 11241100x80000000000000003905565Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.964dd91d44da6b3c2022-01-11 12:18:22.836root 11241100x80000000000000003905566Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8ada7ef82dcbacd2022-01-11 12:18:22.836root 11241100x80000000000000003905567Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e06409f780af9bb42022-01-11 12:18:22.836root 11241100x80000000000000003905568Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1975662694172fd2022-01-11 12:18:22.836root 11241100x80000000000000003905569Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f70807e4def22892022-01-11 12:18:22.836root 11241100x80000000000000003905570Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79914326d01a012c2022-01-11 12:18:22.836root 11241100x80000000000000003905571Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1185d04b870309162022-01-11 12:18:22.836root 11241100x80000000000000003905572Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02e7c0753b1abc642022-01-11 12:18:22.836root 11241100x80000000000000003905573Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac71d993c15153372022-01-11 12:18:22.837root 11241100x80000000000000003905574Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.106c28c2071292422022-01-11 12:18:22.837root 11241100x80000000000000003905575Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e8283a2296e0e6d2022-01-11 12:18:23.334root 11241100x80000000000000003905576Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5542b1a0b23fbf682022-01-11 12:18:23.334root 11241100x80000000000000003905577Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7cedd20cd5f41872022-01-11 12:18:23.334root 11241100x80000000000000003905578Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.865bc3b7f9e8ab3b2022-01-11 12:18:23.334root 11241100x80000000000000003905579Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41d5d7d9a36b7e032022-01-11 12:18:23.334root 11241100x80000000000000003905580Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.797cbca21c732f9a2022-01-11 12:18:23.334root 11241100x80000000000000003905581Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f3ff66700d9a1cd62022-01-11 12:18:23.334root 11241100x80000000000000003905582Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3820eb98fc3bab592022-01-11 12:18:23.334root 11241100x80000000000000003905583Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d62f0f309ecf4952022-01-11 12:18:23.335root 11241100x80000000000000003905584Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f77727d13b9a25a2022-01-11 12:18:23.335root 11241100x80000000000000003905585Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa9093bb0db933ef2022-01-11 12:18:23.335root 11241100x80000000000000003905586Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95cdfc6bf31afec32022-01-11 12:18:23.335root 11241100x80000000000000003905587Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62c532c7dc06f5902022-01-11 12:18:23.335root 11241100x80000000000000003905588Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc436b64b7882d392022-01-11 12:18:23.335root 11241100x80000000000000003905589Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9074841f6619f1a32022-01-11 12:18:23.335root 11241100x80000000000000003905590Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f3b8459e8532c70a2022-01-11 12:18:23.335root 11241100x80000000000000003905591Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a171c952fbd271412022-01-11 12:18:23.335root 11241100x80000000000000003905592Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a73c09a80d84edf82022-01-11 12:18:23.335root 11241100x80000000000000003905593Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1e807bc8a6eea4fd2022-01-11 12:18:23.335root 11241100x80000000000000003905594Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5347ff6b492151d2022-01-11 12:18:23.336root 11241100x80000000000000003905595Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2cc1dcc849356b442022-01-11 12:18:23.336root 11241100x80000000000000003905596Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad6e2dd38603dff62022-01-11 12:18:23.336root 11241100x80000000000000003905597Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ea93e652e0ea6b12022-01-11 12:18:23.834root 11241100x80000000000000003905598Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be7da126f466870b2022-01-11 12:18:23.834root 11241100x80000000000000003905599Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0957041508beee8a2022-01-11 12:18:23.834root 11241100x80000000000000003905600Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5dd296f87c7cce482022-01-11 12:18:23.834root 11241100x80000000000000003905601Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.932c3e5e5dbde9d32022-01-11 12:18:23.834root 11241100x80000000000000003905602Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bca9f17b388b75ad2022-01-11 12:18:23.834root 11241100x80000000000000003905603Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.565bd77e0427fdef2022-01-11 12:18:23.834root 11241100x80000000000000003905604Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6cfceca97ed9d0852022-01-11 12:18:23.834root 11241100x80000000000000003905605Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d7e17741b19d5882022-01-11 12:18:23.834root 11241100x80000000000000003905606Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d90924cf8df27d0a2022-01-11 12:18:23.835root 11241100x80000000000000003905607Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.60e9ad55eca4b0e02022-01-11 12:18:23.835root 11241100x80000000000000003905608Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9459d48f6d26aa62022-01-11 12:18:23.835root 11241100x80000000000000003905609Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fb32556fd46e0a82022-01-11 12:18:23.835root 11241100x80000000000000003905610Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89922e5378e003812022-01-11 12:18:23.835root 11241100x80000000000000003905611Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ee0db26fceaa6ab2022-01-11 12:18:23.835root 11241100x80000000000000003905612Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06a7ad9ae431807b2022-01-11 12:18:23.836root 11241100x80000000000000003905613Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c47de9f8603c2ee2022-01-11 12:18:23.836root 11241100x80000000000000003905614Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0df0eccc382a1162022-01-11 12:18:23.836root 11241100x80000000000000003905615Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.530be859107b16bb2022-01-11 12:18:23.836root 11241100x80000000000000003905616Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c307154400538282022-01-11 12:18:23.836root 11241100x80000000000000003905617Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db03ed68426cdce52022-01-11 12:18:23.836root 11241100x80000000000000003905618Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66a2c0cbef5ff2352022-01-11 12:18:23.836root 354300x80000000000000003905619Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.191{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56244-false10.0.1.12-8000- 11241100x80000000000000003905620Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.192{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8079d8cdab95c71b2022-01-11 12:18:24.192root 11241100x80000000000000003905621Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.192{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bdf7ce96252cbe462022-01-11 12:18:24.192root 11241100x80000000000000003905622Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.192{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57c5c115224e45762022-01-11 12:18:24.192root 11241100x80000000000000003905623Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.192{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd8b8d9867bf0dd22022-01-11 12:18:24.192root 11241100x80000000000000003905624Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.192{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.343b31df65b5d0d82022-01-11 12:18:24.192root 11241100x80000000000000003905625Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.192{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8852aaf6047b9cb2022-01-11 12:18:24.192root 11241100x80000000000000003905626Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.192{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4299cacd812756452022-01-11 12:18:24.192root 11241100x80000000000000003905627Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.193{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48e87b6b57274bff2022-01-11 12:18:24.193root 11241100x80000000000000003905628Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.193{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e583f1f31fb5419b2022-01-11 12:18:24.193root 11241100x80000000000000003905629Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.193{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10a9c04b544216462022-01-11 12:18:24.193root 11241100x80000000000000003905630Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.193{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7942eb9bc9acfe662022-01-11 12:18:24.193root 11241100x80000000000000003905631Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.193{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f09603c6f8d619f2022-01-11 12:18:24.193root 11241100x80000000000000003905632Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.193{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d96a15814763039e2022-01-11 12:18:24.193root 11241100x80000000000000003905633Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.194{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.218284bae2ba98352022-01-11 12:18:24.194root 11241100x80000000000000003905634Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.194{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d108bc5a84782e162022-01-11 12:18:24.194root 11241100x80000000000000003905635Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.194{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb041059c7365a0b2022-01-11 12:18:24.194root 11241100x80000000000000003905636Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.194{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11c4436833a966ad2022-01-11 12:18:24.194root 11241100x80000000000000003905637Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.194{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee3d17fb5724b3452022-01-11 12:18:24.194root 11241100x80000000000000003905638Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.194{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5bcfb8728521601f2022-01-11 12:18:24.194root 11241100x80000000000000003905639Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.194{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15f08f0df958bf4f2022-01-11 12:18:24.194root 11241100x80000000000000003905640Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.194{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d495bbc718be50d2022-01-11 12:18:24.194root 11241100x80000000000000003905641Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.194{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ebab2ebd85504da2022-01-11 12:18:24.194root 11241100x80000000000000003905642Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.194{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50e2ec596d5914552022-01-11 12:18:24.194root 11241100x80000000000000003905643Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.194{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a80bc15b7bed346b2022-01-11 12:18:24.194root 11241100x80000000000000003905644Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.194{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ac8c347c800f2d12022-01-11 12:18:24.194root 11241100x80000000000000003905645Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.194{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2665f7378572e342022-01-11 12:18:24.194root 11241100x80000000000000003905646Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.195{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d5310d7dd562bb62022-01-11 12:18:24.195root 11241100x80000000000000003905647Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.195{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39300a674b69d10b2022-01-11 12:18:24.195root 11241100x80000000000000003905648Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20821beb1d9a134f2022-01-11 12:18:24.584root 11241100x80000000000000003905649Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d17593e6b5ca57f2022-01-11 12:18:24.584root 11241100x80000000000000003905650Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f4e869f17082cf12022-01-11 12:18:24.584root 11241100x80000000000000003905651Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb75c3bb436f160e2022-01-11 12:18:24.584root 11241100x80000000000000003905652Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d9685fbf4e554de2022-01-11 12:18:24.585root 11241100x80000000000000003905653Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aab92ac2db9004c32022-01-11 12:18:24.585root 11241100x80000000000000003905654Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea13d948c1b1ef852022-01-11 12:18:24.585root 11241100x80000000000000003905655Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8dfff6661ac13c702022-01-11 12:18:24.585root 11241100x80000000000000003905656Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88859e654897e77d2022-01-11 12:18:24.585root 11241100x80000000000000003905657Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f5872d231fb26fec2022-01-11 12:18:24.585root 11241100x80000000000000003905658Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e25866ab03d59c322022-01-11 12:18:24.585root 11241100x80000000000000003905659Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad302540d133a6b62022-01-11 12:18:24.585root 11241100x80000000000000003905660Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a67b6e8247621d8d2022-01-11 12:18:24.585root 11241100x80000000000000003905661Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc517748cb3b10a32022-01-11 12:18:24.585root 11241100x80000000000000003905662Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18f9dc4685043a2b2022-01-11 12:18:24.586root 11241100x80000000000000003905663Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4471a43630c4f7fd2022-01-11 12:18:24.586root 11241100x80000000000000003905664Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b5ba7aa5375c5ee2022-01-11 12:18:24.586root 11241100x80000000000000003905665Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19c95c5aa0ebf8b62022-01-11 12:18:24.586root 11241100x80000000000000003905666Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76940c475db2db9a2022-01-11 12:18:24.586root 11241100x80000000000000003905667Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44b7a09b061373a82022-01-11 12:18:24.586root 11241100x80000000000000003905668Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a02ae427fdee97342022-01-11 12:18:24.586root 11241100x80000000000000003905669Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50ab1d117f5599362022-01-11 12:18:24.586root 11241100x80000000000000003905670Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4cf4f35c68dfefc12022-01-11 12:18:24.586root 11241100x80000000000000003905671Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.896{ec2d504d-f0f9-61db-30a8-2a40f5550000}5391/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log2022-01-11 12:18:24.896root 11241100x80000000000000003905672Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.951c9e169b9a4e8b2022-01-11 12:18:24.897root 11241100x80000000000000003905673Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a91fc48bfdcc12e2022-01-11 12:18:24.897root 11241100x80000000000000003905674Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2bff53d9ee0c7f432022-01-11 12:18:24.897root 11241100x80000000000000003905675Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4af7e72e1dc685862022-01-11 12:18:24.897root 11241100x80000000000000003905676Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f3db165c71168b02022-01-11 12:18:24.897root 11241100x80000000000000003905677Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66e66383da5cbb882022-01-11 12:18:24.897root 11241100x80000000000000003905678Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96a4eb920f634b882022-01-11 12:18:24.897root 11241100x80000000000000003905679Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02c799bd13e6f27f2022-01-11 12:18:24.897root 11241100x80000000000000003905680Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a9739a63cfecc4d2022-01-11 12:18:24.897root 11241100x80000000000000003905681Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d9ce3755823992e2022-01-11 12:18:24.897root 11241100x80000000000000003905682Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80624cde4c24fc6b2022-01-11 12:18:24.897root 11241100x80000000000000003905683Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5aa793b417ba5462022-01-11 12:18:24.897root 11241100x80000000000000003905684Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68640ae69d22f24e2022-01-11 12:18:24.898root 11241100x80000000000000003905685Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.678174b5985d92522022-01-11 12:18:24.898root 11241100x80000000000000003905686Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e05e8c6b520b95e2022-01-11 12:18:24.898root 11241100x80000000000000003905687Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.124160771e224f592022-01-11 12:18:24.898root 11241100x80000000000000003905688Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3698ac043d613f022022-01-11 12:18:24.898root 11241100x80000000000000003905689Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10f40a4a62c31f4f2022-01-11 12:18:24.898root 11241100x80000000000000003905690Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25fede11cc3f52252022-01-11 12:18:24.898root 11241100x80000000000000003905691Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c048ac08d4d8f22a2022-01-11 12:18:24.898root 11241100x80000000000000003905692Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8ec34e7a329d3132022-01-11 12:18:24.898root 11241100x80000000000000003905693Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0f04d47019f184a2022-01-11 12:18:24.898root 11241100x80000000000000003905694Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.899{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e87077afbced6e2a2022-01-11 12:18:24.899root 11241100x80000000000000003905695Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.899{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.198291967294bad42022-01-11 12:18:24.899root 11241100x80000000000000003905696Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.899{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c79e5126ae2b41f2022-01-11 12:18:24.899root 11241100x80000000000000003905697Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.899{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3809cdaf3fe37bdb2022-01-11 12:18:24.899root 11241100x80000000000000003905698Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.899{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f9ab143ea04b741e2022-01-11 12:18:24.899root 354300x80000000000000003905699Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.942{ec2d504d-f0f9-61db-30a8-2a40f5550000}5391/opt/splunkforwarder/bin/splunkdroottcptruefalse10.0.1.25-34178-false10.0.1.12-8089- 11241100x80000000000000003905700Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06eefd92ee2415992022-01-11 12:18:25.333root 11241100x80000000000000003905701Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6abc7403349295d2022-01-11 12:18:25.333root 11241100x80000000000000003905702Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.083a32cfd82aed8d2022-01-11 12:18:25.334root 11241100x80000000000000003905703Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c70366440716eed2022-01-11 12:18:25.334root 11241100x80000000000000003905704Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.492c9e7532d09a8a2022-01-11 12:18:25.334root 11241100x80000000000000003905705Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d5b34c5dd88f7cf2022-01-11 12:18:25.334root 11241100x80000000000000003905706Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25dbf1804fb66bd92022-01-11 12:18:25.334root 11241100x80000000000000003905707Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f79f80cafdb1b1972022-01-11 12:18:25.334root 11241100x80000000000000003905708Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c6b89c04b655ed02022-01-11 12:18:25.335root 11241100x80000000000000003905709Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3714d39a5b03a31d2022-01-11 12:18:25.335root 11241100x80000000000000003905710Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a739b320f2d84742022-01-11 12:18:25.335root 11241100x80000000000000003905711Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4711bc6bacc1d1d02022-01-11 12:18:25.335root 11241100x80000000000000003905712Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.102050e496aa60bd2022-01-11 12:18:25.335root 11241100x80000000000000003905713Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1d6de4b500b4ae02022-01-11 12:18:25.335root 11241100x80000000000000003905714Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.775715bde03c73022022-01-11 12:18:25.335root 11241100x80000000000000003905715Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8a635627e86d8be2022-01-11 12:18:25.335root 11241100x80000000000000003905716Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8440d6352a1b84932022-01-11 12:18:25.336root 11241100x80000000000000003905717Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.381fc4f37d0a31332022-01-11 12:18:25.336root 11241100x80000000000000003905718Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d21f757d3fc52722022-01-11 12:18:25.336root 11241100x80000000000000003905719Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f875c49631cab462022-01-11 12:18:25.336root 11241100x80000000000000003905720Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54c52d38006036062022-01-11 12:18:25.336root 11241100x80000000000000003905721Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc747aba3666d1f32022-01-11 12:18:25.336root 11241100x80000000000000003905722Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4d11844ff1d2e2b2022-01-11 12:18:25.336root 11241100x80000000000000003905723Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b352e63b46f1ce992022-01-11 12:18:25.336root 11241100x80000000000000003905724Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9624e97e5233ff5c2022-01-11 12:18:25.336root 11241100x80000000000000003905725Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00dce7b0678e1de02022-01-11 12:18:25.833root 11241100x80000000000000003905726Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ba1e59c6eb749302022-01-11 12:18:25.833root 11241100x80000000000000003905727Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69eec3015c175e1e2022-01-11 12:18:25.834root 11241100x80000000000000003905728Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1ba66148c46db592022-01-11 12:18:25.834root 11241100x80000000000000003905729Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d86519c2864be7a2022-01-11 12:18:25.834root 11241100x80000000000000003905730Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95cab08581cd42dc2022-01-11 12:18:25.835root 11241100x80000000000000003905731Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc4807412a16da4f2022-01-11 12:18:25.835root 11241100x80000000000000003905732Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ccc690921f5409e2022-01-11 12:18:25.835root 11241100x80000000000000003905733Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2bb982edf32de5e52022-01-11 12:18:25.835root 11241100x80000000000000003905734Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef3819c028c841442022-01-11 12:18:25.835root 11241100x80000000000000003905735Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.94279a79ebd32f9e2022-01-11 12:18:25.835root 11241100x80000000000000003905736Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c01670231d7535bc2022-01-11 12:18:25.835root 11241100x80000000000000003905737Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1c2523498aeb7c92022-01-11 12:18:25.835root 11241100x80000000000000003905738Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.868766cf6a048d262022-01-11 12:18:25.835root 11241100x80000000000000003905739Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb31a68382977ab82022-01-11 12:18:25.835root 11241100x80000000000000003905740Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48e74d67f821816c2022-01-11 12:18:25.836root 11241100x80000000000000003905741Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8834ce60d64cbd332022-01-11 12:18:25.836root 11241100x80000000000000003905742Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.743539803464cf912022-01-11 12:18:25.836root 11241100x80000000000000003905743Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.24b61edc5a89da102022-01-11 12:18:25.836root 11241100x80000000000000003905744Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93656c7304173ccf2022-01-11 12:18:25.836root 11241100x80000000000000003905745Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0defb93938410502022-01-11 12:18:25.836root 11241100x80000000000000003905746Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02f91db09e16e7dd2022-01-11 12:18:25.836root 11241100x80000000000000003905747Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69946a7061c4c4ba2022-01-11 12:18:25.836root 11241100x80000000000000003905748Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0809f834f340df72022-01-11 12:18:25.836root 11241100x80000000000000003905749Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9736d51f986db7bd2022-01-11 12:18:25.836root 11241100x80000000000000003905750Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c5d1cd4ce11bfe22022-01-11 12:18:25.836root 11241100x80000000000000003905751Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36e41e7a72ca763c2022-01-11 12:18:25.836root 11241100x80000000000000003905752Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53f81e942ff9bb5e2022-01-11 12:18:25.836root 11241100x80000000000000003905753Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35429f6dddd4162a2022-01-11 12:18:25.836root 11241100x80000000000000003905754Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2291900edf829f052022-01-11 12:18:26.333root 11241100x80000000000000003905755Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d05b9c5de7afacb2022-01-11 12:18:26.333root 11241100x80000000000000003905756Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7bffc5ae752eb0832022-01-11 12:18:26.333root 11241100x80000000000000003905757Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7fad2184bd337e092022-01-11 12:18:26.334root 11241100x80000000000000003905758Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69e8603a1aae62792022-01-11 12:18:26.334root 11241100x80000000000000003905759Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0892f6a76490d6922022-01-11 12:18:26.334root 11241100x80000000000000003905760Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.023e29be4b289d1d2022-01-11 12:18:26.334root 11241100x80000000000000003905761Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.94150ee1efa8bfeb2022-01-11 12:18:26.334root 11241100x80000000000000003905762Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5dd1c052d56de11e2022-01-11 12:18:26.334root 11241100x80000000000000003905763Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4f499ac7b14b6602022-01-11 12:18:26.334root 11241100x80000000000000003905764Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8437962668d40d822022-01-11 12:18:26.334root 11241100x80000000000000003905765Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.752d23ab111cc6122022-01-11 12:18:26.334root 11241100x80000000000000003905766Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f4b781bdc6adab22022-01-11 12:18:26.334root 11241100x80000000000000003905767Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7cab0f3cd89a4e802022-01-11 12:18:26.334root 11241100x80000000000000003905768Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3147e89a019d7e8d2022-01-11 12:18:26.334root 11241100x80000000000000003905769Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8ef815e3d570cdf2022-01-11 12:18:26.334root 11241100x80000000000000003905770Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b56c6afb332bef82022-01-11 12:18:26.335root 11241100x80000000000000003905771Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f1fac6917a7fdbf2022-01-11 12:18:26.335root 11241100x80000000000000003905772Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b51de4a410c5b3bd2022-01-11 12:18:26.335root 11241100x80000000000000003905773Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b46495b8b7f897e2022-01-11 12:18:26.335root 11241100x80000000000000003905774Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90942a6a9f8ca09f2022-01-11 12:18:26.335root 11241100x80000000000000003905775Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8beee67027c629c2022-01-11 12:18:26.335root 11241100x80000000000000003905776Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe67bb35ba92a78e2022-01-11 12:18:26.335root 11241100x80000000000000003905777Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.31783b150710c0262022-01-11 12:18:26.335root 11241100x80000000000000003905778Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00cd5ddfb5b5f4fe2022-01-11 12:18:26.335root 11241100x80000000000000003905779Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7eaaf0e3367f69f2022-01-11 12:18:26.833root 11241100x80000000000000003905780Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69755f30a5d57fe72022-01-11 12:18:26.833root 11241100x80000000000000003905781Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e359e1c37898ef802022-01-11 12:18:26.833root 11241100x80000000000000003905782Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb73db00b6ba56d62022-01-11 12:18:26.833root 11241100x80000000000000003905783Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef6668db5e4c98fc2022-01-11 12:18:26.834root 11241100x80000000000000003905784Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4571907d332116ef2022-01-11 12:18:26.834root 11241100x80000000000000003905785Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.883c464dc14899c22022-01-11 12:18:26.834root 11241100x80000000000000003905786Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ac601feecaaa6fa2022-01-11 12:18:26.834root 11241100x80000000000000003905787Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2051e6c6c1414fa52022-01-11 12:18:26.834root 11241100x80000000000000003905788Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dac72ed833865f692022-01-11 12:18:26.834root 11241100x80000000000000003905789Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.894a08fefc3e3ec92022-01-11 12:18:26.834root 11241100x80000000000000003905790Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3424241acd59eae72022-01-11 12:18:26.834root 11241100x80000000000000003905791Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.145c02a41e4d1d352022-01-11 12:18:26.834root 11241100x80000000000000003905792Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c572d6ba60933bef2022-01-11 12:18:26.834root 11241100x80000000000000003905793Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18343cdf8f44c91d2022-01-11 12:18:26.835root 11241100x80000000000000003905794Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.975442608737846d2022-01-11 12:18:26.835root 11241100x80000000000000003905795Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.28f5da404ff963152022-01-11 12:18:26.835root 11241100x80000000000000003905796Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac56853785b6d9d22022-01-11 12:18:26.835root 11241100x80000000000000003905797Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.576412e593a88caf2022-01-11 12:18:26.835root 11241100x80000000000000003905798Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fdee9faaf088a20c2022-01-11 12:18:26.835root 11241100x80000000000000003905799Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.981868eabe3721662022-01-11 12:18:26.835root 11241100x80000000000000003905800Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c51982d0c51e97a2022-01-11 12:18:26.835root 11241100x80000000000000003905801Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e81dfaf0a72122aa2022-01-11 12:18:26.835root 11241100x80000000000000003905802Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21e3862d1231cceb2022-01-11 12:18:26.836root 11241100x80000000000000003905803Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef59ffcd710c83d72022-01-11 12:18:26.836root 11241100x80000000000000003905804Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb8265a65cea52ad2022-01-11 12:18:26.836root 11241100x80000000000000003905805Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76d40639233495e62022-01-11 12:18:26.836root 11241100x80000000000000003905806Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f5c4c211773674b92022-01-11 12:18:26.836root 11241100x80000000000000003905807Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.792026432db871912022-01-11 12:18:26.836root 11241100x80000000000000003905808Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce59e5ea57a82d732022-01-11 12:18:26.836root 11241100x80000000000000003905809Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62bf533801cb6ba02022-01-11 12:18:26.836root 11241100x80000000000000003905810Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1939724033ab3d62022-01-11 12:18:26.836root 11241100x80000000000000003905811Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5eef4830d9223c582022-01-11 12:18:26.836root 11241100x80000000000000003905812Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1eb534483dcc64612022-01-11 12:18:26.837root 11241100x80000000000000003905813Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68f357b92a04c3302022-01-11 12:18:26.837root 11241100x80000000000000003905814Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e597d08dd0c097e2022-01-11 12:18:26.837root 11241100x80000000000000003905815Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d139740b78f1d5ed2022-01-11 12:18:26.837root 11241100x80000000000000003905816Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6bb6daae1b4237232022-01-11 12:18:26.837root 11241100x80000000000000003905817Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e657713dc257ad112022-01-11 12:18:26.837root 11241100x80000000000000003905818Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d24a612489135d02022-01-11 12:18:26.837root 11241100x80000000000000003905819Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09da2e59e9d1ff362022-01-11 12:18:26.837root 11241100x80000000000000003905820Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f3c253c399104fd52022-01-11 12:18:26.837root 11241100x80000000000000003905821Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df4ae991852dcfda2022-01-11 12:18:26.837root 11241100x80000000000000003905822Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.14446732d9302a1b2022-01-11 12:18:26.837root 11241100x80000000000000003905823Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e329cde8054ea702022-01-11 12:18:26.837root 11241100x80000000000000003905824Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eda0bf12681a35d42022-01-11 12:18:26.837root 11241100x80000000000000003905825Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.025041f17dd34ba52022-01-11 12:18:26.837root 11241100x80000000000000003905826Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a86da09a8f7d5892022-01-11 12:18:26.837root 11241100x80000000000000003905827Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f7721e6c88ef7aac2022-01-11 12:18:26.837root 11241100x80000000000000003905828Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e476a0c15d389ac92022-01-11 12:18:26.838root 11241100x80000000000000003905829Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7633963dda6206a2022-01-11 12:18:26.838root 11241100x80000000000000003905830Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40f6304746900b252022-01-11 12:18:26.839root 11241100x80000000000000003905831Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e1c0c737a6e73822022-01-11 12:18:26.839root 11241100x80000000000000003905832Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac737741cb4f69522022-01-11 12:18:26.839root 11241100x80000000000000003905833Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.71d728a548eb473d2022-01-11 12:18:26.839root 11241100x80000000000000003905834Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b2eb51908b42b3d2022-01-11 12:18:26.839root 11241100x80000000000000003905835Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a171b2f52a984b22022-01-11 12:18:26.839root 11241100x80000000000000003905836Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6f29700034db86f2022-01-11 12:18:26.840root 11241100x80000000000000003905837Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.841{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18c41e03b961e4512022-01-11 12:18:26.841root 11241100x80000000000000003905838Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.842{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd6f3ca24e0822c72022-01-11 12:18:26.842root 11241100x80000000000000003905839Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.842{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8e7770519f3e8da2022-01-11 12:18:26.842root 11241100x80000000000000003905840Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.842{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.814792c65b01ef982022-01-11 12:18:26.842root 11241100x80000000000000003905841Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.843{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd569a97ebb5b03f2022-01-11 12:18:26.843root 11241100x80000000000000003905842Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.843{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.798b8a08cbe44bb82022-01-11 12:18:26.843root 11241100x80000000000000003905843Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.843{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4bd5f45ea50b091b2022-01-11 12:18:26.843root 11241100x80000000000000003905844Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.843{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8aaa589fd86cdb852022-01-11 12:18:26.843root 11241100x80000000000000003905845Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.843{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.049eb024f93b11dd2022-01-11 12:18:26.843root 11241100x80000000000000003905846Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.843{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.135b0904ba59a75d2022-01-11 12:18:26.843root 11241100x80000000000000003905847Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.843{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d2a82ed8ad2aca62022-01-11 12:18:26.843root 11241100x80000000000000003905848Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.843{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ceba6095d922808e2022-01-11 12:18:26.843root 11241100x80000000000000003905849Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.844{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8e3cbb39e9226d52022-01-11 12:18:26.844root 11241100x80000000000000003905850Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.844{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc421293c3b9e8fc2022-01-11 12:18:26.844root 11241100x80000000000000003905851Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.844{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6236dbfce02151972022-01-11 12:18:26.844root 11241100x80000000000000003905852Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.844{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfd651ed116370bc2022-01-11 12:18:26.844root 11241100x80000000000000003905853Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.844{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7eb9fb14f8fc4f1e2022-01-11 12:18:26.844root 11241100x80000000000000003905854Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.844{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ffaf124913bb806c2022-01-11 12:18:26.844root 11241100x80000000000000003905855Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.844{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a95bb721c054a5b2022-01-11 12:18:26.844root 11241100x80000000000000003905856Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.844{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37ecfe4d2444d85d2022-01-11 12:18:26.844root 11241100x80000000000000003905857Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.844{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b53372d2b9c07ea2022-01-11 12:18:26.844root 11241100x80000000000000003905858Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.844{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4dcf4778f5cdab92022-01-11 12:18:26.844root 11241100x80000000000000003905859Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.844{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a881be9317cf58f82022-01-11 12:18:26.844root 11241100x80000000000000003905860Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.845{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3368e232ed4c91932022-01-11 12:18:26.845root 11241100x80000000000000003905861Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.845{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5954cb33f79a62f22022-01-11 12:18:26.845root 11241100x80000000000000003905862Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.845{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.59e693f6e256a77a2022-01-11 12:18:26.845root 11241100x80000000000000003905863Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.845{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c10e35b73f614ec22022-01-11 12:18:26.845root 11241100x80000000000000003905864Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.845{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c184c1dc0a2960f32022-01-11 12:18:26.845root 11241100x80000000000000003905865Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.845{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.85c4b74e3fb1d9982022-01-11 12:18:26.845root 11241100x80000000000000003905866Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.845{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3610d5378d175592022-01-11 12:18:26.845root 11241100x80000000000000003905867Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.846{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e4e32a0e85306042022-01-11 12:18:26.846root 11241100x80000000000000003905868Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.846{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.453be24aaf7d5e6b2022-01-11 12:18:26.846root 11241100x80000000000000003905869Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.846{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f248072b40adb00f2022-01-11 12:18:26.846root 11241100x80000000000000003905870Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.846{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ce627af12a787a02022-01-11 12:18:26.846root 11241100x80000000000000003905871Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.846{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50591956e988f5c42022-01-11 12:18:26.846root 11241100x80000000000000003905872Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.848{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8f8fc0ba8d09ffe2022-01-11 12:18:26.848root 11241100x80000000000000003905873Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.848{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c62a438bf69627782022-01-11 12:18:26.848root 11241100x80000000000000003905874Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.849{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.442c90812c985a182022-01-11 12:18:26.849root 11241100x80000000000000003905875Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d70f9efc9b4717e52022-01-11 12:18:27.334root 11241100x80000000000000003905876Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a67546b66cb12fa42022-01-11 12:18:27.334root 11241100x80000000000000003905877Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8001c19990d70162022-01-11 12:18:27.334root 11241100x80000000000000003905878Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.228a1cb9f09b3d4c2022-01-11 12:18:27.334root 11241100x80000000000000003905879Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5adf30a8c30b8ad02022-01-11 12:18:27.335root 11241100x80000000000000003905880Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f87442c3557e85b2022-01-11 12:18:27.335root 11241100x80000000000000003905881Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df580367aed655ff2022-01-11 12:18:27.335root 11241100x80000000000000003905882Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21c6ba0839cf32bf2022-01-11 12:18:27.335root 11241100x80000000000000003905883Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12f6f962a222fda12022-01-11 12:18:27.335root 11241100x80000000000000003905884Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ccd11a51a3a5baf2022-01-11 12:18:27.335root 11241100x80000000000000003905885Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f57b729922e27162022-01-11 12:18:27.335root 11241100x80000000000000003905886Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.901afd878ab17d622022-01-11 12:18:27.335root 11241100x80000000000000003905887Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.250164f0b5f18faa2022-01-11 12:18:27.335root 11241100x80000000000000003905888Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a9c952400c0545f2022-01-11 12:18:27.335root 11241100x80000000000000003905889Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ffbe3c6e149fb9d32022-01-11 12:18:27.335root 11241100x80000000000000003905890Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2688a611e8eb1fd2022-01-11 12:18:27.336root 11241100x80000000000000003905891Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.52cd3cbbf76136a72022-01-11 12:18:27.336root 11241100x80000000000000003905892Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ccfb863909a95e672022-01-11 12:18:27.336root 11241100x80000000000000003905893Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3520767a4ded7fb32022-01-11 12:18:27.336root 11241100x80000000000000003905894Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ce4cbc93130f4f82022-01-11 12:18:27.336root 11241100x80000000000000003905895Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47ec62eaaa0cbef52022-01-11 12:18:27.336root 11241100x80000000000000003905896Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62eb51fa7a92289a2022-01-11 12:18:27.336root 11241100x80000000000000003905897Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8eb212b919d9e3632022-01-11 12:18:27.336root 11241100x80000000000000003905898Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26ce7edf1841481f2022-01-11 12:18:27.336root 11241100x80000000000000003905899Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d7d3e97eed696072022-01-11 12:18:27.337root 11241100x80000000000000003905900Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e04dc48da8fdc5b2022-01-11 12:18:27.834root 11241100x80000000000000003905901Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a76a88a74dd61032022-01-11 12:18:27.834root 11241100x80000000000000003905902Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b423e38f37ed1cb2022-01-11 12:18:27.834root 11241100x80000000000000003905903Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.45957968ff02a7e92022-01-11 12:18:27.834root 11241100x80000000000000003905904Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db060179fbc322542022-01-11 12:18:27.834root 11241100x80000000000000003905905Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68c22d82b0e263a12022-01-11 12:18:27.834root 11241100x80000000000000003905906Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.840b518402b0f17f2022-01-11 12:18:27.835root 11241100x80000000000000003905907Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.14a764e489dcbf0e2022-01-11 12:18:27.835root 11241100x80000000000000003905908Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0bf3b5da9168906d2022-01-11 12:18:27.835root 11241100x80000000000000003905909Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7c74518afe95fc92022-01-11 12:18:27.835root 11241100x80000000000000003905910Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d719cf9497f2f0a2022-01-11 12:18:27.835root 11241100x80000000000000003905911Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7129cc92f25c39d22022-01-11 12:18:27.835root 11241100x80000000000000003905912Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4d3c4a211213be22022-01-11 12:18:27.835root 11241100x80000000000000003905913Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e270fc3425afcd512022-01-11 12:18:27.835root 11241100x80000000000000003905914Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34e82bbbd2825f572022-01-11 12:18:27.836root 11241100x80000000000000003905915Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb50090e388e2ef72022-01-11 12:18:27.836root 11241100x80000000000000003905916Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4318390382d641f22022-01-11 12:18:27.836root 11241100x80000000000000003905917Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff88fe7d10555e4c2022-01-11 12:18:27.836root 11241100x80000000000000003905918Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90724972f24b6e192022-01-11 12:18:27.836root 11241100x80000000000000003905919Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34c3f6aaba7e45d62022-01-11 12:18:27.836root 11241100x80000000000000003905920Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84b3f0bbe9c610dc2022-01-11 12:18:27.837root 11241100x80000000000000003905921Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b41245eccc885932022-01-11 12:18:27.837root 11241100x80000000000000003905922Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f74c483fafdcf5b12022-01-11 12:18:27.837root 11241100x80000000000000003905923Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd1d005daf7586fc2022-01-11 12:18:27.837root 11241100x80000000000000003905924Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b66f0a9e80b3878c2022-01-11 12:18:27.837root 23542300x80000000000000003905925Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.897{ec2d504d-f0f9-61db-30a8-2a40f5550000}5391root/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log--- 11241100x80000000000000003905926Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7bd416cb36ca741e2022-01-11 12:18:28.333root 11241100x80000000000000003905927Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.709bcafbd28889ca2022-01-11 12:18:28.333root 11241100x80000000000000003905928Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6eb52c8094b74b4b2022-01-11 12:18:28.334root 11241100x80000000000000003905929Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.654dd760aef6b86b2022-01-11 12:18:28.334root 11241100x80000000000000003905930Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6ad81d92a844f842022-01-11 12:18:28.334root 11241100x80000000000000003905931Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c3707b7282d2c9532022-01-11 12:18:28.334root 11241100x80000000000000003905932Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5fe459477374e04c2022-01-11 12:18:28.334root 11241100x80000000000000003905933Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2ce6231d04de0f22022-01-11 12:18:28.334root 11241100x80000000000000003905934Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a6099b2a6ba9bcc2022-01-11 12:18:28.334root 11241100x80000000000000003905935Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.98cb385c21104a012022-01-11 12:18:28.334root 11241100x80000000000000003905936Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b7f6b6f7e17898b2022-01-11 12:18:28.334root 11241100x80000000000000003905937Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9666e1935d7d40702022-01-11 12:18:28.334root 11241100x80000000000000003905938Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f4015137c0b2f3d62022-01-11 12:18:28.335root 11241100x80000000000000003905939Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37da30d9e829f47b2022-01-11 12:18:28.335root 11241100x80000000000000003905940Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.007f85a95e108d662022-01-11 12:18:28.335root 11241100x80000000000000003905941Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f3f7d5af1fad4d42022-01-11 12:18:28.335root 11241100x80000000000000003905942Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d32c9d2b9d7051a82022-01-11 12:18:28.335root 11241100x80000000000000003905943Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0cb057074976184f2022-01-11 12:18:28.335root 11241100x80000000000000003905944Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65f774814e7de8ba2022-01-11 12:18:28.335root 11241100x80000000000000003905945Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f17ee1c9f07f64f42022-01-11 12:18:28.335root 11241100x80000000000000003905946Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.263eaaf05c5007c12022-01-11 12:18:28.335root 11241100x80000000000000003905947Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ee3b1d4fae594b32022-01-11 12:18:28.335root 11241100x80000000000000003905948Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bfeace78472b51332022-01-11 12:18:28.335root 11241100x80000000000000003905949Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b43f6453cb3d89b62022-01-11 12:18:28.335root 11241100x80000000000000003905950Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5335800d1a7d59672022-01-11 12:18:28.335root 11241100x80000000000000003905951Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95288a0e34ead7ae2022-01-11 12:18:28.335root 11241100x80000000000000003905952Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d662395a03552b642022-01-11 12:18:28.335root 11241100x80000000000000003905953Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.78e5bc66953508d82022-01-11 12:18:28.336root 11241100x80000000000000003905954Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.677871cc3795cf682022-01-11 12:18:28.336root 11241100x80000000000000003905955Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e88c9b67405a565d2022-01-11 12:18:28.336root 11241100x80000000000000003905956Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af8d58820ce545712022-01-11 12:18:28.336root 11241100x80000000000000003905957Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.450338cfd3e024d02022-01-11 12:18:28.336root 11241100x80000000000000003905958Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.281d62e2fd6b24462022-01-11 12:18:28.336root 11241100x80000000000000003905959Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.873a9bf01de82c3a2022-01-11 12:18:28.834root 11241100x80000000000000003905960Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aeabbb384218c0e22022-01-11 12:18:28.834root 11241100x80000000000000003905961Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c3e74c9fa2fdcff2022-01-11 12:18:28.834root 11241100x80000000000000003905962Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ee81397991332e52022-01-11 12:18:28.834root 11241100x80000000000000003905963Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb714f0122b0cc662022-01-11 12:18:28.834root 11241100x80000000000000003905964Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.70c38ac4db189a8f2022-01-11 12:18:28.834root 11241100x80000000000000003905965Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23d813a4acb933fd2022-01-11 12:18:28.834root 11241100x80000000000000003905966Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6323056d4b0b6402022-01-11 12:18:28.834root 11241100x80000000000000003905967Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a498db1a69e8d3732022-01-11 12:18:28.834root 11241100x80000000000000003905968Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d908f32ef6b152192022-01-11 12:18:28.834root 11241100x80000000000000003905969Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b159a52514188c32022-01-11 12:18:28.835root 11241100x80000000000000003905970Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5e7c0c96528a7942022-01-11 12:18:28.835root 11241100x80000000000000003905971Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a5dbf836a4cdbff2022-01-11 12:18:28.835root 11241100x80000000000000003905972Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1828c8602ea8bb782022-01-11 12:18:28.835root 11241100x80000000000000003905973Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91a69d79863593292022-01-11 12:18:28.835root 11241100x80000000000000003905974Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0813f95cec8b2d52022-01-11 12:18:28.835root 11241100x80000000000000003905975Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea38b0958def67252022-01-11 12:18:28.835root 11241100x80000000000000003905976Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8aefff029f17027a2022-01-11 12:18:28.835root 11241100x80000000000000003905977Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.327b27c1cab23d4e2022-01-11 12:18:28.835root 11241100x80000000000000003905978Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3cee38e0067829292022-01-11 12:18:28.835root 11241100x80000000000000003905979Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d945f396024e67cc2022-01-11 12:18:28.835root 11241100x80000000000000003905980Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.995514fca6ebce3b2022-01-11 12:18:28.835root 11241100x80000000000000003905981Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d62adde43696c092022-01-11 12:18:28.835root 11241100x80000000000000003905982Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f79c23719cebec72022-01-11 12:18:28.835root 11241100x80000000000000003905983Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20fa9b29ca3373c52022-01-11 12:18:28.836root 11241100x80000000000000003905984Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61838565bb9223da2022-01-11 12:18:28.836root 11241100x80000000000000003905985Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0a1e44cc38b0b8a2022-01-11 12:18:29.334root 11241100x80000000000000003905986Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb73946164e85c8a2022-01-11 12:18:29.334root 11241100x80000000000000003905987Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c8e4d4ed7fcdc4d2022-01-11 12:18:29.334root 11241100x80000000000000003905988Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d29d4ce3bc42175f2022-01-11 12:18:29.334root 11241100x80000000000000003905989Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35ace4179ecdd2ad2022-01-11 12:18:29.335root 11241100x80000000000000003905990Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25fcfc8e878434082022-01-11 12:18:29.335root 11241100x80000000000000003905991Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f11cd3b63fcf0fa2022-01-11 12:18:29.335root 11241100x80000000000000003905992Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4be7632fe317bef72022-01-11 12:18:29.335root 11241100x80000000000000003905993Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bba84ca7d879beca2022-01-11 12:18:29.335root 11241100x80000000000000003905994Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8d044b075fbd8122022-01-11 12:18:29.335root 11241100x80000000000000003905995Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0deeb56d777c78d42022-01-11 12:18:29.335root 11241100x80000000000000003905996Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9a4b1b4915abafb2022-01-11 12:18:29.335root 11241100x80000000000000003905997Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da1734827074dd132022-01-11 12:18:29.335root 11241100x80000000000000003905998Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e25827214d9120b12022-01-11 12:18:29.336root 11241100x80000000000000003905999Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef6e2a0aab81bfd22022-01-11 12:18:29.336root 11241100x80000000000000003906000Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ddcc8a1c6792d8592022-01-11 12:18:29.336root 11241100x80000000000000003906001Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.244925fed9e8d78a2022-01-11 12:18:29.336root 11241100x80000000000000003906002Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.379271f95eb5a07b2022-01-11 12:18:29.336root 11241100x80000000000000003906003Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d009dd07c2d3e6e22022-01-11 12:18:29.336root 11241100x80000000000000003906004Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.45a7030a0863d9df2022-01-11 12:18:29.336root 11241100x80000000000000003906005Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4b47804d1a395462022-01-11 12:18:29.336root 11241100x80000000000000003906006Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f862c087bdd47062022-01-11 12:18:29.336root 11241100x80000000000000003906007Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6529ca465ce6f2a2022-01-11 12:18:29.336root 11241100x80000000000000003906008Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e90043e4eefbeec2022-01-11 12:18:29.337root 11241100x80000000000000003906009Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02b6c229303124fc2022-01-11 12:18:29.337root 11241100x80000000000000003906010Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f3ff1f404e66e162022-01-11 12:18:29.337root 11241100x80000000000000003906011Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd6f0007d547b05e2022-01-11 12:18:29.833root 11241100x80000000000000003906012Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89e3f2fda5f535602022-01-11 12:18:29.834root 11241100x80000000000000003906013Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.424a9676c426e99d2022-01-11 12:18:29.834root 11241100x80000000000000003906014Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b1f96be86ea2a102022-01-11 12:18:29.834root 11241100x80000000000000003906015Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0fdb75fbb0898b5d2022-01-11 12:18:29.834root 11241100x80000000000000003906016Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4008f7c7b7571e162022-01-11 12:18:29.834root 11241100x80000000000000003906017Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d833650e6da706f2022-01-11 12:18:29.834root 11241100x80000000000000003906018Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.143c8f20d2c952072022-01-11 12:18:29.834root 11241100x80000000000000003906019Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2884306f217f40e2022-01-11 12:18:29.834root 11241100x80000000000000003906020Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7562fdb077f93d892022-01-11 12:18:29.834root 11241100x80000000000000003906021Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd14d45c136c078f2022-01-11 12:18:29.835root 11241100x80000000000000003906022Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e596bcb5ab8edb32022-01-11 12:18:29.835root 11241100x80000000000000003906023Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3277f2c8f4b994992022-01-11 12:18:29.835root 11241100x80000000000000003906024Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d20d841dfc5a645f2022-01-11 12:18:29.835root 11241100x80000000000000003906025Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73f99564494f791d2022-01-11 12:18:29.835root 11241100x80000000000000003906026Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0bb74ed1476fc5ec2022-01-11 12:18:29.835root 11241100x80000000000000003906027Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.016e9d3ea3544d662022-01-11 12:18:29.835root 11241100x80000000000000003906028Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ac076daed7a7b9e2022-01-11 12:18:29.835root 11241100x80000000000000003906029Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ed0b0e8d3874f1a2022-01-11 12:18:29.835root 11241100x80000000000000003906030Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5cd43a4d8fc6b4b62022-01-11 12:18:29.835root 11241100x80000000000000003906031Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.420efa0da4ff722a2022-01-11 12:18:29.835root 11241100x80000000000000003906032Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c24ad63afedef6352022-01-11 12:18:29.835root 11241100x80000000000000003906033Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e2a3a5a094838ea2022-01-11 12:18:29.835root 11241100x80000000000000003906034Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aea5a3e2efaeca752022-01-11 12:18:29.835root 11241100x80000000000000003906035Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.456e4bcf92d81d9e2022-01-11 12:18:29.836root 11241100x80000000000000003906036Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88c685ab2375d3a12022-01-11 12:18:29.836root 11241100x80000000000000003906037Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89ad57a4397be19c2022-01-11 12:18:29.836root 11241100x80000000000000003906038Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:29.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.776f9562c0527c4d2022-01-11 12:18:29.836root 354300x80000000000000003906039Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.059{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56248-false10.0.1.12-8000- 11241100x80000000000000003906040Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79950a8a9e5669852022-01-11 12:18:30.334root 11241100x80000000000000003906041Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e0ad5fd4dbd185c2022-01-11 12:18:30.334root 11241100x80000000000000003906042Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.782e4e0b4bc8b3532022-01-11 12:18:30.334root 11241100x80000000000000003906043Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0f3bfed296c83be2022-01-11 12:18:30.334root 11241100x80000000000000003906044Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96519ca5b0d72bb22022-01-11 12:18:30.334root 11241100x80000000000000003906045Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b43b7693a2db5e6d2022-01-11 12:18:30.334root 11241100x80000000000000003906046Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49cadad2bb18f2722022-01-11 12:18:30.334root 11241100x80000000000000003906047Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ff911b124b9ea7d2022-01-11 12:18:30.335root 11241100x80000000000000003906048Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25a464ac47c50b4d2022-01-11 12:18:30.335root 11241100x80000000000000003906049Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8bcacd1189fb3d742022-01-11 12:18:30.335root 11241100x80000000000000003906050Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.03394624adcf15a82022-01-11 12:18:30.335root 11241100x80000000000000003906051Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.219a9d6e826655712022-01-11 12:18:30.335root 11241100x80000000000000003906052Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0aa8bb954b61e862022-01-11 12:18:30.335root 11241100x80000000000000003906053Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d231af2030ba4e9b2022-01-11 12:18:30.335root 11241100x80000000000000003906054Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca7f57a747e76bcc2022-01-11 12:18:30.335root 11241100x80000000000000003906055Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1075b15e65cc15d52022-01-11 12:18:30.335root 11241100x80000000000000003906056Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e72671f474cb55a2022-01-11 12:18:30.335root 11241100x80000000000000003906057Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6cfa9ab4b3e4f4f32022-01-11 12:18:30.335root 11241100x80000000000000003906058Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.290f890349629e432022-01-11 12:18:30.335root 11241100x80000000000000003906059Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.78b1c367ff023b6b2022-01-11 12:18:30.335root 11241100x80000000000000003906060Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d969773430e034f92022-01-11 12:18:30.335root 11241100x80000000000000003906061Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f236c2da35518782022-01-11 12:18:30.335root 11241100x80000000000000003906062Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f39e6de6d9a046ba2022-01-11 12:18:30.336root 11241100x80000000000000003906063Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ec8c9b14df352d32022-01-11 12:18:30.336root 11241100x80000000000000003906064Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81b5b8b925efa6f52022-01-11 12:18:30.336root 11241100x80000000000000003906065Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63f59a06468e6ac62022-01-11 12:18:30.336root 11241100x80000000000000003906066Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b893e33da9a04f422022-01-11 12:18:30.336root 11241100x80000000000000003906067Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2a9d5d9034eeaaa2022-01-11 12:18:30.833root 11241100x80000000000000003906068Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be5f11613e5ffc762022-01-11 12:18:30.834root 11241100x80000000000000003906069Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8fb0d10b719089db2022-01-11 12:18:30.834root 11241100x80000000000000003906070Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6aa07353070551f52022-01-11 12:18:30.834root 11241100x80000000000000003906071Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c4661c9a8e2178192022-01-11 12:18:30.834root 11241100x80000000000000003906072Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33c6fe4915d64fbb2022-01-11 12:18:30.834root 11241100x80000000000000003906073Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73a6e30dc564cdbf2022-01-11 12:18:30.834root 11241100x80000000000000003906074Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2f68258386b38462022-01-11 12:18:30.835root 11241100x80000000000000003906075Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bcdea479ca33d1382022-01-11 12:18:30.835root 11241100x80000000000000003906076Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73e136134707cacf2022-01-11 12:18:30.835root 11241100x80000000000000003906077Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e662d27a33bf2e62022-01-11 12:18:30.835root 11241100x80000000000000003906078Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8706ce3287c8bd7c2022-01-11 12:18:30.835root 11241100x80000000000000003906079Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.921f09eb984e72a12022-01-11 12:18:30.836root 11241100x80000000000000003906080Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aeafcd998128d0c82022-01-11 12:18:30.836root 11241100x80000000000000003906081Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00e1ab237dced9662022-01-11 12:18:30.836root 11241100x80000000000000003906082Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21aaef3fc623d13f2022-01-11 12:18:30.836root 11241100x80000000000000003906083Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.941778e7a98031ee2022-01-11 12:18:30.836root 11241100x80000000000000003906084Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc1ff243cbd66b0d2022-01-11 12:18:30.836root 11241100x80000000000000003906085Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5eac7607c30693e12022-01-11 12:18:30.836root 11241100x80000000000000003906086Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b0f948a3ea6d0392022-01-11 12:18:30.836root 11241100x80000000000000003906087Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.afceae38354c82872022-01-11 12:18:30.837root 11241100x80000000000000003906088Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa03f21897ca89922022-01-11 12:18:30.837root 11241100x80000000000000003906089Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.984b243e425960312022-01-11 12:18:30.837root 11241100x80000000000000003906090Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79696b8d266188862022-01-11 12:18:30.837root 11241100x80000000000000003906091Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63a68143304d749e2022-01-11 12:18:30.837root 11241100x80000000000000003906092Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a214ae6b5b2cc032022-01-11 12:18:30.837root 11241100x80000000000000003906093Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8b33a9ff29e43b82022-01-11 12:18:30.837root 11241100x80000000000000003906094Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:30.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67d8870747b49e782022-01-11 12:18:30.837root 11241100x80000000000000003906095Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88caa173b9379bbd2022-01-11 12:18:31.333root 11241100x80000000000000003906096Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91ff61ada1a65fcf2022-01-11 12:18:31.333root 11241100x80000000000000003906097Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce9cd9430dd282932022-01-11 12:18:31.333root 11241100x80000000000000003906098Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.157973c06a212e842022-01-11 12:18:31.333root 11241100x80000000000000003906099Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1eacf535993aa43d2022-01-11 12:18:31.334root 11241100x80000000000000003906100Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf82e6709c80afd32022-01-11 12:18:31.334root 11241100x80000000000000003906101Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e716ed0a28d94412022-01-11 12:18:31.334root 11241100x80000000000000003906102Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a7ca6f90a338bcc2022-01-11 12:18:31.334root 11241100x80000000000000003906103Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6ee1b70d6b4a1fe2022-01-11 12:18:31.334root 11241100x80000000000000003906104Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b0450bf8e6dc3242022-01-11 12:18:31.335root 11241100x80000000000000003906105Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a43aefd27838f002022-01-11 12:18:31.335root 11241100x80000000000000003906106Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4285eabf2ac85e0c2022-01-11 12:18:31.335root 11241100x80000000000000003906107Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91afbef40845fd7a2022-01-11 12:18:31.335root 11241100x80000000000000003906108Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bddf1e5d3fe8524d2022-01-11 12:18:31.335root 11241100x80000000000000003906109Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff6cea0751f14a862022-01-11 12:18:31.335root 11241100x80000000000000003906110Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2bae0537d315656a2022-01-11 12:18:31.335root 11241100x80000000000000003906111Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d7c7549b1942a3a2022-01-11 12:18:31.336root 11241100x80000000000000003906112Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b13bebe6c78517b32022-01-11 12:18:31.336root 11241100x80000000000000003906113Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25684fb18ed0077d2022-01-11 12:18:31.336root 11241100x80000000000000003906114Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb5a29382dedba132022-01-11 12:18:31.336root 11241100x80000000000000003906115Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.861fd73c571320932022-01-11 12:18:31.336root 11241100x80000000000000003906116Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b8ae934ef3c796442022-01-11 12:18:31.336root 11241100x80000000000000003906117Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f884113cdac50362022-01-11 12:18:31.336root 11241100x80000000000000003906118Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.543d45f6a2cafd412022-01-11 12:18:31.336root 11241100x80000000000000003906119Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ccbcfb028e21fff62022-01-11 12:18:31.336root 11241100x80000000000000003906120Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.347037ebfd57dc8b2022-01-11 12:18:31.336root 11241100x80000000000000003906121Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bdf77906a15883112022-01-11 12:18:31.336root 11241100x80000000000000003906122Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ce15085537be0e32022-01-11 12:18:31.337root 11241100x80000000000000003906123Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7a2440acc00da4f2022-01-11 12:18:31.337root 11241100x80000000000000003906124Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3acb7c0ec7b2747f2022-01-11 12:18:31.337root 11241100x80000000000000003906125Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.edadfee20da6ab182022-01-11 12:18:31.337root 11241100x80000000000000003906126Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ae97ca4d828b02f2022-01-11 12:18:31.337root 11241100x80000000000000003906127Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f3d8442a1e7b951e2022-01-11 12:18:31.337root 11241100x80000000000000003906128Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c3ee17923644b3f72022-01-11 12:18:31.833root 11241100x80000000000000003906129Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6d73e19e6f9ffff2022-01-11 12:18:31.834root 11241100x80000000000000003906130Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21a49bebd1c5cc4f2022-01-11 12:18:31.834root 11241100x80000000000000003906131Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aeb3803fd9b2c1832022-01-11 12:18:31.834root 11241100x80000000000000003906132Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95b91a8af442e9612022-01-11 12:18:31.834root 11241100x80000000000000003906133Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.897f5a72600c70cf2022-01-11 12:18:31.834root 11241100x80000000000000003906134Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6beed2d294ef89212022-01-11 12:18:31.834root 11241100x80000000000000003906135Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4aa5e0c20c80d3e2022-01-11 12:18:31.834root 11241100x80000000000000003906136Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fb20a8e44bb77cc2022-01-11 12:18:31.834root 11241100x80000000000000003906137Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.03192ca3df3b9e732022-01-11 12:18:31.835root 11241100x80000000000000003906138Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.661a7b4159e2912f2022-01-11 12:18:31.835root 11241100x80000000000000003906139Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb0e82fa6c8060212022-01-11 12:18:31.835root 11241100x80000000000000003906140Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.828938596a211f332022-01-11 12:18:31.835root 11241100x80000000000000003906141Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.774b10a359909a0c2022-01-11 12:18:31.835root 11241100x80000000000000003906142Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8ce51a9e2ee4eed2022-01-11 12:18:31.835root 11241100x80000000000000003906143Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8d37d4b998393122022-01-11 12:18:31.835root 11241100x80000000000000003906144Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a622a94e5d998852022-01-11 12:18:31.836root 11241100x80000000000000003906145Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8923d6aee2c4f892022-01-11 12:18:31.836root 11241100x80000000000000003906146Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f7961216a14e4f922022-01-11 12:18:31.836root 11241100x80000000000000003906147Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.603b9b71780b1eb92022-01-11 12:18:31.836root 11241100x80000000000000003906148Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d9198b862682bff2022-01-11 12:18:31.836root 11241100x80000000000000003906149Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e8281d47ebb07e72022-01-11 12:18:31.836root 11241100x80000000000000003906150Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26486785467a63842022-01-11 12:18:31.836root 11241100x80000000000000003906151Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.603c39422ce23a082022-01-11 12:18:31.836root 11241100x80000000000000003906152Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7868c47a2241206f2022-01-11 12:18:31.836root 11241100x80000000000000003906153Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.471e54ba4cfec3642022-01-11 12:18:31.836root 11241100x80000000000000003906154Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c512fd77350315062022-01-11 12:18:31.837root 11241100x80000000000000003906155Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3ffae84aa0ef41f2022-01-11 12:18:31.837root 11241100x80000000000000003906156Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:31.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de2809325f45104a2022-01-11 12:18:31.837root 11241100x80000000000000003906157Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c5cf5ddbe1b45af2022-01-11 12:18:32.333root 11241100x80000000000000003906158Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0637ad4ba71ba9b72022-01-11 12:18:32.333root 11241100x80000000000000003906159Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d4f96f00f6492e52022-01-11 12:18:32.334root 11241100x80000000000000003906160Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.037f6cbca187e5ae2022-01-11 12:18:32.334root 11241100x80000000000000003906161Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3efa72151c0a2c052022-01-11 12:18:32.334root 11241100x80000000000000003906162Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5840b5cb0658dea2022-01-11 12:18:32.334root 11241100x80000000000000003906163Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a822e2003680e8a72022-01-11 12:18:32.334root 11241100x80000000000000003906164Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8823908cf2a9532f2022-01-11 12:18:32.334root 11241100x80000000000000003906165Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8094bc57d343fbe52022-01-11 12:18:32.334root 11241100x80000000000000003906166Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2487304e954bbb22022-01-11 12:18:32.334root 11241100x80000000000000003906167Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9196325ee3b250072022-01-11 12:18:32.334root 11241100x80000000000000003906168Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca53cb6d1f012a9b2022-01-11 12:18:32.334root 11241100x80000000000000003906169Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09c9010f1c6c1fe82022-01-11 12:18:32.335root 11241100x80000000000000003906170Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a11285c90fe7a6ab2022-01-11 12:18:32.335root 11241100x80000000000000003906171Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bef8186d832231192022-01-11 12:18:32.335root 11241100x80000000000000003906172Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc4e770a5fc8a61a2022-01-11 12:18:32.335root 11241100x80000000000000003906173Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a99a156cc7d812e12022-01-11 12:18:32.335root 11241100x80000000000000003906174Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46e35e65885e0a5d2022-01-11 12:18:32.335root 11241100x80000000000000003906175Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa92fdaf4ac9b9e02022-01-11 12:18:32.335root 11241100x80000000000000003906176Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ecaf513404a0c342022-01-11 12:18:32.335root 11241100x80000000000000003906177Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfbed83348634dd32022-01-11 12:18:32.335root 11241100x80000000000000003906178Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63a59186716bc85a2022-01-11 12:18:32.335root 11241100x80000000000000003906179Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc71b971f46411912022-01-11 12:18:32.336root 11241100x80000000000000003906180Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba47a6be137af2492022-01-11 12:18:32.336root 11241100x80000000000000003906181Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f42ade2e6c556cf2022-01-11 12:18:32.336root 11241100x80000000000000003906182Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38e6ff72055fe6272022-01-11 12:18:32.336root 11241100x80000000000000003906183Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c32c5d3020098ac22022-01-11 12:18:32.336root 11241100x80000000000000003906184Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8cf420f1f3974b32022-01-11 12:18:32.336root 11241100x80000000000000003906185Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e90319ca20104df2022-01-11 12:18:32.336root 11241100x80000000000000003906186Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38b20a472589e3222022-01-11 12:18:32.834root 11241100x80000000000000003906187Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.163986f02e8fceae2022-01-11 12:18:32.834root 11241100x80000000000000003906188Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9cb9c42e0cf0fa682022-01-11 12:18:32.834root 11241100x80000000000000003906189Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09c831c2eef325702022-01-11 12:18:32.834root 11241100x80000000000000003906190Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b04e75424d83789a2022-01-11 12:18:32.834root 11241100x80000000000000003906191Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.146f10bad8d755352022-01-11 12:18:32.834root 11241100x80000000000000003906192Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c6d39a97d8be2322022-01-11 12:18:32.834root 11241100x80000000000000003906193Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4dff11716745a422022-01-11 12:18:32.834root 11241100x80000000000000003906194Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7d13b738c9a0fdf2022-01-11 12:18:32.835root 11241100x80000000000000003906195Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae2e02bf4e4591182022-01-11 12:18:32.835root 11241100x80000000000000003906196Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a3a89a63f5810b32022-01-11 12:18:32.835root 11241100x80000000000000003906197Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11aad6b0667404332022-01-11 12:18:32.835root 11241100x80000000000000003906198Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8424fbd382986c32022-01-11 12:18:32.835root 11241100x80000000000000003906199Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38f8e4f9f4e990db2022-01-11 12:18:32.835root 11241100x80000000000000003906200Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6000e676842a0b672022-01-11 12:18:32.835root 11241100x80000000000000003906201Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa75df2b14f3b3712022-01-11 12:18:32.835root 11241100x80000000000000003906202Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e134c9ae40370d762022-01-11 12:18:32.835root 11241100x80000000000000003906203Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90fc1c4b55cf01bc2022-01-11 12:18:32.835root 11241100x80000000000000003906204Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c34572196ada0a22022-01-11 12:18:32.835root 11241100x80000000000000003906205Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dba1932cac3e05b82022-01-11 12:18:32.835root 11241100x80000000000000003906206Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f6cde127a201a5c2022-01-11 12:18:32.835root 11241100x80000000000000003906207Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf30dcc6448e98012022-01-11 12:18:32.835root 11241100x80000000000000003906208Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1c3ae5695a3a2412022-01-11 12:18:32.836root 11241100x80000000000000003906209Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39efca244870125e2022-01-11 12:18:32.836root 11241100x80000000000000003906210Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c3fbda7948496de2022-01-11 12:18:32.836root 11241100x80000000000000003906211Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.061dd0b03cc5b4342022-01-11 12:18:32.836root 11241100x80000000000000003906212Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:32.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d601dfe26629290c2022-01-11 12:18:32.836root 11241100x80000000000000003906213Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0423f1c06028a882022-01-11 12:18:33.334root 11241100x80000000000000003906214Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec2081cfd31a5f452022-01-11 12:18:33.334root 11241100x80000000000000003906215Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.477164628af08e552022-01-11 12:18:33.334root 11241100x80000000000000003906216Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f84f0357479137912022-01-11 12:18:33.335root 11241100x80000000000000003906217Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9998478a3a5d5492022-01-11 12:18:33.335root 11241100x80000000000000003906218Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42dadef63896eada2022-01-11 12:18:33.335root 11241100x80000000000000003906219Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.532ee3cb6b24c87f2022-01-11 12:18:33.335root 11241100x80000000000000003906220Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0cdddd8c2691de672022-01-11 12:18:33.335root 11241100x80000000000000003906221Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce0315f007ec0ab12022-01-11 12:18:33.335root 11241100x80000000000000003906222Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00bdfcd15c5e81cb2022-01-11 12:18:33.335root 11241100x80000000000000003906223Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42521be38d9d789a2022-01-11 12:18:33.335root 11241100x80000000000000003906224Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6fbb48fc5ed87fa72022-01-11 12:18:33.335root 11241100x80000000000000003906225Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.85caaf29ec7aa95e2022-01-11 12:18:33.335root 11241100x80000000000000003906226Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1677d8b86e8ca8852022-01-11 12:18:33.336root 11241100x80000000000000003906227Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.879e5c0ccf72b1ce2022-01-11 12:18:33.336root 11241100x80000000000000003906228Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b09e75221af833462022-01-11 12:18:33.336root 11241100x80000000000000003906229Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8dcd0fc0de75e8422022-01-11 12:18:33.336root 11241100x80000000000000003906230Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.027095a6885179f42022-01-11 12:18:33.336root 11241100x80000000000000003906231Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21ff661897ad98342022-01-11 12:18:33.336root 11241100x80000000000000003906232Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6a1bd8ba3e4e7272022-01-11 12:18:33.336root 11241100x80000000000000003906233Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.099eaa874ff7c9e72022-01-11 12:18:33.336root 11241100x80000000000000003906234Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3c4880539e0d4f02022-01-11 12:18:33.336root 11241100x80000000000000003906235Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef57547bdf178c8a2022-01-11 12:18:33.337root 11241100x80000000000000003906236Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd6cba216a96d8912022-01-11 12:18:33.337root 11241100x80000000000000003906237Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ebbba5ea582f4882022-01-11 12:18:33.337root 11241100x80000000000000003906238Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.338f5085bdf4730a2022-01-11 12:18:33.337root 11241100x80000000000000003906239Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a881ff02f2457012022-01-11 12:18:33.337root 11241100x80000000000000003906240Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6eaef184e372aa8e2022-01-11 12:18:33.833root 11241100x80000000000000003906241Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e2466ad76577b5a2022-01-11 12:18:33.833root 11241100x80000000000000003906242Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f9831b631adeeb4b2022-01-11 12:18:33.833root 11241100x80000000000000003906243Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5fb3e46bac90579e2022-01-11 12:18:33.834root 11241100x80000000000000003906244Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a64b8f6c260b70b2022-01-11 12:18:33.834root 11241100x80000000000000003906245Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10ea5616836d16a32022-01-11 12:18:33.834root 11241100x80000000000000003906246Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.591e99cc528b37292022-01-11 12:18:33.834root 11241100x80000000000000003906247Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f0523ae092be1412022-01-11 12:18:33.834root 11241100x80000000000000003906248Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8fd998432a33ad62022-01-11 12:18:33.834root 11241100x80000000000000003906249Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74fb6cb5339521f92022-01-11 12:18:33.834root 11241100x80000000000000003906250Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34b1ccff58da93722022-01-11 12:18:33.834root 11241100x80000000000000003906251Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7bfc6cc2bd6b34ec2022-01-11 12:18:33.834root 11241100x80000000000000003906252Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c3504ebd1313e9f62022-01-11 12:18:33.835root 11241100x80000000000000003906253Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.07d0ac714687050c2022-01-11 12:18:33.835root 11241100x80000000000000003906254Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fec568db7ec91452022-01-11 12:18:33.835root 11241100x80000000000000003906255Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d176073ce61230082022-01-11 12:18:33.835root 11241100x80000000000000003906256Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.07caf61305fde3bf2022-01-11 12:18:33.835root 11241100x80000000000000003906257Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.737aa484ee6060922022-01-11 12:18:33.836root 11241100x80000000000000003906258Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df63eb1368736c642022-01-11 12:18:33.836root 11241100x80000000000000003906259Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e016f330553c298f2022-01-11 12:18:33.836root 11241100x80000000000000003906260Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5914da79aa73880b2022-01-11 12:18:33.837root 11241100x80000000000000003906261Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af199573a3bc9a0e2022-01-11 12:18:33.837root 11241100x80000000000000003906262Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4735bd05372db2c2022-01-11 12:18:33.838root 11241100x80000000000000003906263Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5bba6060be61cec42022-01-11 12:18:33.838root 11241100x80000000000000003906264Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef0dbe594a0728722022-01-11 12:18:33.838root 11241100x80000000000000003906265Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a2309a39df3224d2022-01-11 12:18:33.838root 11241100x80000000000000003906266Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5408b9a7269f44e22022-01-11 12:18:33.839root 11241100x80000000000000003906267Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a78db385dffdfadd2022-01-11 12:18:33.839root 11241100x80000000000000003906268Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3343c9bb56e0ec4a2022-01-11 12:18:33.839root 11241100x80000000000000003906269Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:33.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23e9010c85cba2d92022-01-11 12:18:33.839root 11241100x80000000000000003906270Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.adfa06f1ed76deca2022-01-11 12:18:34.334root 11241100x80000000000000003906271Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6c675420584bca62022-01-11 12:18:34.334root 11241100x80000000000000003906272Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72ea362bb981422f2022-01-11 12:18:34.334root 11241100x80000000000000003906273Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1d19c982cb80ce12022-01-11 12:18:34.334root 11241100x80000000000000003906274Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2740de6e0c288502022-01-11 12:18:34.335root 11241100x80000000000000003906275Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4ac57bc073614282022-01-11 12:18:34.335root 11241100x80000000000000003906276Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95ce52f77ccc36392022-01-11 12:18:34.335root 11241100x80000000000000003906277Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.545d61bb408a4def2022-01-11 12:18:34.335root 11241100x80000000000000003906278Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43e609c4de20c7a22022-01-11 12:18:34.335root 11241100x80000000000000003906279Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd504578cccfa33f2022-01-11 12:18:34.335root 11241100x80000000000000003906280Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c7fc092298b5b002022-01-11 12:18:34.335root 11241100x80000000000000003906281Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.30f39e6b94cd9bf62022-01-11 12:18:34.335root 11241100x80000000000000003906282Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.058895e295e9e9162022-01-11 12:18:34.335root 11241100x80000000000000003906283Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e99866a34873a122022-01-11 12:18:34.335root 11241100x80000000000000003906284Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.92887ed8fd1fb74b2022-01-11 12:18:34.336root 11241100x80000000000000003906285Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef13517f9d20092d2022-01-11 12:18:34.336root 11241100x80000000000000003906286Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1affab08c9d1b80e2022-01-11 12:18:34.336root 11241100x80000000000000003906287Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8db75057bb29e1242022-01-11 12:18:34.336root 11241100x80000000000000003906288Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db00ec19a408b06c2022-01-11 12:18:34.336root 11241100x80000000000000003906289Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86e647877b9ecbd32022-01-11 12:18:34.336root 11241100x80000000000000003906290Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3184efead7824ed02022-01-11 12:18:34.336root 11241100x80000000000000003906291Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21a5ac7673f3d0412022-01-11 12:18:34.336root 11241100x80000000000000003906292Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bcf644b4471178d72022-01-11 12:18:34.336root 11241100x80000000000000003906293Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3932f96424d873b32022-01-11 12:18:34.336root 11241100x80000000000000003906294Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.975e9796c2ee7dfe2022-01-11 12:18:34.337root 11241100x80000000000000003906295Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b69784c1b35e8322022-01-11 12:18:34.337root 11241100x80000000000000003906296Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fbd0f8505c9a2992022-01-11 12:18:34.337root 11241100x80000000000000003906297Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c2a07136334e05a2022-01-11 12:18:34.833root 11241100x80000000000000003906298Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50f59ce191cae40c2022-01-11 12:18:34.833root 11241100x80000000000000003906299Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d3c2046423d967b2022-01-11 12:18:34.833root 11241100x80000000000000003906300Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7e2d76de9d75b082022-01-11 12:18:34.833root 11241100x80000000000000003906301Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33bebc49066e4ffb2022-01-11 12:18:34.834root 11241100x80000000000000003906302Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e01a5e8a95bfa88d2022-01-11 12:18:34.834root 11241100x80000000000000003906303Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7385f740faf666d2022-01-11 12:18:34.834root 11241100x80000000000000003906304Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67edb2b40bba8b0e2022-01-11 12:18:34.834root 11241100x80000000000000003906305Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c0b5d1e1568194d2022-01-11 12:18:34.834root 11241100x80000000000000003906306Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.45571b09cc4ad7622022-01-11 12:18:34.834root 11241100x80000000000000003906307Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f4fdc1ffe64724372022-01-11 12:18:34.834root 11241100x80000000000000003906308Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3909fb86e9c520f2022-01-11 12:18:34.834root 11241100x80000000000000003906309Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.446dde6ce01d17d02022-01-11 12:18:34.834root 11241100x80000000000000003906310Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a764bb231ce686e2022-01-11 12:18:34.834root 11241100x80000000000000003906311Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74963a32bfafe6012022-01-11 12:18:34.834root 11241100x80000000000000003906312Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82e3d94c3e94f21c2022-01-11 12:18:34.834root 11241100x80000000000000003906313Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5a3d4046a408ba12022-01-11 12:18:34.835root 11241100x80000000000000003906314Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5cc60ad3ee18d0852022-01-11 12:18:34.835root 11241100x80000000000000003906315Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0bffeaea4d412ff02022-01-11 12:18:34.835root 11241100x80000000000000003906316Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cab7d9f387dc929c2022-01-11 12:18:34.835root 11241100x80000000000000003906317Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49d40113c08f37b62022-01-11 12:18:34.835root 11241100x80000000000000003906318Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d45be5626e5d03b12022-01-11 12:18:34.835root 11241100x80000000000000003906319Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f69a7cb72bbcf3b82022-01-11 12:18:34.835root 11241100x80000000000000003906320Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1959af7c705cdc572022-01-11 12:18:34.835root 11241100x80000000000000003906321Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9437c5ba92727b782022-01-11 12:18:34.835root 11241100x80000000000000003906322Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1f124a6c3d7a64c2022-01-11 12:18:34.835root 11241100x80000000000000003906323Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a417a4048cd76e4a2022-01-11 12:18:34.835root 11241100x80000000000000003906324Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0144c91adfc25712022-01-11 12:18:34.835root 11241100x80000000000000003906325Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6fe7217e99f39f7a2022-01-11 12:18:34.835root 11241100x80000000000000003906326Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd5f0946f74a37472022-01-11 12:18:34.836root 11241100x80000000000000003906327Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e5415a1d3d941c152022-01-11 12:18:34.836root 11241100x80000000000000003906328Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee2d54698131c6752022-01-11 12:18:34.836root 11241100x80000000000000003906329Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2abcbed42ccf50902022-01-11 12:18:34.836root 11241100x80000000000000003906330Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ce232c1058bb9412022-01-11 12:18:34.836root 11241100x80000000000000003906331Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.077d0e2d41b0d5c32022-01-11 12:18:34.836root 11241100x80000000000000003906332Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6108f7c8ccc060862022-01-11 12:18:34.836root 11241100x80000000000000003906333Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.578a49b9f3c21d6f2022-01-11 12:18:34.837root 11241100x80000000000000003906334Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5709c6f22c6083082022-01-11 12:18:34.837root 11241100x80000000000000003906335Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7740c029c87557912022-01-11 12:18:34.837root 11241100x80000000000000003906336Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eafcd932be4730a22022-01-11 12:18:34.837root 11241100x80000000000000003906337Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6878eb9ef0a212ac2022-01-11 12:18:34.839root 11241100x80000000000000003906338Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f403a266f9e109f62022-01-11 12:18:34.839root 11241100x80000000000000003906339Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37fa58ecbcf980072022-01-11 12:18:34.839root 11241100x80000000000000003906340Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.578b42e1ac2f17292022-01-11 12:18:34.839root 11241100x80000000000000003906341Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9021e4e79c7fe7602022-01-11 12:18:34.840root 11241100x80000000000000003906342Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1ba5e82e331d0492022-01-11 12:18:34.840root 11241100x80000000000000003906343Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9892c0c5d58855d02022-01-11 12:18:34.840root 11241100x80000000000000003906344Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8c3d83a969c24802022-01-11 12:18:34.840root 11241100x80000000000000003906345Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3275ea0d387885052022-01-11 12:18:34.840root 11241100x80000000000000003906346Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f5b8c29dfc47d612022-01-11 12:18:34.840root 11241100x80000000000000003906347Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.091dedc0ba1d731e2022-01-11 12:18:34.840root 11241100x80000000000000003906348Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.abf8c61d9a1471502022-01-11 12:18:34.840root 11241100x80000000000000003906349Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8761fd7fd757f8222022-01-11 12:18:34.840root 11241100x80000000000000003906350Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c400cd04afb17ec92022-01-11 12:18:34.840root 11241100x80000000000000003906351Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41a76fb3125486eb2022-01-11 12:18:34.840root 11241100x80000000000000003906352Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.841{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a2277bb77d786432022-01-11 12:18:34.841root 11241100x80000000000000003906353Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.841{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4222193fa9fa2d4d2022-01-11 12:18:34.841root 11241100x80000000000000003906354Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.841{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c02600f1aa85be52022-01-11 12:18:34.841root 11241100x80000000000000003906355Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.841{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d9130997811443722022-01-11 12:18:34.841root 11241100x80000000000000003906356Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.841{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f286c30097d13c22022-01-11 12:18:34.841root 11241100x80000000000000003906357Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.841{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b678026398d7be62022-01-11 12:18:34.841root 11241100x80000000000000003906358Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.841{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dcd9711b38cdbbc32022-01-11 12:18:34.841root 11241100x80000000000000003906359Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.841{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6e24f135158d4ff2022-01-11 12:18:34.841root 11241100x80000000000000003906360Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.841{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3edfd805f75ffa322022-01-11 12:18:34.841root 11241100x80000000000000003906361Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.841{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e343ebe47ab4c6e2022-01-11 12:18:34.841root 11241100x80000000000000003906362Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.841{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0ef1bda6f318e852022-01-11 12:18:34.841root 11241100x80000000000000003906363Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.841{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ee36c6699b6da962022-01-11 12:18:34.841root 11241100x80000000000000003906364Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.841{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.277ef7f2e50e26e32022-01-11 12:18:34.841root 11241100x80000000000000003906365Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.841{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0da67555b5d9807a2022-01-11 12:18:34.841root 11241100x80000000000000003906366Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.841{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35abe1cf06d8e8582022-01-11 12:18:34.841root 11241100x80000000000000003906367Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.842{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a61d6eb1e5c79d562022-01-11 12:18:34.842root 11241100x80000000000000003906368Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.842{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e7e89fdaad234532022-01-11 12:18:34.842root 11241100x80000000000000003906369Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.842{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3028a76a8f5bacd2022-01-11 12:18:34.842root 11241100x80000000000000003906370Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.842{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95e7a33189a89f982022-01-11 12:18:34.842root 11241100x80000000000000003906371Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.842{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fcc7f41686c9c5052022-01-11 12:18:34.842root 11241100x80000000000000003906372Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.842{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4041f255b7f642642022-01-11 12:18:34.842root 11241100x80000000000000003906373Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.842{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5bf46a315e6412612022-01-11 12:18:34.842root 11241100x80000000000000003906374Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.842{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90811eba17e8bbb52022-01-11 12:18:34.842root 11241100x80000000000000003906375Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.842{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8837fba68f820bf12022-01-11 12:18:34.842root 11241100x80000000000000003906376Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.842{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f836877763d8f9a2022-01-11 12:18:34.842root 11241100x80000000000000003906377Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:34.842{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4c0f928cd4205fe2022-01-11 12:18:34.842root 354300x80000000000000003906378Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.200{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56250-false10.0.1.12-8000- 11241100x80000000000000003906379Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.200{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.60ab38fb628654d72022-01-11 12:18:35.200root 11241100x80000000000000003906380Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.201{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37646c76279d5a8c2022-01-11 12:18:35.201root 11241100x80000000000000003906381Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.201{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a17048dd74ec364b2022-01-11 12:18:35.201root 11241100x80000000000000003906382Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.201{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1110d99f1d39124c2022-01-11 12:18:35.201root 11241100x80000000000000003906383Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.201{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10ed6d915c0392db2022-01-11 12:18:35.201root 11241100x80000000000000003906384Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.201{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3cc2be01452142752022-01-11 12:18:35.201root 11241100x80000000000000003906385Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.201{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b54556085a60035c2022-01-11 12:18:35.201root 11241100x80000000000000003906386Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.201{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b38a4e640072cae12022-01-11 12:18:35.201root 11241100x80000000000000003906387Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.201{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5695a4978a20dcdb2022-01-11 12:18:35.201root 11241100x80000000000000003906388Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.201{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41664ab9bfc26e832022-01-11 12:18:35.201root 11241100x80000000000000003906389Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.201{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c096acb9f760236e2022-01-11 12:18:35.201root 11241100x80000000000000003906390Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.201{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a5b0003d35d874a2022-01-11 12:18:35.201root 11241100x80000000000000003906391Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.202{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.714591495969d3482022-01-11 12:18:35.202root 11241100x80000000000000003906392Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.202{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d127d3df9396e0862022-01-11 12:18:35.202root 11241100x80000000000000003906393Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.202{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1915cb2700965302022-01-11 12:18:35.202root 11241100x80000000000000003906394Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.202{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.94a2da4d0d1fe2ba2022-01-11 12:18:35.202root 11241100x80000000000000003906395Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.202{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.347e44316e9fa05d2022-01-11 12:18:35.202root 11241100x80000000000000003906396Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.202{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e5493dd232260cf2022-01-11 12:18:35.202root 11241100x80000000000000003906397Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.202{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4935b1980cf19902022-01-11 12:18:35.202root 11241100x80000000000000003906398Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.202{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f96f99e700636e72022-01-11 12:18:35.202root 11241100x80000000000000003906399Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.202{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d0a3e60a343c18702022-01-11 12:18:35.202root 11241100x80000000000000003906400Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.202{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e40db3e53b5dc1da2022-01-11 12:18:35.202root 11241100x80000000000000003906401Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.202{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cac92b6d9e164b672022-01-11 12:18:35.202root 11241100x80000000000000003906402Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.202{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dfc0ae7d5fc424312022-01-11 12:18:35.202root 11241100x80000000000000003906403Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.203{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.30bd43b21c84a6252022-01-11 12:18:35.203root 11241100x80000000000000003906404Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.203{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.94b3a884d537b8de2022-01-11 12:18:35.203root 11241100x80000000000000003906405Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.203{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba18cdf67f0358412022-01-11 12:18:35.203root 11241100x80000000000000003906406Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.203{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26f23f8816091bfd2022-01-11 12:18:35.203root 11241100x80000000000000003906407Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.203{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca5ae0c6152c69ba2022-01-11 12:18:35.203root 11241100x80000000000000003906408Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.203{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f7205a1159fecb42022-01-11 12:18:35.203root 11241100x80000000000000003906409Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.203{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d92b803f8aca5fb2022-01-11 12:18:35.203root 11241100x80000000000000003906410Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.203{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33f234f130385a7d2022-01-11 12:18:35.203root 11241100x80000000000000003906411Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.203{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c28a37c9a9bfe0a2022-01-11 12:18:35.203root 11241100x80000000000000003906412Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.203{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08cee06f401518992022-01-11 12:18:35.203root 11241100x80000000000000003906413Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.203{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b91d59d86897ffb2022-01-11 12:18:35.203root 11241100x80000000000000003906414Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.203{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ab7b415733e1dbf2022-01-11 12:18:35.203root 11241100x80000000000000003906415Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b21fdfb2a5259852022-01-11 12:18:35.583root 11241100x80000000000000003906416Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d573fd340596cdb2022-01-11 12:18:35.583root 11241100x80000000000000003906417Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08b564c8ad56cbdc2022-01-11 12:18:35.583root 11241100x80000000000000003906418Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4726b9403b277ae92022-01-11 12:18:35.583root 11241100x80000000000000003906419Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7da32b758e8f8ed42022-01-11 12:18:35.583root 11241100x80000000000000003906420Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aeb2c1081459cb912022-01-11 12:18:35.583root 11241100x80000000000000003906421Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.134dd611e00056922022-01-11 12:18:35.584root 11241100x80000000000000003906422Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e42d06f284010a232022-01-11 12:18:35.584root 11241100x80000000000000003906423Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.049f7b2729b9dee12022-01-11 12:18:35.584root 11241100x80000000000000003906424Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b824326e55101c52022-01-11 12:18:35.584root 11241100x80000000000000003906425Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f4bcc3a972b6a0c2022-01-11 12:18:35.584root 11241100x80000000000000003906426Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e280ed30bc032992022-01-11 12:18:35.584root 11241100x80000000000000003906427Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57b02fa08163082a2022-01-11 12:18:35.584root 11241100x80000000000000003906428Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9367576a05d06cbf2022-01-11 12:18:35.584root 11241100x80000000000000003906429Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77a9f0413fb472992022-01-11 12:18:35.585root 11241100x80000000000000003906430Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a14e5b2686b2c8e72022-01-11 12:18:35.585root 11241100x80000000000000003906431Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9e620f0d45519f22022-01-11 12:18:35.585root 11241100x80000000000000003906432Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c3ea1eea8801b6092022-01-11 12:18:35.585root 11241100x80000000000000003906433Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44b3ac6441d4cddd2022-01-11 12:18:35.585root 11241100x80000000000000003906434Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0d802bf0d3043302022-01-11 12:18:35.585root 11241100x80000000000000003906435Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35c4a210062141992022-01-11 12:18:35.585root 11241100x80000000000000003906436Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.abc45494a06f869c2022-01-11 12:18:35.585root 11241100x80000000000000003906437Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f64a6fd54946067a2022-01-11 12:18:35.586root 11241100x80000000000000003906438Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a9e230dd273f3cf2022-01-11 12:18:35.586root 11241100x80000000000000003906439Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.838775d425719d3e2022-01-11 12:18:35.586root 11241100x80000000000000003906440Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b8fd5821894e62612022-01-11 12:18:35.586root 11241100x80000000000000003906441Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.99c6b5ae784d3bb12022-01-11 12:18:35.586root 11241100x80000000000000003906442Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ad5a6aac611a0532022-01-11 12:18:35.586root 11241100x80000000000000003906443Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ab2f377d8c8d5e02022-01-11 12:18:35.586root 11241100x80000000000000003906444Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dca47090e1117ff82022-01-11 12:18:35.586root 11241100x80000000000000003906445Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a9c9e13f8bec5be2022-01-11 12:18:35.586root 11241100x80000000000000003906446Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.774a36800644f1c72022-01-11 12:18:35.587root 11241100x80000000000000003906447Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ed94ff40a33ab5c2022-01-11 12:18:35.587root 11241100x80000000000000003906448Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb5c4064cf830e832022-01-11 12:18:35.587root 11241100x80000000000000003906449Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8373610de833ad82022-01-11 12:18:35.587root 11241100x80000000000000003906450Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80b556939ad49b2f2022-01-11 12:18:35.587root 11241100x80000000000000003906451Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6fd1940678983ac42022-01-11 12:18:35.587root 11241100x80000000000000003906452Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af928f271414d9772022-01-11 12:18:35.587root 11241100x80000000000000003906453Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.840158f56fc8c6af2022-01-11 12:18:35.587root 11241100x80000000000000003906454Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d4b47c7daff9ee22022-01-11 12:18:35.588root 11241100x80000000000000003906455Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.87cbb1506609e4312022-01-11 12:18:35.588root 11241100x80000000000000003906456Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:35.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0174d82b2c116a322022-01-11 12:18:35.588root 11241100x80000000000000003906457Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5257846cbcb7a2fe2022-01-11 12:18:36.083root 11241100x80000000000000003906458Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f7102bb0f031ca72022-01-11 12:18:36.083root 11241100x80000000000000003906459Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.454302b24403a9fe2022-01-11 12:18:36.084root 11241100x80000000000000003906460Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.894170cfddaebefa2022-01-11 12:18:36.084root 11241100x80000000000000003906461Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1e48be97835db9182022-01-11 12:18:36.084root 11241100x80000000000000003906462Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab6768e1ac2648a42022-01-11 12:18:36.084root 11241100x80000000000000003906463Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f27d0e8f1cfc25ed2022-01-11 12:18:36.084root 11241100x80000000000000003906464Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46c9578483049a562022-01-11 12:18:36.084root 11241100x80000000000000003906465Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69340d7e6f4151b32022-01-11 12:18:36.084root 11241100x80000000000000003906466Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3526cfdfe42a04f02022-01-11 12:18:36.085root 11241100x80000000000000003906467Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19474648148cd6262022-01-11 12:18:36.085root 11241100x80000000000000003906468Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33c1ba4a4e5a3ffa2022-01-11 12:18:36.085root 11241100x80000000000000003906469Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04979bc59bb08d3b2022-01-11 12:18:36.085root 11241100x80000000000000003906470Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a4f23bca83a73332022-01-11 12:18:36.085root 11241100x80000000000000003906471Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b10744a468bff2542022-01-11 12:18:36.085root 11241100x80000000000000003906472Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f7c39ddb3273bba2022-01-11 12:18:36.085root 11241100x80000000000000003906473Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.919b7dcd6aff14312022-01-11 12:18:36.085root 11241100x80000000000000003906474Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f65cada1a4b883f2022-01-11 12:18:36.085root 11241100x80000000000000003906475Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.645a6097eefec1d52022-01-11 12:18:36.086root 11241100x80000000000000003906476Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb88413cd9e12cd32022-01-11 12:18:36.086root 11241100x80000000000000003906477Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9f1481ee7ecc6d92022-01-11 12:18:36.086root 11241100x80000000000000003906478Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72fae37d36cc02a62022-01-11 12:18:36.086root 11241100x80000000000000003906479Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9316256f50cd8d752022-01-11 12:18:36.086root 11241100x80000000000000003906480Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c65748b99a77d872022-01-11 12:18:36.086root 11241100x80000000000000003906481Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c08f975eae2db86d2022-01-11 12:18:36.086root 11241100x80000000000000003906482Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e218e99c40a21712022-01-11 12:18:36.086root 11241100x80000000000000003906483Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbaee8ea1e066a052022-01-11 12:18:36.086root 11241100x80000000000000003906484Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0985c03e3ffabedc2022-01-11 12:18:36.086root 11241100x80000000000000003906485Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37c107cd4f06f3bc2022-01-11 12:18:36.086root 11241100x80000000000000003906486Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b004b661b4b2537b2022-01-11 12:18:36.086root 11241100x80000000000000003906487Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1faccfa5b3b54c22022-01-11 12:18:36.086root 11241100x80000000000000003906488Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c7add3da295928c2022-01-11 12:18:36.086root 11241100x80000000000000003906489Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51b5f7e513f060512022-01-11 12:18:36.086root 11241100x80000000000000003906490Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b406e01294cdb1a2022-01-11 12:18:36.086root 11241100x80000000000000003906491Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.371733217c060ebe2022-01-11 12:18:36.087root 11241100x80000000000000003906492Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e48ab03419887702022-01-11 12:18:36.087root 11241100x80000000000000003906493Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7b55660497befd12022-01-11 12:18:36.087root 11241100x80000000000000003906494Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fef718ec99f374aa2022-01-11 12:18:36.087root 11241100x80000000000000003906495Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c02dda8e71c3a3f22022-01-11 12:18:36.087root 11241100x80000000000000003906496Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa151735188777e32022-01-11 12:18:36.087root 11241100x80000000000000003906497Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc7bc0b82bca2b9e2022-01-11 12:18:36.087root 11241100x80000000000000003906498Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe733cdb736b8a0a2022-01-11 12:18:36.087root 11241100x80000000000000003906499Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b87109991116c03a2022-01-11 12:18:36.087root 11241100x80000000000000003906500Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.736b9f9c4dd7058f2022-01-11 12:18:36.087root 11241100x80000000000000003906501Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ab21c548fd553962022-01-11 12:18:36.087root 11241100x80000000000000003906502Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48ef422ca10edeb02022-01-11 12:18:36.088root 11241100x80000000000000003906503Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f927768a5db8d2a92022-01-11 12:18:36.088root 11241100x80000000000000003906504Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2570d1feabe554952022-01-11 12:18:36.088root 11241100x80000000000000003906505Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fea97b7d31f8cbb12022-01-11 12:18:36.088root 11241100x80000000000000003906506Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55691e1b69ede8c62022-01-11 12:18:36.088root 11241100x80000000000000003906507Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.646c399dd7a77d8d2022-01-11 12:18:36.088root 11241100x80000000000000003906508Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.562dbaf84b0f32602022-01-11 12:18:36.088root 11241100x80000000000000003906509Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6363a600e4161722022-01-11 12:18:36.088root 11241100x80000000000000003906510Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9476ace346ed2ed72022-01-11 12:18:36.088root 11241100x80000000000000003906511Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6786cc0332e6af6d2022-01-11 12:18:36.088root 11241100x80000000000000003906512Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c4a7218162c430c82022-01-11 12:18:36.584root 11241100x80000000000000003906513Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06608394561004152022-01-11 12:18:36.584root 11241100x80000000000000003906514Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc05e0633be092482022-01-11 12:18:36.584root 11241100x80000000000000003906515Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c4c944f981befaea2022-01-11 12:18:36.584root 11241100x80000000000000003906516Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e296954c7b1d0532022-01-11 12:18:36.584root 11241100x80000000000000003906517Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44f1f73a008a2f542022-01-11 12:18:36.584root 11241100x80000000000000003906518Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.065ee226cecb8ee32022-01-11 12:18:36.584root 11241100x80000000000000003906519Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21cdbfca19ebf7a22022-01-11 12:18:36.584root 11241100x80000000000000003906520Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04a463bf3d8a5b712022-01-11 12:18:36.584root 11241100x80000000000000003906521Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d227430eff2ecadc2022-01-11 12:18:36.585root 11241100x80000000000000003906522Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e70b44e9480a52e2022-01-11 12:18:36.585root 11241100x80000000000000003906523Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6cfcc3950cef82732022-01-11 12:18:36.585root 11241100x80000000000000003906524Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bef92bcd8a30310c2022-01-11 12:18:36.585root 11241100x80000000000000003906525Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.325fa54d573cf7282022-01-11 12:18:36.585root 11241100x80000000000000003906526Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7107a4835d7525502022-01-11 12:18:36.585root 11241100x80000000000000003906527Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61ed565ece50a9692022-01-11 12:18:36.585root 11241100x80000000000000003906528Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ff3db10dd344e3d2022-01-11 12:18:36.585root 11241100x80000000000000003906529Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2870613c255cdeb32022-01-11 12:18:36.585root 11241100x80000000000000003906530Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44af4dfdfc7b43ce2022-01-11 12:18:36.585root 11241100x80000000000000003906531Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08ac2c554596dc912022-01-11 12:18:36.585root 11241100x80000000000000003906532Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.14f4511f1a68b1492022-01-11 12:18:36.585root 11241100x80000000000000003906533Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33fa35dcff1216402022-01-11 12:18:36.585root 11241100x80000000000000003906534Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f16c7888950253e2022-01-11 12:18:36.585root 11241100x80000000000000003906535Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77b88026f97f5eb52022-01-11 12:18:36.585root 11241100x80000000000000003906536Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be083143f2d4a0482022-01-11 12:18:36.586root 11241100x80000000000000003906537Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11af9a19e094db952022-01-11 12:18:36.586root 11241100x80000000000000003906538Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4252d6be4e5789a2022-01-11 12:18:36.586root 11241100x80000000000000003906539Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d9e9fa437e0fdadd2022-01-11 12:18:36.586root 11241100x80000000000000003906540Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:36.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.31d408234e12e8da2022-01-11 12:18:36.586root 11241100x80000000000000003906541Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d39046878911f242022-01-11 12:18:37.084root 11241100x80000000000000003906542Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df4f9790cd3e35512022-01-11 12:18:37.084root 11241100x80000000000000003906543Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96fa761d944c1a0e2022-01-11 12:18:37.084root 11241100x80000000000000003906544Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.262e550c4c783bc82022-01-11 12:18:37.084root 11241100x80000000000000003906545Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e4a63fa9e6574a12022-01-11 12:18:37.084root 11241100x80000000000000003906546Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a84e0604fba3641a2022-01-11 12:18:37.084root 11241100x80000000000000003906547Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6c4a081f17e0bb02022-01-11 12:18:37.085root 11241100x80000000000000003906548Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04d24ddc83c4bc602022-01-11 12:18:37.085root 11241100x80000000000000003906549Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05373d95a3194ff62022-01-11 12:18:37.085root 11241100x80000000000000003906550Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ae56d74c5dfe60a2022-01-11 12:18:37.085root 11241100x80000000000000003906551Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66100cd85d602d742022-01-11 12:18:37.085root 11241100x80000000000000003906552Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c815bd4772b4985a2022-01-11 12:18:37.085root 11241100x80000000000000003906553Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.172dcaf8e78345f32022-01-11 12:18:37.085root 11241100x80000000000000003906554Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1185b06dfe12c1432022-01-11 12:18:37.085root 11241100x80000000000000003906555Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d02f05a7b37afff2022-01-11 12:18:37.085root 11241100x80000000000000003906556Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.322031bee8b3602c2022-01-11 12:18:37.085root 11241100x80000000000000003906557Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7cd9ecd3b2b76c812022-01-11 12:18:37.085root 11241100x80000000000000003906558Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e884958e23dcdd02022-01-11 12:18:37.085root 11241100x80000000000000003906559Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8d13473cbe3b7782022-01-11 12:18:37.085root 11241100x80000000000000003906560Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7fa511b560c2413e2022-01-11 12:18:37.085root 11241100x80000000000000003906561Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f6116c5a1a570f92022-01-11 12:18:37.085root 11241100x80000000000000003906562Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f449fc5a37dd64642022-01-11 12:18:37.086root 11241100x80000000000000003906563Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b16fde554c949642022-01-11 12:18:37.086root 11241100x80000000000000003906564Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.407cc82eddbe7bab2022-01-11 12:18:37.086root 11241100x80000000000000003906565Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6dd04ec5ac1603902022-01-11 12:18:37.086root 11241100x80000000000000003906566Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dcabf228ffa2fbcb2022-01-11 12:18:37.086root 11241100x80000000000000003906567Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40e3fb05596ff37d2022-01-11 12:18:37.086root 11241100x80000000000000003906568Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee380faaac577d462022-01-11 12:18:37.086root 11241100x80000000000000003906569Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f45c9259716f442d2022-01-11 12:18:37.584root 11241100x80000000000000003906570Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39a00d1270aa06c82022-01-11 12:18:37.584root 11241100x80000000000000003906571Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02c435215c8a6daa2022-01-11 12:18:37.584root 11241100x80000000000000003906572Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b06caa04d91704c2022-01-11 12:18:37.584root 11241100x80000000000000003906573Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5da27d61beffc582022-01-11 12:18:37.584root 11241100x80000000000000003906574Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8048e0e64df2b83b2022-01-11 12:18:37.584root 11241100x80000000000000003906575Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b69a6a766385b652022-01-11 12:18:37.584root 11241100x80000000000000003906576Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea5c545b86ba2e6f2022-01-11 12:18:37.584root 11241100x80000000000000003906577Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd1d181a6bf2e2152022-01-11 12:18:37.584root 11241100x80000000000000003906578Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd3ee3d42216741d2022-01-11 12:18:37.585root 11241100x80000000000000003906579Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d58a49b9eee857bc2022-01-11 12:18:37.585root 11241100x80000000000000003906580Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9eaad26d95979ffc2022-01-11 12:18:37.585root 11241100x80000000000000003906581Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4be318752a570bc92022-01-11 12:18:37.585root 11241100x80000000000000003906582Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8f07dd3ac50135b2022-01-11 12:18:37.585root 11241100x80000000000000003906583Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7e61648dad95f4c2022-01-11 12:18:37.585root 11241100x80000000000000003906584Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.552b2efccbc88e182022-01-11 12:18:37.585root 11241100x80000000000000003906585Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a4077839d6ba4382022-01-11 12:18:37.585root 11241100x80000000000000003906586Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.299e6a90489aedeb2022-01-11 12:18:37.585root 11241100x80000000000000003906587Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.99b1236ad33c1ed42022-01-11 12:18:37.585root 11241100x80000000000000003906588Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.296290891cdc94e02022-01-11 12:18:37.585root 11241100x80000000000000003906589Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.03f2eedce35f94fd2022-01-11 12:18:37.585root 11241100x80000000000000003906590Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.545c97afccf70ef82022-01-11 12:18:37.585root 11241100x80000000000000003906591Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f12ebd2884f879d32022-01-11 12:18:37.585root 11241100x80000000000000003906592Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fadf3c83cc2dd5812022-01-11 12:18:37.585root 11241100x80000000000000003906593Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7263ea25a54839fc2022-01-11 12:18:37.585root 11241100x80000000000000003906594Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4bb3e0cfa458cb9b2022-01-11 12:18:37.586root 11241100x80000000000000003906595Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca5c61c4a716afd32022-01-11 12:18:37.586root 11241100x80000000000000003906596Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:37.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.683fc724155e9c0e2022-01-11 12:18:37.586root 11241100x80000000000000003906597Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c06d56ab5003f602022-01-11 12:18:38.083root 11241100x80000000000000003906598Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6204bc95f93ece02022-01-11 12:18:38.083root 11241100x80000000000000003906599Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9348c8175887ae8b2022-01-11 12:18:38.083root 11241100x80000000000000003906600Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4675231fe37594b2022-01-11 12:18:38.083root 11241100x80000000000000003906601Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.983db461947ede9d2022-01-11 12:18:38.084root 11241100x80000000000000003906602Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.537558eda149ee412022-01-11 12:18:38.084root 11241100x80000000000000003906603Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3530bffd11bb62462022-01-11 12:18:38.084root 11241100x80000000000000003906604Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e125b36517befbd72022-01-11 12:18:38.084root 11241100x80000000000000003906605Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6141707d4b380c5a2022-01-11 12:18:38.084root 11241100x80000000000000003906606Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b347e7a9f76636f2022-01-11 12:18:38.084root 11241100x80000000000000003906607Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.113e0eec1651773f2022-01-11 12:18:38.085root 11241100x80000000000000003906608Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56d83b776a9e71982022-01-11 12:18:38.085root 11241100x80000000000000003906609Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0685fcb66042891b2022-01-11 12:18:38.085root 11241100x80000000000000003906610Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.547f62541f0e7e5b2022-01-11 12:18:38.085root 11241100x80000000000000003906611Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0eff15e1737286f92022-01-11 12:18:38.085root 11241100x80000000000000003906612Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.563791584a1882a82022-01-11 12:18:38.085root 11241100x80000000000000003906613Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.227e05d8f5ce28e42022-01-11 12:18:38.085root 11241100x80000000000000003906614Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00f668aa2eb4e66e2022-01-11 12:18:38.086root 11241100x80000000000000003906615Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f913beec3ba2e0172022-01-11 12:18:38.086root 11241100x80000000000000003906616Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e87dab8d9b6081412022-01-11 12:18:38.086root 11241100x80000000000000003906617Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df1b5d567253b86c2022-01-11 12:18:38.086root 11241100x80000000000000003906618Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b42dca81559bfad2022-01-11 12:18:38.086root 11241100x80000000000000003906619Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a89a0f84a5b1a45f2022-01-11 12:18:38.086root 11241100x80000000000000003906620Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f75b9ab2aedd959f2022-01-11 12:18:38.086root 11241100x80000000000000003906621Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e9a709204b57aa82022-01-11 12:18:38.086root 11241100x80000000000000003906622Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff268e2d0272700f2022-01-11 12:18:38.086root 11241100x80000000000000003906623Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86025745f67ecc0f2022-01-11 12:18:38.087root 11241100x80000000000000003906624Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ea27a88fa9aa9422022-01-11 12:18:38.087root 11241100x80000000000000003906625Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16bc1788a3eeb9962022-01-11 12:18:38.087root 11241100x80000000000000003906626Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20bcdf84af9fa55d2022-01-11 12:18:38.087root 11241100x80000000000000003906627Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e78ec8787c868062022-01-11 12:18:38.087root 11241100x80000000000000003906628Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.473bd2fb220f6c022022-01-11 12:18:38.088root 11241100x80000000000000003906629Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7dd300c85093d7cb2022-01-11 12:18:38.088root 11241100x80000000000000003906630Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c923edf1da86cc092022-01-11 12:18:38.088root 11241100x80000000000000003906631Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc45660ff11773fb2022-01-11 12:18:38.089root 11241100x80000000000000003906632Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1840bfb4ae8af002022-01-11 12:18:38.089root 11241100x80000000000000003906633Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.831ea81bdf223c592022-01-11 12:18:38.089root 11241100x80000000000000003906634Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.abf6fa19936a10842022-01-11 12:18:38.089root 11241100x80000000000000003906635Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af56e7dedd2c473a2022-01-11 12:18:38.089root 11241100x80000000000000003906636Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe6aff060dd769392022-01-11 12:18:38.089root 11241100x80000000000000003906637Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.819a37a496a16e672022-01-11 12:18:38.089root 11241100x80000000000000003906638Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2812dba6d752c0a22022-01-11 12:18:38.089root 11241100x80000000000000003906639Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd234548a3b48a442022-01-11 12:18:38.090root 11241100x80000000000000003906640Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62d23faa83ca1d882022-01-11 12:18:38.090root 11241100x80000000000000003906641Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18af8b2af501d3292022-01-11 12:18:38.090root 11241100x80000000000000003906642Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a83a5b892ed7babd2022-01-11 12:18:38.090root 11241100x80000000000000003906643Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b20e31fafdfd5de2022-01-11 12:18:38.090root 11241100x80000000000000003906644Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae8233d58f5b89ac2022-01-11 12:18:38.090root 11241100x80000000000000003906645Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1fd3ba03bc68f3182022-01-11 12:18:38.584root 11241100x80000000000000003906646Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a7b9e11c4e113a22022-01-11 12:18:38.584root 11241100x80000000000000003906647Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2edc6124a2d594bc2022-01-11 12:18:38.584root 11241100x80000000000000003906648Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e64d9454c0e0d4f22022-01-11 12:18:38.584root 11241100x80000000000000003906649Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56241c5394fbd2752022-01-11 12:18:38.584root 11241100x80000000000000003906650Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33daf54aefc3c7672022-01-11 12:18:38.584root 11241100x80000000000000003906651Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65efdb78b7d829672022-01-11 12:18:38.584root 11241100x80000000000000003906652Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f5bf30d0c0b3a062022-01-11 12:18:38.584root 11241100x80000000000000003906653Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa95c315ac3c1c0d2022-01-11 12:18:38.584root 11241100x80000000000000003906654Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ddfb942e90c85cd2022-01-11 12:18:38.584root 11241100x80000000000000003906655Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3159ce68127017be2022-01-11 12:18:38.585root 11241100x80000000000000003906656Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81ccf08afef464be2022-01-11 12:18:38.585root 11241100x80000000000000003906657Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ad7aedf80d0fb5f2022-01-11 12:18:38.585root 11241100x80000000000000003906658Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f89c194851cc7e22022-01-11 12:18:38.585root 11241100x80000000000000003906659Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f23a112ce39fd37e2022-01-11 12:18:38.585root 11241100x80000000000000003906660Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02ac9f43c538ffec2022-01-11 12:18:38.585root 11241100x80000000000000003906661Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d8942a10b9541b72022-01-11 12:18:38.585root 11241100x80000000000000003906662Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b66bd9d2b4780c92022-01-11 12:18:38.585root 11241100x80000000000000003906663Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f54af0e5ea20fd72022-01-11 12:18:38.585root 11241100x80000000000000003906664Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42d57e1ea2961d4c2022-01-11 12:18:38.586root 11241100x80000000000000003906665Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69c1392b44e39d012022-01-11 12:18:38.586root 11241100x80000000000000003906666Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53cf4786b118104c2022-01-11 12:18:38.586root 11241100x80000000000000003906667Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0447306d0e1c6a12022-01-11 12:18:38.586root 11241100x80000000000000003906668Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ba7af7a4ac300be2022-01-11 12:18:38.586root 11241100x80000000000000003906669Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e82f17b3de9d49552022-01-11 12:18:38.586root 11241100x80000000000000003906670Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c759675b42e3de22022-01-11 12:18:38.586root 11241100x80000000000000003906671Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb876ee6b89555b52022-01-11 12:18:38.586root 11241100x80000000000000003906672Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae41ec68e5df489f2022-01-11 12:18:38.586root 11241100x80000000000000003906673Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:38.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.edd56295116e25c82022-01-11 12:18:38.586root 11241100x80000000000000003906674Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.495795e4a71417c92022-01-11 12:18:39.083root 11241100x80000000000000003906675Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f3980ecce8e01422022-01-11 12:18:39.083root 11241100x80000000000000003906676Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b9bc447d2ac45d32022-01-11 12:18:39.084root 11241100x80000000000000003906677Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec22150c86764caf2022-01-11 12:18:39.084root 11241100x80000000000000003906678Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a8927bd682f5a042022-01-11 12:18:39.084root 11241100x80000000000000003906679Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a67730593bdff48e2022-01-11 12:18:39.084root 11241100x80000000000000003906680Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7a1eda070c4b17d2022-01-11 12:18:39.084root 11241100x80000000000000003906681Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ceb681bdc0269442022-01-11 12:18:39.084root 11241100x80000000000000003906682Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f10101557b855372022-01-11 12:18:39.084root 11241100x80000000000000003906683Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f18572ca25694552022-01-11 12:18:39.084root 11241100x80000000000000003906684Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d994b97a903eed032022-01-11 12:18:39.084root 11241100x80000000000000003906685Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b90dd2531a7ee1a2022-01-11 12:18:39.084root 11241100x80000000000000003906686Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a12da91b0e7e0ad2022-01-11 12:18:39.084root 11241100x80000000000000003906687Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6542b2c25e2f7922022-01-11 12:18:39.085root 11241100x80000000000000003906688Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff2641967cbfc8812022-01-11 12:18:39.085root 11241100x80000000000000003906689Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b8485a454981cb52022-01-11 12:18:39.085root 11241100x80000000000000003906690Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d862381c53a9b34e2022-01-11 12:18:39.085root 11241100x80000000000000003906691Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0979813ca129586b2022-01-11 12:18:39.085root 11241100x80000000000000003906692Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4cce978d362ae1032022-01-11 12:18:39.085root 11241100x80000000000000003906693Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d8755b3bfc20fa12022-01-11 12:18:39.085root 11241100x80000000000000003906694Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43b2f04c986711e62022-01-11 12:18:39.085root 11241100x80000000000000003906695Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f70a7a38a848be92022-01-11 12:18:39.085root 11241100x80000000000000003906696Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9d6903e150dbe8d2022-01-11 12:18:39.085root 11241100x80000000000000003906697Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f34b6e4e7cfa85022022-01-11 12:18:39.085root 11241100x80000000000000003906698Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a8b285e0629846a2022-01-11 12:18:39.086root 11241100x80000000000000003906699Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17b2efd0a5bd6fb02022-01-11 12:18:39.086root 11241100x80000000000000003906700Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e2472fc62d65b362022-01-11 12:18:39.086root 11241100x80000000000000003906701Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.531f2267115965bc2022-01-11 12:18:39.086root 11241100x80000000000000003906702Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1eb99c4b1cc88ab02022-01-11 12:18:39.086root 11241100x80000000000000003906703Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d0811931e78a164c2022-01-11 12:18:39.086root 11241100x80000000000000003906704Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ed0578c8cdc7cf72022-01-11 12:18:39.087root 11241100x80000000000000003906705Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b231554ae5ef69f12022-01-11 12:18:39.087root 11241100x80000000000000003906706Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7470dd97ab177ec62022-01-11 12:18:39.087root 11241100x80000000000000003906707Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd099280572fc2b42022-01-11 12:18:39.087root 11241100x80000000000000003906708Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b5f6d6a9fb7b93b12022-01-11 12:18:39.087root 11241100x80000000000000003906709Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ad49be3a50cf3672022-01-11 12:18:39.088root 11241100x80000000000000003906710Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c8582e005addf4d2022-01-11 12:18:39.088root 11241100x80000000000000003906711Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2685cf37db7fef5c2022-01-11 12:18:39.088root 11241100x80000000000000003906712Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.129cf18b5a5b114b2022-01-11 12:18:39.088root 11241100x80000000000000003906713Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d35ab0bbc2512e952022-01-11 12:18:39.088root 11241100x80000000000000003906714Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50d33188e05c04322022-01-11 12:18:39.088root 11241100x80000000000000003906715Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.863cfce51bdc2a3b2022-01-11 12:18:39.089root 11241100x80000000000000003906716Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e14bf2ca044d56192022-01-11 12:18:39.089root 11241100x80000000000000003906717Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53a8d2e8231a8a8d2022-01-11 12:18:39.089root 11241100x80000000000000003906718Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0114046404d71b32022-01-11 12:18:39.089root 11241100x80000000000000003906719Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15f00e8e0c36c0ec2022-01-11 12:18:39.584root 11241100x80000000000000003906720Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fd8df3342a16b402022-01-11 12:18:39.584root 11241100x80000000000000003906721Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac75d5dde782f9932022-01-11 12:18:39.584root 11241100x80000000000000003906722Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91aa90a5c07fc56e2022-01-11 12:18:39.584root 11241100x80000000000000003906723Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d90a4873a5624d5d2022-01-11 12:18:39.584root 11241100x80000000000000003906724Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ecc5f932671d2b02022-01-11 12:18:39.584root 11241100x80000000000000003906725Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0692f695de8b72dd2022-01-11 12:18:39.584root 11241100x80000000000000003906726Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1e906bb2418ad7592022-01-11 12:18:39.584root 11241100x80000000000000003906727Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56376e34c1757c692022-01-11 12:18:39.584root 11241100x80000000000000003906728Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6509990a442f4f3e2022-01-11 12:18:39.584root 11241100x80000000000000003906729Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.637556add72c2f8b2022-01-11 12:18:39.585root 11241100x80000000000000003906730Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0ad4807816cbf302022-01-11 12:18:39.585root 11241100x80000000000000003906731Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d6b3936e9ac3b512022-01-11 12:18:39.585root 11241100x80000000000000003906732Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37bd6f64fd2753ed2022-01-11 12:18:39.585root 11241100x80000000000000003906733Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c29d130ea43603092022-01-11 12:18:39.585root 11241100x80000000000000003906734Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.febaaccc90b21ab22022-01-11 12:18:39.585root 11241100x80000000000000003906735Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3de5170f91bf8382022-01-11 12:18:39.585root 11241100x80000000000000003906736Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1642bd4b30224ab02022-01-11 12:18:39.585root 11241100x80000000000000003906737Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.400d00a270ee8ea72022-01-11 12:18:39.585root 11241100x80000000000000003906738Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6332eda431eab3542022-01-11 12:18:39.585root 11241100x80000000000000003906739Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55c39181d896684e2022-01-11 12:18:39.585root 11241100x80000000000000003906740Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6714d53aa6a15a4b2022-01-11 12:18:39.586root 11241100x80000000000000003906741Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ad11699d14cebff2022-01-11 12:18:39.586root 11241100x80000000000000003906742Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5aa7dcaf5c3fad312022-01-11 12:18:39.586root 11241100x80000000000000003906743Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9387633fe735a4d42022-01-11 12:18:39.586root 11241100x80000000000000003906744Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96f3cdad54304b262022-01-11 12:18:39.586root 11241100x80000000000000003906745Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f5f258a034ec16422022-01-11 12:18:39.586root 11241100x80000000000000003906746Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c38b1da5b154c0892022-01-11 12:18:39.586root 11241100x80000000000000003906747Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f20ab018e64bae22022-01-11 12:18:39.586root 11241100x80000000000000003906748Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb64f28fc89fa4172022-01-11 12:18:39.586root 11241100x80000000000000003906749Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:39.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf7744d48cf824c32022-01-11 12:18:39.586root 11241100x80000000000000003906750Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8663df081830b2102022-01-11 12:18:40.084root 11241100x80000000000000003906751Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0730565510413082022-01-11 12:18:40.084root 11241100x80000000000000003906752Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e19f94d4a23ab142022-01-11 12:18:40.084root 11241100x80000000000000003906753Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b46bf1b2b80369e2022-01-11 12:18:40.084root 11241100x80000000000000003906754Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.963f17ea7122fa942022-01-11 12:18:40.085root 11241100x80000000000000003906755Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae87880716140eab2022-01-11 12:18:40.085root 11241100x80000000000000003906756Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b87d3aec647b8442022-01-11 12:18:40.085root 11241100x80000000000000003906757Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b52815cbae553a52022-01-11 12:18:40.085root 11241100x80000000000000003906758Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2119ec196e2b25de2022-01-11 12:18:40.085root 11241100x80000000000000003906759Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a7372e9d50564532022-01-11 12:18:40.085root 11241100x80000000000000003906760Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8f11f806813c86a2022-01-11 12:18:40.085root 11241100x80000000000000003906761Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e91b077e387dca22022-01-11 12:18:40.085root 11241100x80000000000000003906762Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1ea419b36b51ec12022-01-11 12:18:40.085root 11241100x80000000000000003906763Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9441313dbd9f80a22022-01-11 12:18:40.085root 11241100x80000000000000003906764Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e6fd64ae8d964a22022-01-11 12:18:40.085root 11241100x80000000000000003906765Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.27367569c79c84762022-01-11 12:18:40.085root 11241100x80000000000000003906766Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a5a6bec8e8c5f9a2022-01-11 12:18:40.085root 11241100x80000000000000003906767Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.daced309583799472022-01-11 12:18:40.086root 11241100x80000000000000003906768Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a4b386986f33e9b2022-01-11 12:18:40.086root 11241100x80000000000000003906769Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f65f7c0f8a2c75362022-01-11 12:18:40.086root 11241100x80000000000000003906770Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a218a76db1b7ad12022-01-11 12:18:40.086root 11241100x80000000000000003906771Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d320dcd30d2ae2462022-01-11 12:18:40.086root 11241100x80000000000000003906772Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.947a6f2380dd24ff2022-01-11 12:18:40.086root 11241100x80000000000000003906773Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.daf65d6d775c59122022-01-11 12:18:40.086root 11241100x80000000000000003906774Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7aa0c2ff7e1b82e82022-01-11 12:18:40.086root 11241100x80000000000000003906775Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f0b514966fbce372022-01-11 12:18:40.086root 11241100x80000000000000003906776Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dee4569cb4638c812022-01-11 12:18:40.086root 11241100x80000000000000003906777Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6c91b442a2d0a122022-01-11 12:18:40.086root 354300x80000000000000003906778Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.206{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56252-false10.0.1.12-8000- 154100x80000000000000003906779Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.447{ec2d504d-75a0-61dd-68f4-4cf280550000}9855/bin/ps-----ps -e -o pid,ppid,state,command/var/snap/amazon-ssm-agent/4046root{ec2d504d-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}2402--- 11241100x80000000000000003906780Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.448{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2f03503a90959ce2022-01-11 12:18:40.448root 11241100x80000000000000003906781Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.448{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0089c34428c74d6b2022-01-11 12:18:40.448root 11241100x80000000000000003906782Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.449{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af080ef04f19e1bf2022-01-11 12:18:40.449root 11241100x80000000000000003906783Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.449{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7527b912dc3b99842022-01-11 12:18:40.449root 11241100x80000000000000003906784Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.449{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09c45a49c13126162022-01-11 12:18:40.449root 11241100x80000000000000003906785Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.449{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd9b04588c200c432022-01-11 12:18:40.449root 11241100x80000000000000003906786Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.449{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.afc74da79de5a1472022-01-11 12:18:40.449root 11241100x80000000000000003906787Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.450{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42844d729791243b2022-01-11 12:18:40.450root 11241100x80000000000000003906788Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.450{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1cc4c580d2d42ab2022-01-11 12:18:40.450root 11241100x80000000000000003906789Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.450{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90574f8d8fd3996b2022-01-11 12:18:40.450root 11241100x80000000000000003906790Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.450{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9876188fd8275e2c2022-01-11 12:18:40.450root 11241100x80000000000000003906791Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.450{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff848cf818573cee2022-01-11 12:18:40.450root 11241100x80000000000000003906792Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.450{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d9c72fbd81934172022-01-11 12:18:40.450root 11241100x80000000000000003906793Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.450{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0fdd5793c2ad6e4b2022-01-11 12:18:40.450root 11241100x80000000000000003906794Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.451{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ea7ca92ff46c2652022-01-11 12:18:40.451root 11241100x80000000000000003906795Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.451{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e578b6ed2b16ddcd2022-01-11 12:18:40.451root 11241100x80000000000000003906796Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.451{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f091d4b8c2a7ff2d2022-01-11 12:18:40.451root 11241100x80000000000000003906797Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.451{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72c74bf4b52859e42022-01-11 12:18:40.451root 11241100x80000000000000003906798Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.451{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6980f1d484e642bc2022-01-11 12:18:40.451root 11241100x80000000000000003906799Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.451{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e588d8495dc9d59d2022-01-11 12:18:40.451root 11241100x80000000000000003906800Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.451{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b333f949e98cef82022-01-11 12:18:40.451root 11241100x80000000000000003906801Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.451{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4867791068d6f252022-01-11 12:18:40.451root 11241100x80000000000000003906802Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.451{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf18c89a9697cd262022-01-11 12:18:40.451root 11241100x80000000000000003906803Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.452{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.348d063e7a5392972022-01-11 12:18:40.452root 11241100x80000000000000003906804Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.452{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a7e24f9f881b4602022-01-11 12:18:40.452root 11241100x80000000000000003906805Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.452{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79dd84e1189bcf202022-01-11 12:18:40.452root 11241100x80000000000000003906806Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.452{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97ef0e35cda0b4042022-01-11 12:18:40.452root 11241100x80000000000000003906807Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.452{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed3a3fa76cc055212022-01-11 12:18:40.452root 11241100x80000000000000003906808Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.452{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68d306cdc8196f932022-01-11 12:18:40.452root 11241100x80000000000000003906809Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.452{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.85bae735b0de9a312022-01-11 12:18:40.452root 11241100x80000000000000003906810Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.452{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5cf1e01a3821596c2022-01-11 12:18:40.452root 11241100x80000000000000003906811Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.452{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f2bf28670a1c5542022-01-11 12:18:40.452root 11241100x80000000000000003906812Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.452{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43f3f001596ca9742022-01-11 12:18:40.452root 11241100x80000000000000003906813Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.452{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8983ed0af9a05a3a2022-01-11 12:18:40.452root 11241100x80000000000000003906814Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.452{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc2bd9de46be1fa02022-01-11 12:18:40.452root 11241100x80000000000000003906815Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.453{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4dbd8206a4c048672022-01-11 12:18:40.453root 11241100x80000000000000003906816Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.453{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4949b998217d1342022-01-11 12:18:40.453root 11241100x80000000000000003906817Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.453{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7619e39ae5af9a72022-01-11 12:18:40.453root 11241100x80000000000000003906818Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.453{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c13f9262b13c38a52022-01-11 12:18:40.453root 11241100x80000000000000003906819Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.453{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63ab56daf1333c432022-01-11 12:18:40.453root 11241100x80000000000000003906820Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.453{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4ede8f3f8aca2dc2022-01-11 12:18:40.453root 534500x80000000000000003906821Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.460{ec2d504d-75a0-61dd-68f4-4cf280550000}9855/bin/psroot 11241100x80000000000000003906822Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44086c74ba00d7f82022-01-11 12:18:40.833root 11241100x80000000000000003906823Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c8d6478a0e0668d2022-01-11 12:18:40.834root 11241100x80000000000000003906824Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.add7328b133ff3e52022-01-11 12:18:40.834root 11241100x80000000000000003906825Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d9f9193a28e0cc22022-01-11 12:18:40.834root 11241100x80000000000000003906826Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1d2232fe86365d92022-01-11 12:18:40.834root 11241100x80000000000000003906827Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95cbd3df4d13bff72022-01-11 12:18:40.834root 11241100x80000000000000003906828Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.98bc88825484d24c2022-01-11 12:18:40.834root 11241100x80000000000000003906829Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48257409da3989c32022-01-11 12:18:40.834root 11241100x80000000000000003906830Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.adca1814770f5cb92022-01-11 12:18:40.834root 11241100x80000000000000003906831Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f4cc577930d55872022-01-11 12:18:40.834root 11241100x80000000000000003906832Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be41620b514a9d052022-01-11 12:18:40.835root 11241100x80000000000000003906833Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e61eabbb387e9ef2022-01-11 12:18:40.835root 11241100x80000000000000003906834Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.968a241deab17d582022-01-11 12:18:40.835root 11241100x80000000000000003906835Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1943c2a8be97b8d72022-01-11 12:18:40.835root 11241100x80000000000000003906836Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d4d7badcecd40dd2022-01-11 12:18:40.835root 11241100x80000000000000003906837Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee7eb1ae84138e432022-01-11 12:18:40.835root 11241100x80000000000000003906838Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e85566adebe931802022-01-11 12:18:40.835root 11241100x80000000000000003906839Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e0697c68a375ff82022-01-11 12:18:40.835root 11241100x80000000000000003906840Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.424bb69843aee8322022-01-11 12:18:40.835root 11241100x80000000000000003906841Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c278a023381ef6f12022-01-11 12:18:40.836root 11241100x80000000000000003906842Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51f138ce220a97fa2022-01-11 12:18:40.836root 11241100x80000000000000003906843Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.605455c04cd645d02022-01-11 12:18:40.836root 11241100x80000000000000003906844Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b8f84ff758c75bb82022-01-11 12:18:40.836root 11241100x80000000000000003906845Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed526e09735892aa2022-01-11 12:18:40.836root 11241100x80000000000000003906846Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.854acdbb05596ad22022-01-11 12:18:40.836root 11241100x80000000000000003906847Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.45b04adc8f8711552022-01-11 12:18:40.836root 11241100x80000000000000003906848Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba4aabcba910943b2022-01-11 12:18:40.836root 11241100x80000000000000003906849Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.103f6d333f3db57a2022-01-11 12:18:40.836root 11241100x80000000000000003906850Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e5c677847529448d2022-01-11 12:18:40.836root 11241100x80000000000000003906851Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6888b0e69be46592022-01-11 12:18:40.836root 11241100x80000000000000003906852Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f8b2a506284c03f2022-01-11 12:18:40.836root 11241100x80000000000000003906853Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1e8c05074c3c79402022-01-11 12:18:40.836root 11241100x80000000000000003906854Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:40.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b784762756f580bb2022-01-11 12:18:40.836root 11241100x80000000000000003906855Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17cf43f8c90c2be82022-01-11 12:18:41.334root 11241100x80000000000000003906856Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea7e58fe3ffcf6122022-01-11 12:18:41.334root 11241100x80000000000000003906857Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd2584c1f909f25a2022-01-11 12:18:41.334root 11241100x80000000000000003906858Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56f54bdd1c0e01692022-01-11 12:18:41.334root 11241100x80000000000000003906859Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ace46ec6e4075712022-01-11 12:18:41.334root 11241100x80000000000000003906860Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88ed816321fdbd252022-01-11 12:18:41.334root 11241100x80000000000000003906861Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95bc933f9d71cd912022-01-11 12:18:41.334root 11241100x80000000000000003906862Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.703f4fd14a1bb0432022-01-11 12:18:41.334root 11241100x80000000000000003906863Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e9066b138be61212022-01-11 12:18:41.335root 11241100x80000000000000003906864Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.047c7a02215887932022-01-11 12:18:41.335root 11241100x80000000000000003906865Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.677b95edf27011ac2022-01-11 12:18:41.335root 11241100x80000000000000003906866Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ddc20861fadf82e2022-01-11 12:18:41.335root 11241100x80000000000000003906867Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61ad132ef8366b472022-01-11 12:18:41.335root 11241100x80000000000000003906868Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6cc9d421671c85b2022-01-11 12:18:41.335root 11241100x80000000000000003906869Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76a7bf65969030052022-01-11 12:18:41.335root 11241100x80000000000000003906870Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d09ec75b90316d82022-01-11 12:18:41.335root 11241100x80000000000000003906871Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5da0dbf1b2b639ca2022-01-11 12:18:41.335root 11241100x80000000000000003906872Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4302e2f2c006e7412022-01-11 12:18:41.335root 11241100x80000000000000003906873Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c0483c43aeae9002022-01-11 12:18:41.335root 11241100x80000000000000003906874Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ecf506bcc69aa772022-01-11 12:18:41.335root 11241100x80000000000000003906875Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e592a1820d8dc4b2022-01-11 12:18:41.335root 11241100x80000000000000003906876Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4fe451e1b738cbe12022-01-11 12:18:41.336root 11241100x80000000000000003906877Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.095c802eb7a88d2d2022-01-11 12:18:41.336root 11241100x80000000000000003906878Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8998fb90c84f77142022-01-11 12:18:41.336root 11241100x80000000000000003906879Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2db39d3a082f76452022-01-11 12:18:41.336root 11241100x80000000000000003906880Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.52a11b509d22b6632022-01-11 12:18:41.336root 11241100x80000000000000003906881Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ddae257236759c72022-01-11 12:18:41.336root 11241100x80000000000000003906882Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d482a3161a97690d2022-01-11 12:18:41.336root 11241100x80000000000000003906883Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21f3f086383968e02022-01-11 12:18:41.336root 11241100x80000000000000003906884Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.60fcb89258cbc9312022-01-11 12:18:41.336root 11241100x80000000000000003906885Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4d92992a974d4692022-01-11 12:18:41.336root 11241100x80000000000000003906886Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2494594fdcef30982022-01-11 12:18:41.834root 11241100x80000000000000003906887Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b748cc6b0c7effe82022-01-11 12:18:41.834root 11241100x80000000000000003906888Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cabc41b2990fceb52022-01-11 12:18:41.834root 11241100x80000000000000003906889Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c74a8c4922cead42022-01-11 12:18:41.834root 11241100x80000000000000003906890Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55c1e53e5961d0952022-01-11 12:18:41.834root 11241100x80000000000000003906891Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.331a94e73b06a6942022-01-11 12:18:41.835root 11241100x80000000000000003906892Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc63de55c74f2fb32022-01-11 12:18:41.835root 11241100x80000000000000003906893Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c0d7820b3f1538c2022-01-11 12:18:41.835root 11241100x80000000000000003906894Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b80c16aceb1293c82022-01-11 12:18:41.835root 11241100x80000000000000003906895Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.efdcd8e2d8b2c4452022-01-11 12:18:41.835root 11241100x80000000000000003906896Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8ed94c66159ba1f2022-01-11 12:18:41.835root 11241100x80000000000000003906897Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e1d5c50b161400c2022-01-11 12:18:41.835root 11241100x80000000000000003906898Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d09bc51763002312022-01-11 12:18:41.835root 11241100x80000000000000003906899Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d42e79b3c0f91e4f2022-01-11 12:18:41.835root 11241100x80000000000000003906900Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a761cf344c8f8c012022-01-11 12:18:41.835root 11241100x80000000000000003906901Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93796b23ad2c7da12022-01-11 12:18:41.835root 11241100x80000000000000003906902Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a665c23ef7bd4792022-01-11 12:18:41.835root 11241100x80000000000000003906903Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1fd361b471070582022-01-11 12:18:41.835root 11241100x80000000000000003906904Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a335df643ed2e1b2022-01-11 12:18:41.835root 11241100x80000000000000003906905Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91476b2ed62c45ba2022-01-11 12:18:41.836root 11241100x80000000000000003906906Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3b1d501a41098202022-01-11 12:18:41.836root 11241100x80000000000000003906907Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.64aeda4a7ff27db32022-01-11 12:18:41.836root 11241100x80000000000000003906908Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0113673ac08b536f2022-01-11 12:18:41.836root 11241100x80000000000000003906909Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.177cd40154e9eff22022-01-11 12:18:41.836root 11241100x80000000000000003906910Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0220a9d33609011b2022-01-11 12:18:41.836root 11241100x80000000000000003906911Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8872856e1492fdad2022-01-11 12:18:41.836root 11241100x80000000000000003906912Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a222af1631f8a0872022-01-11 12:18:41.836root 11241100x80000000000000003906913Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc330eba104ee71c2022-01-11 12:18:41.836root 11241100x80000000000000003906914Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf52df779ff5c1612022-01-11 12:18:41.836root 11241100x80000000000000003906915Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3930183bffa923832022-01-11 12:18:41.836root 11241100x80000000000000003906916Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:41.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f613852ac4fca2482022-01-11 12:18:41.836root 11241100x80000000000000003906917Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc4ac66101b2830c2022-01-11 12:18:42.334root 11241100x80000000000000003906918Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.320f8442a71e39172022-01-11 12:18:42.334root 11241100x80000000000000003906919Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5d4ce2b7e2b18d02022-01-11 12:18:42.334root 11241100x80000000000000003906920Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.298133d572dd01d52022-01-11 12:18:42.334root 11241100x80000000000000003906921Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12e7a40621ac83ba2022-01-11 12:18:42.334root 11241100x80000000000000003906922Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d68cec1ceb9fb3432022-01-11 12:18:42.334root 11241100x80000000000000003906923Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b46ced6e5dc479122022-01-11 12:18:42.334root 11241100x80000000000000003906924Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6262376d137ba03a2022-01-11 12:18:42.334root 11241100x80000000000000003906925Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f663fb998a337482022-01-11 12:18:42.334root 11241100x80000000000000003906926Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3b02ed5f507dc102022-01-11 12:18:42.334root 11241100x80000000000000003906927Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aab2ff9e793d08a02022-01-11 12:18:42.335root 11241100x80000000000000003906928Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.970e3b5dba3e3a042022-01-11 12:18:42.335root 11241100x80000000000000003906929Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c7cda2d660bbc652022-01-11 12:18:42.335root 11241100x80000000000000003906930Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ccd7fe33fbf0dd892022-01-11 12:18:42.335root 11241100x80000000000000003906931Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0508f27044ab6cae2022-01-11 12:18:42.335root 11241100x80000000000000003906932Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.45bf407ba49eda532022-01-11 12:18:42.335root 11241100x80000000000000003906933Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.798f0eb3aeeb05b62022-01-11 12:18:42.335root 11241100x80000000000000003906934Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ee3a88ff3395c8b2022-01-11 12:18:42.335root 11241100x80000000000000003906935Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8f1cddae07216c42022-01-11 12:18:42.335root 11241100x80000000000000003906936Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2ea285eaa8f137b2022-01-11 12:18:42.335root 11241100x80000000000000003906937Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2856f6f0c74b9632022-01-11 12:18:42.335root 11241100x80000000000000003906938Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.555a22572b86e4d82022-01-11 12:18:42.335root 11241100x80000000000000003906939Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.07b518e924adf0562022-01-11 12:18:42.335root 11241100x80000000000000003906940Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6fbf066e8c2fe7192022-01-11 12:18:42.335root 11241100x80000000000000003906941Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.feb3466285deefb32022-01-11 12:18:42.335root 11241100x80000000000000003906942Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b14fa4303819f91d2022-01-11 12:18:42.336root 11241100x80000000000000003906943Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47cc778753b890562022-01-11 12:18:42.336root 11241100x80000000000000003906944Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b369cde3ab7f2f52022-01-11 12:18:42.336root 11241100x80000000000000003906945Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d592ddd53ca22642022-01-11 12:18:42.336root 11241100x80000000000000003906946Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b75ad830f1c74752022-01-11 12:18:42.336root 11241100x80000000000000003906947Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.479f43fb9a957c882022-01-11 12:18:42.336root 11241100x80000000000000003906948Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b772dc501a0c46e2022-01-11 12:18:42.834root 11241100x80000000000000003906949Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.414defee8e96717f2022-01-11 12:18:42.834root 11241100x80000000000000003906950Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f3220873c6284a52022-01-11 12:18:42.834root 11241100x80000000000000003906951Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53714d221204309c2022-01-11 12:18:42.834root 11241100x80000000000000003906952Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96e0b559cd50f0662022-01-11 12:18:42.834root 11241100x80000000000000003906953Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0043b1d926f08c6e2022-01-11 12:18:42.834root 11241100x80000000000000003906954Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3f19450b3e4a3eb2022-01-11 12:18:42.834root 11241100x80000000000000003906955Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.64c3d858364b5a152022-01-11 12:18:42.834root 11241100x80000000000000003906956Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00dccd4bbc9b3a752022-01-11 12:18:42.834root 11241100x80000000000000003906957Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.13e5481d95ab559d2022-01-11 12:18:42.835root 11241100x80000000000000003906958Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f02b0560eb1bd8102022-01-11 12:18:42.835root 11241100x80000000000000003906959Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09657e944d2686292022-01-11 12:18:42.835root 11241100x80000000000000003906960Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eaf577a522882e802022-01-11 12:18:42.835root 11241100x80000000000000003906961Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0298546423bb85f42022-01-11 12:18:42.835root 11241100x80000000000000003906962Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dee24ee79e5819802022-01-11 12:18:42.835root 11241100x80000000000000003906963Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4578512119089a782022-01-11 12:18:42.835root 11241100x80000000000000003906964Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc9c170fb654331a2022-01-11 12:18:42.835root 11241100x80000000000000003906965Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f34563020bf82a4c2022-01-11 12:18:42.835root 11241100x80000000000000003906966Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f2f80d1c3b59b852022-01-11 12:18:42.835root 11241100x80000000000000003906967Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16a108bcf5a0d4792022-01-11 12:18:42.836root 11241100x80000000000000003906968Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6427b5300a99dde52022-01-11 12:18:42.836root 11241100x80000000000000003906969Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.75046905824930902022-01-11 12:18:42.836root 11241100x80000000000000003906970Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d0a02ad1f43358d2022-01-11 12:18:42.836root 11241100x80000000000000003906971Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39c2eeec7c7651042022-01-11 12:18:42.836root 11241100x80000000000000003906972Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68f4a7347e3628632022-01-11 12:18:42.836root 11241100x80000000000000003906973Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0db95e1fea0d3152022-01-11 12:18:42.836root 11241100x80000000000000003906974Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e87d39601187f492022-01-11 12:18:42.836root 11241100x80000000000000003906975Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8680054eba8fa84c2022-01-11 12:18:42.836root 11241100x80000000000000003906976Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b6db2663075271c2022-01-11 12:18:42.836root 11241100x80000000000000003906977Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.243c8083327445ab2022-01-11 12:18:42.836root 11241100x80000000000000003906978Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:42.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f7b57d8e194759fe2022-01-11 12:18:42.837root 11241100x80000000000000003906979Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0233207326dda07e2022-01-11 12:18:43.334root 11241100x80000000000000003906980Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cba6f15b7db1deac2022-01-11 12:18:43.334root 11241100x80000000000000003906981Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.706121ba731f00272022-01-11 12:18:43.335root 11241100x80000000000000003906982Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47290d76b368c6a92022-01-11 12:18:43.335root 11241100x80000000000000003906983Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f39a7a3f68b579382022-01-11 12:18:43.335root 11241100x80000000000000003906984Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.246032029ed5e9832022-01-11 12:18:43.337root 11241100x80000000000000003906985Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9c9c6dd0ec1d0c52022-01-11 12:18:43.337root 11241100x80000000000000003906986Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22b612e6bf1de9252022-01-11 12:18:43.337root 11241100x80000000000000003906987Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e5e7bb76cb9d0ed72022-01-11 12:18:43.337root 11241100x80000000000000003906988Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c35d206146e200302022-01-11 12:18:43.337root 11241100x80000000000000003906989Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f31e4da6542d0fc92022-01-11 12:18:43.337root 11241100x80000000000000003906990Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37f796e5b4fe8fec2022-01-11 12:18:43.337root 11241100x80000000000000003906991Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c03b6aeef8fe3a962022-01-11 12:18:43.337root 11241100x80000000000000003906992Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a853eacb3d5581292022-01-11 12:18:43.337root 11241100x80000000000000003906993Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a18d1b96e28ce8162022-01-11 12:18:43.337root 11241100x80000000000000003906994Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee1dbf0fedb1085b2022-01-11 12:18:43.338root 11241100x80000000000000003906995Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.673224f29cbc1b0d2022-01-11 12:18:43.338root 11241100x80000000000000003906996Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.535448c4e7ed3a292022-01-11 12:18:43.338root 11241100x80000000000000003906997Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1cf7a2f67a7694312022-01-11 12:18:43.338root 11241100x80000000000000003906998Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5d554fef04ee0052022-01-11 12:18:43.340root 11241100x80000000000000003906999Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa6ef8f8a4319d6d2022-01-11 12:18:43.340root 11241100x80000000000000003907000Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e3f79fbb470f4482022-01-11 12:18:43.340root 11241100x80000000000000003907001Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6db1afd8072bf382022-01-11 12:18:43.340root 11241100x80000000000000003907002Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e60a081374a792492022-01-11 12:18:43.340root 11241100x80000000000000003907003Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.341{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.691ece336b5629172022-01-11 12:18:43.341root 11241100x80000000000000003907004Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.341{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38077afb0a4a51432022-01-11 12:18:43.341root 11241100x80000000000000003907005Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.341{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88ff94acfcf4d32f2022-01-11 12:18:43.341root 11241100x80000000000000003907006Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.341{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ddcdd0f1390650282022-01-11 12:18:43.341root 11241100x80000000000000003907007Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.341{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a517356c4c23df42022-01-11 12:18:43.341root 11241100x80000000000000003907008Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.341{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b5717b94a9dbf87a2022-01-11 12:18:43.341root 11241100x80000000000000003907009Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.341{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fab216b26b58c22a2022-01-11 12:18:43.341root 11241100x80000000000000003907010Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ba31f3c7000b5fa2022-01-11 12:18:43.835root 11241100x80000000000000003907011Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82bfcb3a467f7f692022-01-11 12:18:43.835root 11241100x80000000000000003907012Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1baaff6bae9b822b2022-01-11 12:18:43.835root 11241100x80000000000000003907013Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.366d5d68ff3f958a2022-01-11 12:18:43.835root 11241100x80000000000000003907014Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e5b232e6d9b2daf2022-01-11 12:18:43.835root 11241100x80000000000000003907015Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67983fb9bae315132022-01-11 12:18:43.836root 11241100x80000000000000003907016Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba8e12503aff97142022-01-11 12:18:43.836root 11241100x80000000000000003907017Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b8101c2e216f29d02022-01-11 12:18:43.836root 11241100x80000000000000003907018Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c47110541ec52b32022-01-11 12:18:43.836root 11241100x80000000000000003907019Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6db6d74f8b7ec8222022-01-11 12:18:43.836root 11241100x80000000000000003907020Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8fc0bf893a9d8a572022-01-11 12:18:43.836root 11241100x80000000000000003907021Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af69f3dc8e9a58472022-01-11 12:18:43.836root 11241100x80000000000000003907022Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1f60da77ee3f4fa2022-01-11 12:18:43.837root 11241100x80000000000000003907023Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43ba9c7d36fe6aa62022-01-11 12:18:43.837root 11241100x80000000000000003907024Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38760166664df8962022-01-11 12:18:43.837root 11241100x80000000000000003907025Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ab2f17b99d87f802022-01-11 12:18:43.837root 11241100x80000000000000003907026Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1bb41a05dfb19b32022-01-11 12:18:43.837root 11241100x80000000000000003907027Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.605a8bb5450a274e2022-01-11 12:18:43.837root 11241100x80000000000000003907028Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.240d5e545ae7f6072022-01-11 12:18:43.837root 11241100x80000000000000003907029Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7bc97c2058fb5a6c2022-01-11 12:18:43.837root 11241100x80000000000000003907030Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d467c158db33dc6d2022-01-11 12:18:43.837root 11241100x80000000000000003907031Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.238a419488cec76a2022-01-11 12:18:43.837root 11241100x80000000000000003907032Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5447f1cf4e7b1fc02022-01-11 12:18:43.838root 11241100x80000000000000003907033Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10f6831c0af0184e2022-01-11 12:18:43.838root 11241100x80000000000000003907034Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f8060f8e430022b2022-01-11 12:18:43.838root 11241100x80000000000000003907035Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0969b51f5d018f682022-01-11 12:18:43.838root 11241100x80000000000000003907036Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f5b569c4d4dd03a2022-01-11 12:18:43.838root 11241100x80000000000000003907037Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7931e6d41811835f2022-01-11 12:18:43.838root 11241100x80000000000000003907038Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61bdce7a459db0ed2022-01-11 12:18:43.839root 11241100x80000000000000003907039Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d78e25f6da8f00562022-01-11 12:18:43.839root 11241100x80000000000000003907040Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:43.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9af1557f1508884f2022-01-11 12:18:43.839root 11241100x80000000000000003907041Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16a33176a931ce082022-01-11 12:18:44.334root 11241100x80000000000000003907042Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6c6ad88afff52cb2022-01-11 12:18:44.334root 11241100x80000000000000003907043Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9dd5d0c6781f26d82022-01-11 12:18:44.335root 11241100x80000000000000003907044Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cdd11450ce43b7ff2022-01-11 12:18:44.335root 11241100x80000000000000003907045Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eed7889ac2c690f52022-01-11 12:18:44.335root 11241100x80000000000000003907046Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.500dd913de0f4cde2022-01-11 12:18:44.335root 11241100x80000000000000003907047Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00debf284ae5f7bb2022-01-11 12:18:44.335root 11241100x80000000000000003907048Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2fdc2e09f5a2cfc2022-01-11 12:18:44.335root 11241100x80000000000000003907049Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81d7df0d254dd8c72022-01-11 12:18:44.335root 11241100x80000000000000003907050Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77eeeb54ee0791c12022-01-11 12:18:44.335root 11241100x80000000000000003907051Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fed10234a8a6a6ca2022-01-11 12:18:44.336root 11241100x80000000000000003907052Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7514b5585f848962022-01-11 12:18:44.336root 11241100x80000000000000003907053Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18b03685408b61e92022-01-11 12:18:44.336root 11241100x80000000000000003907054Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c741796d6664af772022-01-11 12:18:44.336root 11241100x80000000000000003907055Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3412e25728ac4b712022-01-11 12:18:44.336root 11241100x80000000000000003907056Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee46cdf70a9e64ff2022-01-11 12:18:44.336root 11241100x80000000000000003907057Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.728f02ee3736b8912022-01-11 12:18:44.336root 11241100x80000000000000003907058Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9939fc804890273e2022-01-11 12:18:44.336root 11241100x80000000000000003907059Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7444f022bf844bf22022-01-11 12:18:44.336root 11241100x80000000000000003907060Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a60e31baf3e43ec2022-01-11 12:18:44.336root 11241100x80000000000000003907061Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09788c7ac4e8df122022-01-11 12:18:44.336root 11241100x80000000000000003907062Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ea2564516df308e2022-01-11 12:18:44.336root 11241100x80000000000000003907063Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5bb1b798f0c776d72022-01-11 12:18:44.336root 11241100x80000000000000003907064Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a96d04fb417effc2022-01-11 12:18:44.337root 11241100x80000000000000003907065Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97380ef1f666fe4c2022-01-11 12:18:44.337root 11241100x80000000000000003907066Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65f1d1e55d15d1912022-01-11 12:18:44.337root 11241100x80000000000000003907067Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ef2f0a0c727e7e62022-01-11 12:18:44.337root 11241100x80000000000000003907068Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.735a4b77cdc4e6872022-01-11 12:18:44.337root 11241100x80000000000000003907069Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d0e74141b746eea2022-01-11 12:18:44.337root 11241100x80000000000000003907070Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd67fe62cfdb93602022-01-11 12:18:44.337root 11241100x80000000000000003907071Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0458ca8d26b438c72022-01-11 12:18:44.337root 11241100x80000000000000003907072Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91ce123815eadc1b2022-01-11 12:18:44.834root 11241100x80000000000000003907073Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e140875afaf935d42022-01-11 12:18:44.834root 11241100x80000000000000003907074Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.333b207ce042c7422022-01-11 12:18:44.835root 11241100x80000000000000003907075Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.079746754d0d4b852022-01-11 12:18:44.835root 11241100x80000000000000003907076Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.528d3779b66e8ada2022-01-11 12:18:44.835root 11241100x80000000000000003907077Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c47759aefe7834bb2022-01-11 12:18:44.835root 11241100x80000000000000003907078Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1924158a4aa7bd1c2022-01-11 12:18:44.835root 11241100x80000000000000003907079Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.442b66ae7c6960502022-01-11 12:18:44.835root 11241100x80000000000000003907080Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd55714fe13643822022-01-11 12:18:44.835root 11241100x80000000000000003907081Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6fea81763ceb4a072022-01-11 12:18:44.835root 11241100x80000000000000003907082Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3cf5ebc48761cb32022-01-11 12:18:44.835root 11241100x80000000000000003907083Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d745f4802eae7562022-01-11 12:18:44.835root 11241100x80000000000000003907084Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2ce904a0aad385c2022-01-11 12:18:44.835root 11241100x80000000000000003907085Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69a8821eaaa20ae12022-01-11 12:18:44.835root 11241100x80000000000000003907086Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbeaedaddf38302b2022-01-11 12:18:44.836root 11241100x80000000000000003907087Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77deef164deed5892022-01-11 12:18:44.836root 11241100x80000000000000003907088Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0fdc04abe31e43f2022-01-11 12:18:44.836root 11241100x80000000000000003907089Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96633d57f43308ae2022-01-11 12:18:44.836root 11241100x80000000000000003907090Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.059cbabfafa4dba92022-01-11 12:18:44.836root 11241100x80000000000000003907091Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ea11aa62a0bb99e2022-01-11 12:18:44.836root 11241100x80000000000000003907092Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40770e6c8728d1392022-01-11 12:18:44.836root 11241100x80000000000000003907093Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.083aad4936116ab62022-01-11 12:18:44.836root 11241100x80000000000000003907094Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.114c1c5afb9779892022-01-11 12:18:44.836root 11241100x80000000000000003907095Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6908ec2c0163b6a22022-01-11 12:18:44.836root 11241100x80000000000000003907096Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b511a7c1451a53b2022-01-11 12:18:44.836root 11241100x80000000000000003907097Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f52db33a1acf819d2022-01-11 12:18:44.836root 11241100x80000000000000003907098Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.85c900e82294ca562022-01-11 12:18:44.836root 11241100x80000000000000003907099Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56899574471afe2c2022-01-11 12:18:44.836root 11241100x80000000000000003907100Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ba2ae7e001d5e1e2022-01-11 12:18:44.836root 11241100x80000000000000003907101Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4faf3caae7b763022022-01-11 12:18:44.837root 11241100x80000000000000003907102Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:44.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.998616d5ac889ec02022-01-11 12:18:44.837root 11241100x80000000000000003907103Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af08b58d85837fff2022-01-11 12:18:45.334root 11241100x80000000000000003907104Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ffc3f08b7a53cfbf2022-01-11 12:18:45.334root 11241100x80000000000000003907105Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.098a58ee89869cca2022-01-11 12:18:45.335root 11241100x80000000000000003907106Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de75647a0583aafa2022-01-11 12:18:45.335root 11241100x80000000000000003907107Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f3cd27a5dbbf9652022-01-11 12:18:45.335root 11241100x80000000000000003907108Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09f7afb4c7de529f2022-01-11 12:18:45.335root 11241100x80000000000000003907109Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.074ed7d827e086c02022-01-11 12:18:45.335root 11241100x80000000000000003907110Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f4f91b296d5b7fe2022-01-11 12:18:45.335root 11241100x80000000000000003907111Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62ecaacaa6a2359c2022-01-11 12:18:45.335root 11241100x80000000000000003907112Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2814687e140fdb22022-01-11 12:18:45.335root 11241100x80000000000000003907113Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0130b6c2afe6d27b2022-01-11 12:18:45.335root 11241100x80000000000000003907114Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6fcfa7ae87024a472022-01-11 12:18:45.335root 11241100x80000000000000003907115Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2280d93a1b7b4f22022-01-11 12:18:45.335root 11241100x80000000000000003907116Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dcd9c57906237f612022-01-11 12:18:45.335root 11241100x80000000000000003907117Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38f3e1c5bf5943372022-01-11 12:18:45.335root 11241100x80000000000000003907118Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.30ad426f74dd8f7c2022-01-11 12:18:45.335root 11241100x80000000000000003907119Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1b267a259442eca2022-01-11 12:18:45.335root 11241100x80000000000000003907120Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4c7bb19f4ff4eba2022-01-11 12:18:45.336root 11241100x80000000000000003907121Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1b33f7b7472ae792022-01-11 12:18:45.336root 11241100x80000000000000003907122Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.52b447bab045714b2022-01-11 12:18:45.336root 11241100x80000000000000003907123Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a344b02e5c3cf54e2022-01-11 12:18:45.336root 11241100x80000000000000003907124Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3863c35bf96f50f2022-01-11 12:18:45.336root 11241100x80000000000000003907125Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.676d2c7b915628222022-01-11 12:18:45.336root 11241100x80000000000000003907126Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8bd886569938eac2022-01-11 12:18:45.336root 11241100x80000000000000003907127Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0928012de6989f02022-01-11 12:18:45.336root 11241100x80000000000000003907128Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32c0bab09455d8062022-01-11 12:18:45.336root 11241100x80000000000000003907129Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb170fba7dc105482022-01-11 12:18:45.336root 11241100x80000000000000003907130Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.afaf1277a02a07a82022-01-11 12:18:45.337root 11241100x80000000000000003907131Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22f110f26e170c962022-01-11 12:18:45.337root 11241100x80000000000000003907132Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96cafe0680f6e73f2022-01-11 12:18:45.337root 11241100x80000000000000003907133Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc5384374b8536b32022-01-11 12:18:45.337root 11241100x80000000000000003907134Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.980dec2f5bc9b1272022-01-11 12:18:45.834root 11241100x80000000000000003907135Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.866d4cf3beab00a92022-01-11 12:18:45.835root 11241100x80000000000000003907136Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ff0e4c6f042cbba2022-01-11 12:18:45.835root 11241100x80000000000000003907137Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa88296dd69842ae2022-01-11 12:18:45.835root 11241100x80000000000000003907138Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96cbffd8686e6ab32022-01-11 12:18:45.835root 11241100x80000000000000003907139Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2107f043f577afe62022-01-11 12:18:45.835root 11241100x80000000000000003907140Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e253ddb0503fdcef2022-01-11 12:18:45.835root 11241100x80000000000000003907141Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa868555eafbe26c2022-01-11 12:18:45.835root 11241100x80000000000000003907142Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.511413c05cd2cb6f2022-01-11 12:18:45.835root 11241100x80000000000000003907143Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55cf18044a32d7732022-01-11 12:18:45.835root 11241100x80000000000000003907144Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5eaf6f9ae17d1132022-01-11 12:18:45.835root 11241100x80000000000000003907145Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06d68faa3e4ac71a2022-01-11 12:18:45.835root 11241100x80000000000000003907146Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.780af0d60b136d5b2022-01-11 12:18:45.835root 11241100x80000000000000003907147Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.161ece275d2d3acb2022-01-11 12:18:45.835root 11241100x80000000000000003907148Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69ccef8bfd9cddf32022-01-11 12:18:45.836root 11241100x80000000000000003907149Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9e08edcbec4e1632022-01-11 12:18:45.836root 11241100x80000000000000003907150Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f29efe85369237de2022-01-11 12:18:45.836root 11241100x80000000000000003907151Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b5276cd5cbbd76b2022-01-11 12:18:45.836root 11241100x80000000000000003907152Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bbfe3546737d2e9a2022-01-11 12:18:45.836root 11241100x80000000000000003907153Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df23aa4fec2e28d92022-01-11 12:18:45.836root 11241100x80000000000000003907154Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b5fb9a313728d712022-01-11 12:18:45.836root 11241100x80000000000000003907155Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ea2a4de68e43d952022-01-11 12:18:45.836root 11241100x80000000000000003907156Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25287456aa40c1c62022-01-11 12:18:45.836root 11241100x80000000000000003907157Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d690718de77a2302022-01-11 12:18:45.836root 11241100x80000000000000003907158Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55da93df75b359f92022-01-11 12:18:45.836root 11241100x80000000000000003907159Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1e03ace0c615f21e2022-01-11 12:18:45.836root 11241100x80000000000000003907160Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f884524aafd9ce32022-01-11 12:18:45.836root 11241100x80000000000000003907161Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95cd5385db2efefe2022-01-11 12:18:45.837root 11241100x80000000000000003907162Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bae7de1f971644ac2022-01-11 12:18:45.837root 11241100x80000000000000003907163Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67e4457f7db9b4a22022-01-11 12:18:45.837root 11241100x80000000000000003907164Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:45.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3bd1afc5f62514942022-01-11 12:18:45.837root 354300x80000000000000003907165Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.109{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56254-false10.0.1.12-8000- 11241100x80000000000000003907166Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.110{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6d557b1b3e17f652022-01-11 12:18:46.110root 11241100x80000000000000003907167Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.110{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7a82e5853333c7e2022-01-11 12:18:46.110root 11241100x80000000000000003907168Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.111{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ab3e1deca2fbd3e2022-01-11 12:18:46.111root 11241100x80000000000000003907169Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.111{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ad20e26091e70462022-01-11 12:18:46.111root 11241100x80000000000000003907170Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.111{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4f01c5e028e4a742022-01-11 12:18:46.111root 11241100x80000000000000003907171Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.111{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3857134cbdfff7b62022-01-11 12:18:46.111root 11241100x80000000000000003907172Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.111{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f9d3f753325a89a42022-01-11 12:18:46.111root 11241100x80000000000000003907173Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.111{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc5d2d1a736e6e212022-01-11 12:18:46.111root 11241100x80000000000000003907174Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.112{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11a78cb544c2e0d72022-01-11 12:18:46.112root 11241100x80000000000000003907175Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.112{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1dc52e4457753aa12022-01-11 12:18:46.112root 11241100x80000000000000003907176Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.112{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1725918b86c817032022-01-11 12:18:46.112root 11241100x80000000000000003907177Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.112{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f81238475f07fc52022-01-11 12:18:46.112root 11241100x80000000000000003907178Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.112{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79bb31dc6c3a60c02022-01-11 12:18:46.112root 11241100x80000000000000003907179Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.112{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6bbd623b46020ee2022-01-11 12:18:46.112root 11241100x80000000000000003907180Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.112{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ca019b2a80b53ad2022-01-11 12:18:46.112root 11241100x80000000000000003907181Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.112{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.827116864abc0c4c2022-01-11 12:18:46.112root 11241100x80000000000000003907182Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.112{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6f80aaed0d193e32022-01-11 12:18:46.112root 11241100x80000000000000003907183Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.112{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd0cf93ef2deca9f2022-01-11 12:18:46.112root 11241100x80000000000000003907184Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.113{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.058fcdfb9b3e6a932022-01-11 12:18:46.113root 11241100x80000000000000003907185Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.113{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06c6b184a374968f2022-01-11 12:18:46.113root 11241100x80000000000000003907186Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.113{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0e1dd04aa2786fd2022-01-11 12:18:46.113root 11241100x80000000000000003907187Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.113{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08fad1710da97a502022-01-11 12:18:46.113root 11241100x80000000000000003907188Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.113{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.52fd128c808703402022-01-11 12:18:46.113root 11241100x80000000000000003907189Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.113{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c3e5cabfe52e4782022-01-11 12:18:46.113root 11241100x80000000000000003907190Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.113{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9b021028ec7426d2022-01-11 12:18:46.113root 11241100x80000000000000003907191Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.113{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.537cb62e2f488e042022-01-11 12:18:46.113root 11241100x80000000000000003907192Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.113{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39442bfce89350172022-01-11 12:18:46.113root 11241100x80000000000000003907193Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.114{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3872e8dde1155f4a2022-01-11 12:18:46.114root 11241100x80000000000000003907194Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.114{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2abb078282817ae02022-01-11 12:18:46.114root 11241100x80000000000000003907195Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.114{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d184884fda9f84d42022-01-11 12:18:46.114root 11241100x80000000000000003907196Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.114{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7cc146e80d460e0d2022-01-11 12:18:46.114root 11241100x80000000000000003907197Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.114{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.edc33c7c55c9f48e2022-01-11 12:18:46.114root 11241100x80000000000000003907198Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.114{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1809a312a52c5c4b2022-01-11 12:18:46.114root 11241100x80000000000000003907199Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01602d55051065f22022-01-11 12:18:46.583root 11241100x80000000000000003907200Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.685b34924ab21a012022-01-11 12:18:46.583root 11241100x80000000000000003907201Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f90cbf98b2fcb20f2022-01-11 12:18:46.583root 11241100x80000000000000003907202Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.abf09a1fb57da2a12022-01-11 12:18:46.583root 11241100x80000000000000003907203Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae4ea88782eb745d2022-01-11 12:18:46.584root 11241100x80000000000000003907204Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2c7569f38cbb6452022-01-11 12:18:46.584root 11241100x80000000000000003907205Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7e84a5d5c2a1ae72022-01-11 12:18:46.584root 11241100x80000000000000003907206Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6fa79d5db96444312022-01-11 12:18:46.584root 11241100x80000000000000003907207Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ffeba8ed74397a62022-01-11 12:18:46.584root 11241100x80000000000000003907208Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d10d821cf81bca592022-01-11 12:18:46.584root 11241100x80000000000000003907209Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ebb0146dddda4522022-01-11 12:18:46.584root 11241100x80000000000000003907210Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2126af6a0c38fea62022-01-11 12:18:46.585root 11241100x80000000000000003907211Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4eeed4a9e360c8672022-01-11 12:18:46.585root 11241100x80000000000000003907212Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4a1b41f002161092022-01-11 12:18:46.585root 11241100x80000000000000003907213Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65e5848ab9a49a8c2022-01-11 12:18:46.585root 11241100x80000000000000003907214Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c597570a4ccaf76e2022-01-11 12:18:46.585root 11241100x80000000000000003907215Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.744df4fa2dc869562022-01-11 12:18:46.585root 11241100x80000000000000003907216Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c67bd965f30f68a12022-01-11 12:18:46.585root 11241100x80000000000000003907217Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.52b0d3793a38e1132022-01-11 12:18:46.586root 11241100x80000000000000003907218Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e0c6536351b8c1c2022-01-11 12:18:46.586root 11241100x80000000000000003907219Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.efa712f2bc86cd102022-01-11 12:18:46.586root 11241100x80000000000000003907220Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.70cfad6a69b74c712022-01-11 12:18:46.586root 11241100x80000000000000003907221Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50f78d8b23fef6b12022-01-11 12:18:46.586root 11241100x80000000000000003907222Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69aa4c958d4423cc2022-01-11 12:18:46.586root 11241100x80000000000000003907223Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aac8867486ac61752022-01-11 12:18:46.587root 11241100x80000000000000003907224Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.399f9c3dd500a7212022-01-11 12:18:46.587root 11241100x80000000000000003907225Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a8861ef879d85cf2022-01-11 12:18:46.587root 11241100x80000000000000003907226Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25bfe060255c40d42022-01-11 12:18:46.587root 11241100x80000000000000003907227Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba46c155f98147232022-01-11 12:18:46.587root 11241100x80000000000000003907228Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.609776b0e94941292022-01-11 12:18:46.587root 11241100x80000000000000003907229Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b24232bb2ed57cd2022-01-11 12:18:46.588root 11241100x80000000000000003907230Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:46.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d45a5b2d1aa7f862022-01-11 12:18:46.588root 11241100x80000000000000003907231Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d742911a572bd2942022-01-11 12:18:47.083root 11241100x80000000000000003907232Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.64eed3e7a5db361b2022-01-11 12:18:47.083root 11241100x80000000000000003907233Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2bfe243f50c697d62022-01-11 12:18:47.084root 11241100x80000000000000003907234Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.011941776ad360162022-01-11 12:18:47.084root 11241100x80000000000000003907235Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.45e756fdeb6091c02022-01-11 12:18:47.084root 11241100x80000000000000003907236Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2f7c1dca4fd280c2022-01-11 12:18:47.084root 11241100x80000000000000003907237Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd2e21632cab4f3b2022-01-11 12:18:47.085root 11241100x80000000000000003907238Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5149cb65705d96982022-01-11 12:18:47.085root 11241100x80000000000000003907239Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba5c7ffa067207b22022-01-11 12:18:47.085root 11241100x80000000000000003907240Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86222356bf08f7042022-01-11 12:18:47.085root 11241100x80000000000000003907241Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.71527efd39a7ff642022-01-11 12:18:47.085root 11241100x80000000000000003907242Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1e186116db622f622022-01-11 12:18:47.085root 11241100x80000000000000003907243Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb7071c73cb673722022-01-11 12:18:47.085root 11241100x80000000000000003907244Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95d152d98f9e6e2b2022-01-11 12:18:47.086root 11241100x80000000000000003907245Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b324c77bccf195a62022-01-11 12:18:47.086root 11241100x80000000000000003907246Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02d056415c58616f2022-01-11 12:18:47.086root 11241100x80000000000000003907247Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ecc736d9f67690052022-01-11 12:18:47.086root 11241100x80000000000000003907248Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.daa2badb1935bceb2022-01-11 12:18:47.086root 11241100x80000000000000003907249Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae794ded3b18d4ef2022-01-11 12:18:47.086root 11241100x80000000000000003907250Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0828bac0d91397c72022-01-11 12:18:47.086root 11241100x80000000000000003907251Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ae5b9375c7d02722022-01-11 12:18:47.087root 11241100x80000000000000003907252Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c47192bf6042ed542022-01-11 12:18:47.087root 11241100x80000000000000003907253Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4d82a163ab6b30232022-01-11 12:18:47.087root 11241100x80000000000000003907254Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21d11e8469cf8f052022-01-11 12:18:47.087root 11241100x80000000000000003907255Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.895f8673da2720202022-01-11 12:18:47.087root 11241100x80000000000000003907256Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b1f827df36ca7bd2022-01-11 12:18:47.087root 11241100x80000000000000003907257Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96ad6c2ae0dfe8aa2022-01-11 12:18:47.087root 11241100x80000000000000003907258Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df2c24ece89afea72022-01-11 12:18:47.090root 11241100x80000000000000003907259Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4bb293b415999be12022-01-11 12:18:47.090root 11241100x80000000000000003907260Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3012fad6bb2ff1dd2022-01-11 12:18:47.090root 11241100x80000000000000003907261Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b81fa04148f2aa972022-01-11 12:18:47.090root 11241100x80000000000000003907262Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.efa4859524ddd4b32022-01-11 12:18:47.090root 11241100x80000000000000003907263Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc4a080339df298d2022-01-11 12:18:47.090root 11241100x80000000000000003907264Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.925aef0bf71ca74d2022-01-11 12:18:47.090root 11241100x80000000000000003907265Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb7f2196cb042e9d2022-01-11 12:18:47.091root 11241100x80000000000000003907266Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80a7cd61c0abdd482022-01-11 12:18:47.091root 11241100x80000000000000003907267Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8d2e70e9826c0972022-01-11 12:18:47.583root 11241100x80000000000000003907268Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab109f1f15d34f1d2022-01-11 12:18:47.584root 11241100x80000000000000003907269Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.866bfc5c11f804eb2022-01-11 12:18:47.584root 11241100x80000000000000003907270Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dab52c494c0293592022-01-11 12:18:47.584root 11241100x80000000000000003907271Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.896a90e1eab1245b2022-01-11 12:18:47.584root 11241100x80000000000000003907272Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f215ee374341b8e52022-01-11 12:18:47.584root 11241100x80000000000000003907273Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1e6ac7ef5c404ec2022-01-11 12:18:47.585root 11241100x80000000000000003907274Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.140974a1d6378de32022-01-11 12:18:47.585root 11241100x80000000000000003907275Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7eb42f95ea0d1892022-01-11 12:18:47.585root 11241100x80000000000000003907276Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00c1bb9d28c01daa2022-01-11 12:18:47.585root 11241100x80000000000000003907277Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8cf7b0b5a9b15ea12022-01-11 12:18:47.585root 11241100x80000000000000003907278Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b524eda6b5d72b02022-01-11 12:18:47.585root 11241100x80000000000000003907279Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ec749f6d48b2d492022-01-11 12:18:47.585root 11241100x80000000000000003907280Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.78c39553d83983772022-01-11 12:18:47.586root 11241100x80000000000000003907281Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62752c833e092fdd2022-01-11 12:18:47.586root 11241100x80000000000000003907282Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cbc3291d89a5944e2022-01-11 12:18:47.586root 11241100x80000000000000003907283Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2122ce5ed9a7171b2022-01-11 12:18:47.586root 11241100x80000000000000003907284Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17995800c6f654a82022-01-11 12:18:47.586root 11241100x80000000000000003907285Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da9f8c200706f0962022-01-11 12:18:47.586root 11241100x80000000000000003907286Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bed1be9a0c8d07182022-01-11 12:18:47.586root 11241100x80000000000000003907287Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69ef44116bb139292022-01-11 12:18:47.586root 11241100x80000000000000003907288Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65350a451bef79cf2022-01-11 12:18:47.586root 11241100x80000000000000003907289Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6527182be45eab82022-01-11 12:18:47.586root 11241100x80000000000000003907290Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd851b7075d423ec2022-01-11 12:18:47.586root 11241100x80000000000000003907291Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.591cb88fe0f2e09d2022-01-11 12:18:47.586root 11241100x80000000000000003907292Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57207401a73b1df62022-01-11 12:18:47.586root 11241100x80000000000000003907293Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2e1679d6e32a9d72022-01-11 12:18:47.587root 11241100x80000000000000003907294Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ca26a602652054d2022-01-11 12:18:47.587root 11241100x80000000000000003907295Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc1a328fa1dd0a5b2022-01-11 12:18:47.587root 11241100x80000000000000003907296Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9836f479c0172a462022-01-11 12:18:47.587root 11241100x80000000000000003907297Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.618bed22941d5e8b2022-01-11 12:18:47.587root 11241100x80000000000000003907298Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6fdcb4a20754852f2022-01-11 12:18:47.587root 11241100x80000000000000003907299Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.149edb503cfa1d0e2022-01-11 12:18:47.587root 11241100x80000000000000003907300Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9775906e2ebed9fd2022-01-11 12:18:47.587root 11241100x80000000000000003907301Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5aa21cdc6d2c0262022-01-11 12:18:47.587root 11241100x80000000000000003907302Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:47.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1579a9e2705c78a52022-01-11 12:18:47.587root 11241100x80000000000000003907303Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f4f305b92e0d3d12022-01-11 12:18:48.083root 11241100x80000000000000003907304Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c204859d51339412022-01-11 12:18:48.083root 11241100x80000000000000003907305Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3c096aece8d60662022-01-11 12:18:48.083root 11241100x80000000000000003907306Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3df7ccead58d36c12022-01-11 12:18:48.083root 11241100x80000000000000003907307Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8220856ac68c1dcf2022-01-11 12:18:48.084root 11241100x80000000000000003907308Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06d7d604eb4da2ad2022-01-11 12:18:48.084root 11241100x80000000000000003907309Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10bbd746096a06bd2022-01-11 12:18:48.084root 11241100x80000000000000003907310Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb7cd591e219dc842022-01-11 12:18:48.084root 11241100x80000000000000003907311Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.492cdbc11b12db152022-01-11 12:18:48.084root 11241100x80000000000000003907312Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db0c569ef670ae962022-01-11 12:18:48.084root 11241100x80000000000000003907313Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5968432f3e8d78112022-01-11 12:18:48.084root 11241100x80000000000000003907314Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a99a34007ed6e212022-01-11 12:18:48.084root 11241100x80000000000000003907315Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ecfe98ab5e4765212022-01-11 12:18:48.084root 11241100x80000000000000003907316Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbf367c4f4afbcf62022-01-11 12:18:48.085root 11241100x80000000000000003907317Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3421d39c9560adc2022-01-11 12:18:48.085root 11241100x80000000000000003907318Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89e46fb2752a67982022-01-11 12:18:48.085root 11241100x80000000000000003907319Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a276c30dca8238bf2022-01-11 12:18:48.085root 11241100x80000000000000003907320Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba0548716a5d89842022-01-11 12:18:48.086root 11241100x80000000000000003907321Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eeabe72ea13dea1c2022-01-11 12:18:48.086root 11241100x80000000000000003907322Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.843cb27af9b7b1f72022-01-11 12:18:48.086root 11241100x80000000000000003907323Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d4596b0d7794b622022-01-11 12:18:48.086root 11241100x80000000000000003907324Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f54388b2435af0f22022-01-11 12:18:48.086root 11241100x80000000000000003907325Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23e44f108d21c25e2022-01-11 12:18:48.086root 11241100x80000000000000003907326Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2cec4acf1c8af32a2022-01-11 12:18:48.087root 11241100x80000000000000003907327Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65121ea9e51ed2c92022-01-11 12:18:48.087root 11241100x80000000000000003907328Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf74c0631ed50dc12022-01-11 12:18:48.087root 11241100x80000000000000003907329Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21748f8854a976872022-01-11 12:18:48.087root 11241100x80000000000000003907330Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d8c2e6ac2b33eae2022-01-11 12:18:48.087root 11241100x80000000000000003907331Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f46a0b34aa7922ee2022-01-11 12:18:48.087root 11241100x80000000000000003907332Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bdb97a2e3a64d05b2022-01-11 12:18:48.088root 11241100x80000000000000003907333Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a170a107cdda62a2022-01-11 12:18:48.088root 11241100x80000000000000003907334Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f14bd40b58a3927e2022-01-11 12:18:48.088root 354300x80000000000000003907335Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.105{ec2d504d-f0f9-61db-30a8-2a40f5550000}5391/opt/splunkforwarder/bin/splunkdroottcpfalsefalse23.91.96.133-31638-false10.0.1.25-8089- 11241100x80000000000000003907336Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80d92e2c412c62d62022-01-11 12:18:48.583root 11241100x80000000000000003907337Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51fa33eb951d03122022-01-11 12:18:48.583root 11241100x80000000000000003907338Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d187c37dbb339d752022-01-11 12:18:48.584root 11241100x80000000000000003907339Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.342c940eb0e3dc632022-01-11 12:18:48.584root 11241100x80000000000000003907340Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7cb336416c96e132022-01-11 12:18:48.584root 11241100x80000000000000003907341Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.87561779a033564f2022-01-11 12:18:48.584root 11241100x80000000000000003907342Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0884d00f5364ee352022-01-11 12:18:48.584root 11241100x80000000000000003907343Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f24f965be2ceddea2022-01-11 12:18:48.584root 11241100x80000000000000003907344Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a20a0f492c60fa932022-01-11 12:18:48.584root 11241100x80000000000000003907345Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f212d00b477443ab2022-01-11 12:18:48.584root 11241100x80000000000000003907346Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dcda0d4f3fe6ba4a2022-01-11 12:18:48.584root 11241100x80000000000000003907347Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48402cff252060a12022-01-11 12:18:48.584root 11241100x80000000000000003907348Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf8dc588c45f9c272022-01-11 12:18:48.585root 11241100x80000000000000003907349Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88083b866329dc672022-01-11 12:18:48.585root 11241100x80000000000000003907350Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3168a73f06cbf8112022-01-11 12:18:48.585root 11241100x80000000000000003907351Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da836197af7bda7a2022-01-11 12:18:48.585root 11241100x80000000000000003907352Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce60292f65c15fff2022-01-11 12:18:48.585root 11241100x80000000000000003907353Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6062a8e59b7246372022-01-11 12:18:48.585root 11241100x80000000000000003907354Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f63b94e1b6e76fc32022-01-11 12:18:48.585root 11241100x80000000000000003907355Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46063f6af988b52f2022-01-11 12:18:48.585root 11241100x80000000000000003907356Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36e772b4a7e9460b2022-01-11 12:18:48.585root 11241100x80000000000000003907357Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.984989ef14c33c0b2022-01-11 12:18:48.585root 11241100x80000000000000003907358Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04d92ac77d31f7062022-01-11 12:18:48.585root 11241100x80000000000000003907359Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18a2574b6c2b24fa2022-01-11 12:18:48.585root 11241100x80000000000000003907360Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2364113efecff802022-01-11 12:18:48.585root 11241100x80000000000000003907361Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44de78dc0fdf24fd2022-01-11 12:18:48.585root 11241100x80000000000000003907362Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eea8a70d587829ac2022-01-11 12:18:48.585root 11241100x80000000000000003907363Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f741d241beff9fd2022-01-11 12:18:48.585root 11241100x80000000000000003907364Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d40296b496243edb2022-01-11 12:18:48.586root 11241100x80000000000000003907365Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aefe2d0e67c259ca2022-01-11 12:18:48.586root 11241100x80000000000000003907366Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6acfb50b05814ce12022-01-11 12:18:48.586root 11241100x80000000000000003907367Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff5de326d72ba5012022-01-11 12:18:48.586root 11241100x80000000000000003907368Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93997c21ebafb8f02022-01-11 12:18:48.586root 11241100x80000000000000003907369Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1ce2def4ce1ab7a2022-01-11 12:18:48.586root 11241100x80000000000000003907370Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ee11244d1b9bb532022-01-11 12:18:48.586root 11241100x80000000000000003907371Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3071a469329807ab2022-01-11 12:18:48.586root 11241100x80000000000000003907372Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a849d7185abccd362022-01-11 12:18:48.586root 11241100x80000000000000003907373Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40c975a4adfb9b522022-01-11 12:18:48.586root 11241100x80000000000000003907374Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f4e213c0df9d4dcd2022-01-11 12:18:48.586root 11241100x80000000000000003907375Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19b194a1d3b1d9492022-01-11 12:18:48.586root 11241100x80000000000000003907376Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7465381a96ffe0e2022-01-11 12:18:48.586root 11241100x80000000000000003907377Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff4bca0aba79d5ea2022-01-11 12:18:48.586root 11241100x80000000000000003907378Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49551d5df4ba346e2022-01-11 12:18:48.586root 11241100x80000000000000003907379Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32495c63f6b62f6c2022-01-11 12:18:48.586root 11241100x80000000000000003907380Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:48.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8ee43cdd6c735e22022-01-11 12:18:48.587root 11241100x80000000000000003907381Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd2c10bf2faece6f2022-01-11 12:18:49.083root 11241100x80000000000000003907382Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7de60378b25ba68d2022-01-11 12:18:49.083root 11241100x80000000000000003907383Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8baca49a6e07844e2022-01-11 12:18:49.083root 11241100x80000000000000003907384Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1456b216f13d30f52022-01-11 12:18:49.083root 11241100x80000000000000003907385Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe29cc9c7cf3bf602022-01-11 12:18:49.084root 11241100x80000000000000003907386Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac3d56bd32ee9b822022-01-11 12:18:49.084root 11241100x80000000000000003907387Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.985e8b7391071a5e2022-01-11 12:18:49.084root 11241100x80000000000000003907388Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.03f388674aa2f7c72022-01-11 12:18:49.084root 11241100x80000000000000003907389Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2bf728d0cef5fda02022-01-11 12:18:49.084root 11241100x80000000000000003907390Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b4277baa27b4aa72022-01-11 12:18:49.084root 11241100x80000000000000003907391Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c011f1c3ddf5bcd2022-01-11 12:18:49.084root 11241100x80000000000000003907392Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c1b4e122b8526c92022-01-11 12:18:49.084root 11241100x80000000000000003907393Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d30425b0bb733212022-01-11 12:18:49.084root 11241100x80000000000000003907394Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1e88351dc05519e2022-01-11 12:18:49.084root 11241100x80000000000000003907395Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ef584aa34010eec2022-01-11 12:18:49.085root 11241100x80000000000000003907396Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.344c67bb64b87b0f2022-01-11 12:18:49.085root 11241100x80000000000000003907397Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0bdb636b3eec7ce42022-01-11 12:18:49.085root 11241100x80000000000000003907398Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab0ff82bd6e0fb332022-01-11 12:18:49.085root 11241100x80000000000000003907399Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef01375a0dd9e6bc2022-01-11 12:18:49.085root 11241100x80000000000000003907400Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b3d002545add4e42022-01-11 12:18:49.085root 11241100x80000000000000003907401Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33d43306e9006c692022-01-11 12:18:49.085root 11241100x80000000000000003907402Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2cf8963b61ee195a2022-01-11 12:18:49.085root 11241100x80000000000000003907403Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.134359b78f7cefc22022-01-11 12:18:49.085root 11241100x80000000000000003907404Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2cb7eeee42bed4042022-01-11 12:18:49.085root 11241100x80000000000000003907405Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e6ecb58dda47ace2022-01-11 12:18:49.085root 11241100x80000000000000003907406Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a55a1272fa31eda42022-01-11 12:18:49.086root 11241100x80000000000000003907407Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a61b90ee1be77ca2022-01-11 12:18:49.086root 11241100x80000000000000003907408Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.574f851aafc151a02022-01-11 12:18:49.086root 11241100x80000000000000003907409Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0bdaea71f851780b2022-01-11 12:18:49.086root 11241100x80000000000000003907410Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.442de8593708b73e2022-01-11 12:18:49.086root 11241100x80000000000000003907411Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67092dd4eb66d8362022-01-11 12:18:49.086root 11241100x80000000000000003907412Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76477591d42c75002022-01-11 12:18:49.086root 11241100x80000000000000003907413Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1e09ede83a7a69d02022-01-11 12:18:49.086root 11241100x80000000000000003907414Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa8f8434830a947c2022-01-11 12:18:49.086root 11241100x80000000000000003907415Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd281f954343c56e2022-01-11 12:18:49.086root 11241100x80000000000000003907416Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b7f7f0c42b92ed72022-01-11 12:18:49.086root 11241100x80000000000000003907417Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35036bb16f3cccf32022-01-11 12:18:49.086root 11241100x80000000000000003907418Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18abbfe0a32ee0b92022-01-11 12:18:49.086root 354300x80000000000000003907419Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.351{ec2d504d-f0f9-61db-30a8-2a40f5550000}5391/opt/splunkforwarder/bin/splunkdroottcpfalsefalse23.91.96.133-32510-false10.0.1.25-8089- 11241100x80000000000000003907420Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.352{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ca2fb96605608522022-01-11 12:18:49.352root 11241100x80000000000000003907421Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.352{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0853dd1f3afd04502022-01-11 12:18:49.352root 11241100x80000000000000003907422Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.352{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8566777c80c0a8922022-01-11 12:18:49.352root 11241100x80000000000000003907423Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.352{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6843f9d1cb5a29352022-01-11 12:18:49.352root 11241100x80000000000000003907424Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.352{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f788d5fc223f9d7f2022-01-11 12:18:49.352root 11241100x80000000000000003907425Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.352{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0af9878ce343c2c2022-01-11 12:18:49.352root 11241100x80000000000000003907426Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.353{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68e9d26e2f18e7852022-01-11 12:18:49.353root 11241100x80000000000000003907427Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.353{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2b24bc9eb516e792022-01-11 12:18:49.353root 11241100x80000000000000003907428Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.353{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.171a9b69737c3e762022-01-11 12:18:49.353root 11241100x80000000000000003907429Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.353{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba9488114d38d75e2022-01-11 12:18:49.353root 11241100x80000000000000003907430Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.353{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c60a67bee278dc42022-01-11 12:18:49.353root 11241100x80000000000000003907431Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.353{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f25a80ae68afc2af2022-01-11 12:18:49.353root 11241100x80000000000000003907432Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.353{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.688dbe8b6e6c28082022-01-11 12:18:49.353root 11241100x80000000000000003907433Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.354{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76d4521975c79f812022-01-11 12:18:49.354root 11241100x80000000000000003907434Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.354{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e8a4cd186de88be2022-01-11 12:18:49.354root 11241100x80000000000000003907435Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.354{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd19400d4f0cd1762022-01-11 12:18:49.354root 11241100x80000000000000003907436Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.354{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bae029235375870f2022-01-11 12:18:49.354root 11241100x80000000000000003907437Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.354{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.470d9f383e1688b02022-01-11 12:18:49.354root 11241100x80000000000000003907438Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.354{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7571d311215f641e2022-01-11 12:18:49.354root 11241100x80000000000000003907439Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.354{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3806acc8577ae2492022-01-11 12:18:49.354root 11241100x80000000000000003907440Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.354{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.472723bd7716e4802022-01-11 12:18:49.354root 11241100x80000000000000003907441Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.355{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b9f13979ef99e2c2022-01-11 12:18:49.355root 11241100x80000000000000003907442Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.355{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5bbd62638afa118b2022-01-11 12:18:49.355root 11241100x80000000000000003907443Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.355{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95727df9c60d749a2022-01-11 12:18:49.355root 11241100x80000000000000003907444Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.355{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c8876f8ef8a919b2022-01-11 12:18:49.355root 11241100x80000000000000003907445Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.355{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.92e0baf3ed3fb2a02022-01-11 12:18:49.355root 11241100x80000000000000003907446Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.355{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.caf19baedee758a92022-01-11 12:18:49.355root 11241100x80000000000000003907447Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.355{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.237e63e521f723ed2022-01-11 12:18:49.355root 11241100x80000000000000003907448Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.355{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57ef408c22dfd3be2022-01-11 12:18:49.355root 11241100x80000000000000003907449Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.355{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69a25fc60068c12a2022-01-11 12:18:49.355root 11241100x80000000000000003907450Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.355{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86dfdc0a331674ce2022-01-11 12:18:49.355root 11241100x80000000000000003907451Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.356{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc681c9d959fb3d42022-01-11 12:18:49.356root 11241100x80000000000000003907452Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.358{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.913a09e19337986a2022-01-11 12:18:49.358root 11241100x80000000000000003907453Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.358{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.874682fd5d8848492022-01-11 12:18:49.358root 11241100x80000000000000003907454Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.359{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90ff9c1f95a9d4572022-01-11 12:18:49.359root 11241100x80000000000000003907455Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.359{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.025da13cb3a4d0d22022-01-11 12:18:49.359root 11241100x80000000000000003907456Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.359{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1ee6f82b6e813ab2022-01-11 12:18:49.359root 11241100x80000000000000003907457Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.359{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d0e767b1e9c2bbd2022-01-11 12:18:49.359root 11241100x80000000000000003907458Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.359{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d82396b52041137f2022-01-11 12:18:49.359root 11241100x80000000000000003907459Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.359{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b97233ef81e8efa2022-01-11 12:18:49.359root 11241100x80000000000000003907460Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.359{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22f94c7b09a3540a2022-01-11 12:18:49.359root 11241100x80000000000000003907461Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.359{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d17e81e1569e31642022-01-11 12:18:49.359root 11241100x80000000000000003907462Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.360{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac8bb77ae953bcff2022-01-11 12:18:49.360root 11241100x80000000000000003907463Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34ffe27aff8c47a62022-01-11 12:18:49.834root 11241100x80000000000000003907464Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.99d113feb49928652022-01-11 12:18:49.834root 11241100x80000000000000003907465Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cdaa2e5237e0ca7e2022-01-11 12:18:49.835root 11241100x80000000000000003907466Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.022199d33a5c41582022-01-11 12:18:49.835root 11241100x80000000000000003907467Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f7330d0169dff03c2022-01-11 12:18:49.835root 11241100x80000000000000003907468Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae29b41004582c5f2022-01-11 12:18:49.835root 11241100x80000000000000003907469Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2504c2f0ae189cb82022-01-11 12:18:49.835root 11241100x80000000000000003907470Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d54df14847c622572022-01-11 12:18:49.835root 11241100x80000000000000003907471Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00773273739ad3602022-01-11 12:18:49.835root 11241100x80000000000000003907472Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc353e9ac49cb48f2022-01-11 12:18:49.836root 11241100x80000000000000003907473Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be827cae30a90ecc2022-01-11 12:18:49.836root 11241100x80000000000000003907474Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41e264129a35f1552022-01-11 12:18:49.836root 11241100x80000000000000003907475Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e45ab5bc90822dfc2022-01-11 12:18:49.836root 11241100x80000000000000003907476Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c71407c5987b882f2022-01-11 12:18:49.836root 11241100x80000000000000003907477Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7799ce652836ce142022-01-11 12:18:49.836root 11241100x80000000000000003907478Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b68bf278711841a72022-01-11 12:18:49.836root 11241100x80000000000000003907479Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ebbc4de628a55a92022-01-11 12:18:49.836root 11241100x80000000000000003907480Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.170b415e109201ca2022-01-11 12:18:49.837root 11241100x80000000000000003907481Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d2b33ad3931a11b2022-01-11 12:18:49.837root 11241100x80000000000000003907482Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7dfa15892676c8a2022-01-11 12:18:49.837root 11241100x80000000000000003907483Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.491bde8b46995fb02022-01-11 12:18:49.837root 11241100x80000000000000003907484Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6027348a59bdcbf2022-01-11 12:18:49.837root 11241100x80000000000000003907485Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.882ea3b40ad2dd512022-01-11 12:18:49.837root 11241100x80000000000000003907486Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69cbf8f391dd70092022-01-11 12:18:49.837root 11241100x80000000000000003907487Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6327c18c3c4235d42022-01-11 12:18:49.837root 11241100x80000000000000003907488Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ade0fb54cb6f2bb2022-01-11 12:18:49.837root 11241100x80000000000000003907489Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a73b266ad8b676812022-01-11 12:18:49.838root 11241100x80000000000000003907490Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80d1b1c9dde27ccb2022-01-11 12:18:49.838root 11241100x80000000000000003907491Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2831e73393b14f862022-01-11 12:18:49.838root 11241100x80000000000000003907492Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d685592e82942782022-01-11 12:18:49.838root 11241100x80000000000000003907493Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77b4cc94f40a83022022-01-11 12:18:49.838root 11241100x80000000000000003907494Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.caf9eae3f40c5ba22022-01-11 12:18:49.838root 11241100x80000000000000003907495Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c4c09c4e4e4100b2022-01-11 12:18:49.838root 11241100x80000000000000003907496Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6163f61bc900c2b12022-01-11 12:18:49.838root 11241100x80000000000000003907497Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fac441f3e56ba3392022-01-11 12:18:49.838root 11241100x80000000000000003907498Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4fc46c593e6942d2022-01-11 12:18:49.838root 11241100x80000000000000003907499Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e641f685d2bb269a2022-01-11 12:18:49.838root 11241100x80000000000000003907500Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d2e0dc59086da9a2022-01-11 12:18:49.838root 11241100x80000000000000003907501Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0e7f101f876fa6c2022-01-11 12:18:49.839root 11241100x80000000000000003907502Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.942bd8ec285e99192022-01-11 12:18:49.839root 11241100x80000000000000003907503Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:49.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ddc51bfc82746bf92022-01-11 12:18:49.839root 11241100x80000000000000003907504Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ede35d49b0116b12022-01-11 12:18:50.333root 11241100x80000000000000003907505Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.723b099007b1148a2022-01-11 12:18:50.333root 11241100x80000000000000003907506Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1dd5b38e1bf2c91f2022-01-11 12:18:50.334root 11241100x80000000000000003907507Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b7e2503af5acb692022-01-11 12:18:50.334root 11241100x80000000000000003907508Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4afc9d4f1ac69bbf2022-01-11 12:18:50.334root 11241100x80000000000000003907509Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.078a39d7fd240c2e2022-01-11 12:18:50.334root 11241100x80000000000000003907510Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7113c1446ee91b72022-01-11 12:18:50.334root 11241100x80000000000000003907511Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1437e46bd4d2bdd2022-01-11 12:18:50.334root 11241100x80000000000000003907512Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b829a5c0514c0eca2022-01-11 12:18:50.334root 11241100x80000000000000003907513Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2fed8c1e1338da302022-01-11 12:18:50.334root 11241100x80000000000000003907514Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21dedb82eb28d13b2022-01-11 12:18:50.334root 11241100x80000000000000003907515Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b5652fb018074e802022-01-11 12:18:50.335root 11241100x80000000000000003907516Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a5e06edd8dbaa1d2022-01-11 12:18:50.335root 11241100x80000000000000003907517Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ed072a1951b46562022-01-11 12:18:50.335root 11241100x80000000000000003907518Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.925e908f518808c42022-01-11 12:18:50.335root 11241100x80000000000000003907519Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d00c700fa094d8942022-01-11 12:18:50.335root 11241100x80000000000000003907520Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b8b49a38306910c2022-01-11 12:18:50.335root 11241100x80000000000000003907521Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3498006b9783f2882022-01-11 12:18:50.335root 11241100x80000000000000003907522Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e4a330f15c67a4e2022-01-11 12:18:50.335root 11241100x80000000000000003907523Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a95c85983aa332d2022-01-11 12:18:50.336root 11241100x80000000000000003907524Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04655deb05347f4c2022-01-11 12:18:50.336root 11241100x80000000000000003907525Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e35ace1e00aa2d132022-01-11 12:18:50.336root 11241100x80000000000000003907526Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f0d3eda878fe3b02022-01-11 12:18:50.336root 11241100x80000000000000003907527Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.208360a1df3918bb2022-01-11 12:18:50.336root 11241100x80000000000000003907528Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6eaa8ee4ff434d22022-01-11 12:18:50.336root 11241100x80000000000000003907529Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21be1afcaf0a9f3c2022-01-11 12:18:50.336root 11241100x80000000000000003907530Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d69760117aac9d32022-01-11 12:18:50.336root 11241100x80000000000000003907531Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3fc0b6a3077f16732022-01-11 12:18:50.336root 11241100x80000000000000003907532Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0354f3c0c164a37f2022-01-11 12:18:50.336root 11241100x80000000000000003907533Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9bc4ee7d387b7a732022-01-11 12:18:50.336root 11241100x80000000000000003907534Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7270bc1cdf0a72b42022-01-11 12:18:50.336root 11241100x80000000000000003907535Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.31c8ddee5f9feb2a2022-01-11 12:18:50.336root 11241100x80000000000000003907536Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.884ba7a303be72242022-01-11 12:18:50.336root 11241100x80000000000000003907537Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32af09c1c5767a0c2022-01-11 12:18:50.336root 11241100x80000000000000003907538Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7f9a1f17568a6172022-01-11 12:18:50.337root 11241100x80000000000000003907539Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f46864fb81478df42022-01-11 12:18:50.337root 11241100x80000000000000003907540Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b1a7b28e48243e62022-01-11 12:18:50.833root 11241100x80000000000000003907541Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35e7a4c12e0099972022-01-11 12:18:50.834root 11241100x80000000000000003907542Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b50ab6723b210872022-01-11 12:18:50.834root 11241100x80000000000000003907543Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7df1bc96bc805b4d2022-01-11 12:18:50.834root 11241100x80000000000000003907544Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d826e69c4a6557802022-01-11 12:18:50.834root 11241100x80000000000000003907545Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.188148cd4394001e2022-01-11 12:18:50.834root 11241100x80000000000000003907546Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf5e7dd96688f69a2022-01-11 12:18:50.834root 11241100x80000000000000003907547Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.028215e793a95d512022-01-11 12:18:50.834root 11241100x80000000000000003907548Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2de9a68bc6c6cef2022-01-11 12:18:50.834root 11241100x80000000000000003907549Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d03344cedc93f4c2022-01-11 12:18:50.834root 11241100x80000000000000003907550Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e21898ce2d5230ee2022-01-11 12:18:50.834root 11241100x80000000000000003907551Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.166cf1c1ed4bfda02022-01-11 12:18:50.834root 11241100x80000000000000003907552Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f75d007393ccfec12022-01-11 12:18:50.835root 11241100x80000000000000003907553Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.448feb306cb68c282022-01-11 12:18:50.835root 11241100x80000000000000003907554Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.690bc09d6e07eb0b2022-01-11 12:18:50.835root 11241100x80000000000000003907555Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b04746f985142c52022-01-11 12:18:50.835root 11241100x80000000000000003907556Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.03b7a738161d152d2022-01-11 12:18:50.835root 11241100x80000000000000003907557Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1cd4c377817609fa2022-01-11 12:18:50.836root 11241100x80000000000000003907558Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36a0cc8fa49153ca2022-01-11 12:18:50.836root 11241100x80000000000000003907559Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf57567dd58054f02022-01-11 12:18:50.836root 11241100x80000000000000003907560Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b390f7b217ef58c2022-01-11 12:18:50.836root 11241100x80000000000000003907561Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2d7e3a5a192fbeb2022-01-11 12:18:50.836root 11241100x80000000000000003907562Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c3bceaa9dc1055572022-01-11 12:18:50.836root 11241100x80000000000000003907563Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a053f166b26575ff2022-01-11 12:18:50.836root 11241100x80000000000000003907564Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19f60147dd425b392022-01-11 12:18:50.836root 11241100x80000000000000003907565Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a85f5f61b226c2152022-01-11 12:18:50.836root 11241100x80000000000000003907566Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6738ee1954f76992022-01-11 12:18:50.836root 11241100x80000000000000003907567Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a6e1c00933937362022-01-11 12:18:50.837root 11241100x80000000000000003907568Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9091fc9ec52017ca2022-01-11 12:18:50.837root 11241100x80000000000000003907569Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.352f5b72574a97c22022-01-11 12:18:50.837root 11241100x80000000000000003907570Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7eea314cc55e539d2022-01-11 12:18:50.837root 11241100x80000000000000003907571Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f446a69e6a0a3a72022-01-11 12:18:50.837root 11241100x80000000000000003907572Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1ddc19bf0e027f42022-01-11 12:18:50.837root 11241100x80000000000000003907573Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d528956b181d5ef92022-01-11 12:18:50.837root 11241100x80000000000000003907574Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7cce07a1dfad1bdc2022-01-11 12:18:50.837root 11241100x80000000000000003907575Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.386eebd574f6a1362022-01-11 12:18:50.837root 11241100x80000000000000003907576Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:50.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67c2e1a17376d8482022-01-11 12:18:50.837root 354300x80000000000000003907577Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.148{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56256-false10.0.1.12-8000- 11241100x80000000000000003907578Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.149{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9484667c52347172022-01-11 12:18:51.149root 11241100x80000000000000003907579Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.149{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf9a159cda22ea912022-01-11 12:18:51.149root 11241100x80000000000000003907580Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.150{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fc2b4e74a6a2b2a2022-01-11 12:18:51.150root 11241100x80000000000000003907581Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.150{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83a35a80badbd8ab2022-01-11 12:18:51.150root 11241100x80000000000000003907582Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.150{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.051bb55d4b744c672022-01-11 12:18:51.150root 11241100x80000000000000003907583Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.150{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce83dbe8c593b3002022-01-11 12:18:51.150root 11241100x80000000000000003907584Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.150{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62e69ed52b7ae1c02022-01-11 12:18:51.150root 11241100x80000000000000003907585Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.151{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b321915dedaef2032022-01-11 12:18:51.151root 11241100x80000000000000003907586Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.151{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bcbb12cf19922f462022-01-11 12:18:51.151root 11241100x80000000000000003907587Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.151{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09b0adcb692a8dc62022-01-11 12:18:51.151root 11241100x80000000000000003907588Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.151{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf8b485432474c752022-01-11 12:18:51.151root 11241100x80000000000000003907589Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.152{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8222bbc49d75a22e2022-01-11 12:18:51.152root 11241100x80000000000000003907590Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.152{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33c231e9d96af7f12022-01-11 12:18:51.152root 11241100x80000000000000003907591Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.152{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fb33d169ca017692022-01-11 12:18:51.152root 11241100x80000000000000003907592Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.152{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3fa1751236c9d0b12022-01-11 12:18:51.152root 11241100x80000000000000003907593Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.153{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7e64f4b5f14a80b2022-01-11 12:18:51.153root 11241100x80000000000000003907594Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.153{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.874e6a71471e25652022-01-11 12:18:51.153root 11241100x80000000000000003907595Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.153{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f9a9c21d7f581a82022-01-11 12:18:51.153root 11241100x80000000000000003907596Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.154{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b92e103fc3c2c4fb2022-01-11 12:18:51.154root 11241100x80000000000000003907597Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.154{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34795c6f0ba84b832022-01-11 12:18:51.154root 11241100x80000000000000003907598Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.154{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51cf7a43a3743caf2022-01-11 12:18:51.154root 11241100x80000000000000003907599Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.154{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9a3ddc68915ef9b2022-01-11 12:18:51.154root 11241100x80000000000000003907600Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.154{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af098cee68b6e3302022-01-11 12:18:51.154root 11241100x80000000000000003907601Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.154{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ba6731df53e8aa62022-01-11 12:18:51.154root 11241100x80000000000000003907602Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.155{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae934840128490d72022-01-11 12:18:51.155root 11241100x80000000000000003907603Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.155{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f405f89cfed951dc2022-01-11 12:18:51.155root 11241100x80000000000000003907604Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.155{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfc8ba743fff62132022-01-11 12:18:51.155root 11241100x80000000000000003907605Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.155{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.480928dfeb9b7ffb2022-01-11 12:18:51.155root 11241100x80000000000000003907606Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.155{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90d092ead68d73d52022-01-11 12:18:51.155root 11241100x80000000000000003907607Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.155{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c578287869198b212022-01-11 12:18:51.155root 11241100x80000000000000003907608Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.155{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd258d44f760fcc52022-01-11 12:18:51.155root 11241100x80000000000000003907609Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.155{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ccd9991511f771c2022-01-11 12:18:51.155root 11241100x80000000000000003907610Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.156{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6ae64428ed94db82022-01-11 12:18:51.156root 11241100x80000000000000003907611Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.156{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77ea83b74db1258d2022-01-11 12:18:51.156root 11241100x80000000000000003907612Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.156{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34c260189a7ed6a72022-01-11 12:18:51.156root 11241100x80000000000000003907613Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.156{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17f4205869ebdefc2022-01-11 12:18:51.156root 11241100x80000000000000003907614Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.156{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eec192416bf5e1602022-01-11 12:18:51.156root 11241100x80000000000000003907615Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.156{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.585006452e0d08a02022-01-11 12:18:51.156root 11241100x80000000000000003907616Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.157{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e12a3fdee4d410af2022-01-11 12:18:51.157root 11241100x80000000000000003907617Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.157{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7bd61275bb33b872022-01-11 12:18:51.157root 11241100x80000000000000003907618Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.157{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db1e79d2e731d57c2022-01-11 12:18:51.157root 11241100x80000000000000003907619Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.157{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8520050984c5a3ab2022-01-11 12:18:51.157root 11241100x80000000000000003907620Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.157{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25f7f983ebd25a652022-01-11 12:18:51.157root 11241100x80000000000000003907621Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.157{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b1b00a84fb3f8f22022-01-11 12:18:51.157root 11241100x80000000000000003907622Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40c7858f4e8ad9e52022-01-11 12:18:51.583root 11241100x80000000000000003907623Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2cbd38f7166671d2022-01-11 12:18:51.583root 11241100x80000000000000003907624Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.809c4405311668362022-01-11 12:18:51.583root 11241100x80000000000000003907625Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8724a9de84da64a2022-01-11 12:18:51.583root 11241100x80000000000000003907626Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.914f761b675985602022-01-11 12:18:51.583root 11241100x80000000000000003907627Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55088d7bb1518b3d2022-01-11 12:18:51.584root 11241100x80000000000000003907628Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48fcc037f571666e2022-01-11 12:18:51.584root 11241100x80000000000000003907629Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33149c9310b37a7b2022-01-11 12:18:51.584root 11241100x80000000000000003907630Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de7be8882b95b5112022-01-11 12:18:51.584root 11241100x80000000000000003907631Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d09b4c27320303d2022-01-11 12:18:51.584root 11241100x80000000000000003907632Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0601fbc4680a77f2022-01-11 12:18:51.584root 11241100x80000000000000003907633Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a0ab03ed3a5fbaf2022-01-11 12:18:51.584root 11241100x80000000000000003907634Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.75ca25c0be3810312022-01-11 12:18:51.584root 11241100x80000000000000003907635Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1583d03e4cd2d4752022-01-11 12:18:51.585root 11241100x80000000000000003907636Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e5815dcd0a7f86d22022-01-11 12:18:51.585root 11241100x80000000000000003907637Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73ca1ea78e38029e2022-01-11 12:18:51.585root 11241100x80000000000000003907638Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c6d0728b32ac8be2022-01-11 12:18:51.585root 11241100x80000000000000003907639Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74bf83c21098cff12022-01-11 12:18:51.585root 11241100x80000000000000003907640Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7021fe1372fda292022-01-11 12:18:51.585root 11241100x80000000000000003907641Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3edbeae3fc7af83e2022-01-11 12:18:51.586root 11241100x80000000000000003907642Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19780d073bbd59f32022-01-11 12:18:51.586root 11241100x80000000000000003907643Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.976bd3cf376528ab2022-01-11 12:18:51.586root 11241100x80000000000000003907644Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2432cb8715cc764f2022-01-11 12:18:51.586root 11241100x80000000000000003907645Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a631e563cdcfc422022-01-11 12:18:51.586root 11241100x80000000000000003907646Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6a1e4c51be8dd882022-01-11 12:18:51.586root 11241100x80000000000000003907647Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd00d3624b3d205c2022-01-11 12:18:51.586root 11241100x80000000000000003907648Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.706d046aa9b23b4f2022-01-11 12:18:51.587root 11241100x80000000000000003907649Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.300c3066748ba00d2022-01-11 12:18:51.587root 11241100x80000000000000003907650Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8595e82da2cc4fd82022-01-11 12:18:51.587root 11241100x80000000000000003907651Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.934b4fcfeb56036d2022-01-11 12:18:51.587root 11241100x80000000000000003907652Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7cae15cee86f5de2022-01-11 12:18:51.587root 11241100x80000000000000003907653Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1ce6ec4fd64f6582022-01-11 12:18:51.587root 11241100x80000000000000003907654Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a0907159b9871da2022-01-11 12:18:51.588root 11241100x80000000000000003907655Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f003d14366216ed82022-01-11 12:18:51.588root 11241100x80000000000000003907656Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:51.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2bfa247a709c5abf2022-01-11 12:18:51.588root 11241100x80000000000000003907657Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b5878b724b67e9b52022-01-11 12:18:52.083root 11241100x80000000000000003907658Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d1cc9ba213a52bd2022-01-11 12:18:52.083root 11241100x80000000000000003907659Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eea9c7d57d3ac78f2022-01-11 12:18:52.083root 11241100x80000000000000003907660Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82ac3237d663c49d2022-01-11 12:18:52.084root 11241100x80000000000000003907661Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff5a54e8d1646d162022-01-11 12:18:52.084root 11241100x80000000000000003907662Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.063c84d2663cc2ac2022-01-11 12:18:52.084root 11241100x80000000000000003907663Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea6c6baf002b95762022-01-11 12:18:52.084root 11241100x80000000000000003907664Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93665e23fc92db322022-01-11 12:18:52.084root 11241100x80000000000000003907665Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f501ad91522cbf42022-01-11 12:18:52.084root 11241100x80000000000000003907666Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57101f83fe14f0752022-01-11 12:18:52.084root 11241100x80000000000000003907667Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42dfde9dd77c64e52022-01-11 12:18:52.085root 11241100x80000000000000003907668Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.105e9cbd401622202022-01-11 12:18:52.085root 11241100x80000000000000003907669Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a59c3bb2ac050432022-01-11 12:18:52.085root 11241100x80000000000000003907670Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6f0dfa8cc3072cb2022-01-11 12:18:52.085root 11241100x80000000000000003907671Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84310bbe3f94cb3d2022-01-11 12:18:52.085root 11241100x80000000000000003907672Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.081304433e3989002022-01-11 12:18:52.085root 11241100x80000000000000003907673Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12e4cc7b76e6cbfe2022-01-11 12:18:52.085root 11241100x80000000000000003907674Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8b559053e9cc0802022-01-11 12:18:52.085root 11241100x80000000000000003907675Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6de6b36480b5e9f92022-01-11 12:18:52.085root 11241100x80000000000000003907676Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a826890e9d4c6b812022-01-11 12:18:52.086root 11241100x80000000000000003907677Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d50b6b6b26ca4ccb2022-01-11 12:18:52.086root 11241100x80000000000000003907678Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ede2506d13cfc8f22022-01-11 12:18:52.086root 11241100x80000000000000003907679Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.439895e76ab844cc2022-01-11 12:18:52.086root 11241100x80000000000000003907680Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7de93111db5b38252022-01-11 12:18:52.086root 11241100x80000000000000003907681Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f43236a2a2e7dcd2022-01-11 12:18:52.086root 11241100x80000000000000003907682Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.903c762a0645b3c62022-01-11 12:18:52.086root 11241100x80000000000000003907683Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c20a93046e7d118a2022-01-11 12:18:52.087root 11241100x80000000000000003907684Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb3082a5cc84d1462022-01-11 12:18:52.087root 11241100x80000000000000003907685Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9278af67fc530132022-01-11 12:18:52.087root 11241100x80000000000000003907686Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.731dfe7638b39ce32022-01-11 12:18:52.087root 11241100x80000000000000003907687Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0058394d8c413ce2022-01-11 12:18:52.087root 11241100x80000000000000003907688Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.13cbc0deaa1b87f82022-01-11 12:18:52.088root 11241100x80000000000000003907689Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e56e9bd6ab8dbd92022-01-11 12:18:52.088root 11241100x80000000000000003907690Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44f8dcab85e36e872022-01-11 12:18:52.088root 11241100x80000000000000003907691Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6626392750f1c9f2022-01-11 12:18:52.088root 11241100x80000000000000003907692Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b76bc4f62aaa9452022-01-11 12:18:52.088root 11241100x80000000000000003907693Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.569b7838d6c1d5c02022-01-11 12:18:52.088root 11241100x80000000000000003907694Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df8e0f9f489079bd2022-01-11 12:18:52.583root 11241100x80000000000000003907695Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81c11a244771ed2f2022-01-11 12:18:52.583root 11241100x80000000000000003907696Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.617f80439071638f2022-01-11 12:18:52.583root 11241100x80000000000000003907697Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9312ab3ec9aa1302022-01-11 12:18:52.583root 11241100x80000000000000003907698Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8110b97d94942da52022-01-11 12:18:52.584root 11241100x80000000000000003907699Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.641d52ea7767d3cb2022-01-11 12:18:52.584root 11241100x80000000000000003907700Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe97a612cdcb09b32022-01-11 12:18:52.584root 11241100x80000000000000003907701Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08b79389d32ab1342022-01-11 12:18:52.584root 11241100x80000000000000003907702Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19951b78ca1a6fe12022-01-11 12:18:52.584root 11241100x80000000000000003907703Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1d50ff5452792562022-01-11 12:18:52.584root 11241100x80000000000000003907704Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e80de2ed1aac6ab52022-01-11 12:18:52.585root 11241100x80000000000000003907705Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ac2347d70f894ee2022-01-11 12:18:52.585root 11241100x80000000000000003907706Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3f5fec5d9058f0b2022-01-11 12:18:52.585root 11241100x80000000000000003907707Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f9583a6ee05781cb2022-01-11 12:18:52.585root 11241100x80000000000000003907708Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.535ca5cfd5f259902022-01-11 12:18:52.585root 11241100x80000000000000003907709Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9a66105c4f6756d2022-01-11 12:18:52.585root 11241100x80000000000000003907710Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41c7535258f68feb2022-01-11 12:18:52.585root 11241100x80000000000000003907711Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6231bae143bfd81b2022-01-11 12:18:52.586root 11241100x80000000000000003907712Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2154b5bc4ab77ef2022-01-11 12:18:52.586root 11241100x80000000000000003907713Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bcbda33c5a1048312022-01-11 12:18:52.586root 11241100x80000000000000003907714Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49d05e5ae190dc2e2022-01-11 12:18:52.586root 11241100x80000000000000003907715Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d0e60060dd52e1ac2022-01-11 12:18:52.586root 11241100x80000000000000003907716Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1265a6ecce9d56fa2022-01-11 12:18:52.586root 11241100x80000000000000003907717Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5685d9777b9f6b332022-01-11 12:18:52.587root 11241100x80000000000000003907718Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4edd40f8b4cc75522022-01-11 12:18:52.587root 11241100x80000000000000003907719Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b75ff99ec11bc2b2022-01-11 12:18:52.587root 11241100x80000000000000003907720Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4eb80073f3c7054b2022-01-11 12:18:52.587root 11241100x80000000000000003907721Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88aabc2c35bc89842022-01-11 12:18:52.587root 11241100x80000000000000003907722Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff93319ad05dec3e2022-01-11 12:18:52.587root 11241100x80000000000000003907723Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.07d164ef9c21cb7a2022-01-11 12:18:52.587root 11241100x80000000000000003907724Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed4aae7c3b82f4fd2022-01-11 12:18:52.588root 11241100x80000000000000003907725Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.826db029fd3ede7f2022-01-11 12:18:52.588root 11241100x80000000000000003907726Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39b69db9e15e5fce2022-01-11 12:18:52.588root 11241100x80000000000000003907727Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.762f1859657d970c2022-01-11 12:18:52.588root 11241100x80000000000000003907728Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63c79f7a837d11e42022-01-11 12:18:52.588root 11241100x80000000000000003907729Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c4d1e23b6835e5cf2022-01-11 12:18:52.588root 11241100x80000000000000003907730Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26fd145fb9fffca32022-01-11 12:18:52.589root 11241100x80000000000000003907731Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8cc92054a61ead292022-01-11 12:18:52.589root 11241100x80000000000000003907732Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0fc32ff3ccae96a92022-01-11 12:18:52.589root 11241100x80000000000000003907733Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2eebf5773ec8ea72022-01-11 12:18:52.589root 11241100x80000000000000003907734Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5cceb6bf57b2d6b22022-01-11 12:18:52.589root 11241100x80000000000000003907735Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3bb1696b9176f96c2022-01-11 12:18:52.589root 11241100x80000000000000003907736Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69778c917ede6af02022-01-11 12:18:52.589root 11241100x80000000000000003907737Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:52.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a775c4b5074b44bb2022-01-11 12:18:52.590root 11241100x80000000000000003907738Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e353fce06483d712022-01-11 12:18:53.083root 11241100x80000000000000003907739Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a092baf1c89143e2022-01-11 12:18:53.083root 11241100x80000000000000003907740Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad835661358024092022-01-11 12:18:53.083root 11241100x80000000000000003907741Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7008e829107bc1732022-01-11 12:18:53.083root 11241100x80000000000000003907742Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09ed2a2cf10b54052022-01-11 12:18:53.084root 11241100x80000000000000003907743Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16ffb70987b7e8ea2022-01-11 12:18:53.084root 11241100x80000000000000003907744Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69f67b7335e7672d2022-01-11 12:18:53.084root 11241100x80000000000000003907745Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8941e6b14b976fa2022-01-11 12:18:53.084root 11241100x80000000000000003907746Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f91155a85995bb22022-01-11 12:18:53.084root 11241100x80000000000000003907747Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf7c656b0131ebcd2022-01-11 12:18:53.084root 11241100x80000000000000003907748Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c981fcdf8d981c422022-01-11 12:18:53.084root 11241100x80000000000000003907749Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.488907eafffea9942022-01-11 12:18:53.084root 11241100x80000000000000003907750Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c4e1c846072c14b62022-01-11 12:18:53.084root 11241100x80000000000000003907751Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68f75ff83f9db4532022-01-11 12:18:53.084root 11241100x80000000000000003907752Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f28761989223e3592022-01-11 12:18:53.085root 11241100x80000000000000003907753Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f76a83cb43fc5d532022-01-11 12:18:53.085root 11241100x80000000000000003907754Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9da4302037195b32022-01-11 12:18:53.085root 11241100x80000000000000003907755Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9357e117275381232022-01-11 12:18:53.085root 11241100x80000000000000003907756Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44b46cde22632b392022-01-11 12:18:53.085root 11241100x80000000000000003907757Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ecaa12bb8b059b732022-01-11 12:18:53.085root 11241100x80000000000000003907758Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6248fc08ca27d522022-01-11 12:18:53.085root 11241100x80000000000000003907759Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2cd04803ca5dcc142022-01-11 12:18:53.085root 11241100x80000000000000003907760Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.376e26e66006552f2022-01-11 12:18:53.086root 11241100x80000000000000003907761Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9630655323d352b2022-01-11 12:18:53.086root 11241100x80000000000000003907762Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2804258ecef1c2402022-01-11 12:18:53.086root 11241100x80000000000000003907763Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6e0c089ed9261bd2022-01-11 12:18:53.086root 11241100x80000000000000003907764Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.884d263823dc7a682022-01-11 12:18:53.086root 11241100x80000000000000003907765Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1cca1913b95a5882022-01-11 12:18:53.086root 11241100x80000000000000003907766Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20a275c09c20f8372022-01-11 12:18:53.086root 11241100x80000000000000003907767Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c3e9dbf1c0af86592022-01-11 12:18:53.086root 11241100x80000000000000003907768Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5646b586ad39162c2022-01-11 12:18:53.086root 11241100x80000000000000003907769Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c88920756c46e262022-01-11 12:18:53.086root 11241100x80000000000000003907770Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f500a3f4c18e9eca2022-01-11 12:18:53.086root 11241100x80000000000000003907771Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf7bff61fb28fa752022-01-11 12:18:53.087root 11241100x80000000000000003907772Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c202c9c55637b05b2022-01-11 12:18:53.087root 11241100x80000000000000003907773Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4056abd5d294bc82022-01-11 12:18:53.087root 11241100x80000000000000003907774Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9db03cdc1cfea142022-01-11 12:18:53.087root 11241100x80000000000000003907775Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dbbe2123a021fc6d2022-01-11 12:18:53.087root 11241100x80000000000000003907776Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f99beb5e2631d0e72022-01-11 12:18:53.089root 11241100x80000000000000003907777Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f51f5d8ddf57ba22022-01-11 12:18:53.090root 11241100x80000000000000003907778Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a46ab750bb53f8082022-01-11 12:18:53.090root 11241100x80000000000000003907779Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b94703e261e97602022-01-11 12:18:53.090root 11241100x80000000000000003907780Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a968799347a1a7872022-01-11 12:18:53.090root 11241100x80000000000000003907781Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ecc9f713d34171c42022-01-11 12:18:53.090root 11241100x80000000000000003907782Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be3ddc81acf436602022-01-11 12:18:53.090root 11241100x80000000000000003907783Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0bfa99bb6e7fd6b22022-01-11 12:18:53.090root 11241100x80000000000000003907784Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ff1cf84e7c4dfa22022-01-11 12:18:53.090root 11241100x80000000000000003907785Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02623a4c8f4b58cb2022-01-11 12:18:53.091root 11241100x80000000000000003907786Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb64176e8b2d7c7c2022-01-11 12:18:53.091root 11241100x80000000000000003907787Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f5fe07bdc554a772022-01-11 12:18:53.091root 11241100x80000000000000003907788Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e733610974fb8dd52022-01-11 12:18:53.091root 11241100x80000000000000003907789Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06cc71d4f826da9d2022-01-11 12:18:53.091root 11241100x80000000000000003907790Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0f36e648471e5232022-01-11 12:18:53.091root 11241100x80000000000000003907791Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d7f8adc4e6fd14b2022-01-11 12:18:53.091root 11241100x80000000000000003907792Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ccb4497a416c3a262022-01-11 12:18:53.091root 11241100x80000000000000003907793Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7b9a8ca3a0a39f42022-01-11 12:18:53.091root 11241100x80000000000000003907794Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74837e8dded1d15d2022-01-11 12:18:53.091root 11241100x80000000000000003907795Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.092{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f3a671cf4a161292022-01-11 12:18:53.092root 11241100x80000000000000003907796Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.092{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd23d8cb0f1064df2022-01-11 12:18:53.092root 11241100x80000000000000003907797Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.092{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d5aecb45de7433e2022-01-11 12:18:53.092root 11241100x80000000000000003907798Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.092{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d81a79da086dd5a2022-01-11 12:18:53.092root 11241100x80000000000000003907799Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.092{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00144fea0476141f2022-01-11 12:18:53.092root 11241100x80000000000000003907800Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.092{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c5cb44035c98b502022-01-11 12:18:53.092root 11241100x80000000000000003907801Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c3732dbaf6f6c0522022-01-11 12:18:53.583root 11241100x80000000000000003907802Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84a09c50975e57de2022-01-11 12:18:53.583root 11241100x80000000000000003907803Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c29b921926a861c2022-01-11 12:18:53.584root 11241100x80000000000000003907804Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f36ba77250934a32022-01-11 12:18:53.584root 11241100x80000000000000003907805Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ecfcbeee903996e2022-01-11 12:18:53.584root 11241100x80000000000000003907806Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c1aa45c5d936bd82022-01-11 12:18:53.585root 11241100x80000000000000003907807Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0b0b5e00e1890932022-01-11 12:18:53.585root 11241100x80000000000000003907808Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c9cc3fd4b2e8d202022-01-11 12:18:53.585root 11241100x80000000000000003907809Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a403423aafaa6ce42022-01-11 12:18:53.585root 11241100x80000000000000003907810Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba55a354ba11bad32022-01-11 12:18:53.585root 11241100x80000000000000003907811Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93be67cc4e25053f2022-01-11 12:18:53.585root 11241100x80000000000000003907812Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83239d2b107779472022-01-11 12:18:53.585root 11241100x80000000000000003907813Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.436ceb8dbd0ff2442022-01-11 12:18:53.585root 11241100x80000000000000003907814Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ff5927ccec430542022-01-11 12:18:53.586root 11241100x80000000000000003907815Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68fe6eeebfe3f6b12022-01-11 12:18:53.586root 11241100x80000000000000003907816Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5733a89896203672022-01-11 12:18:53.586root 11241100x80000000000000003907817Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55df3cd582e4087a2022-01-11 12:18:53.586root 11241100x80000000000000003907818Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a971a6568a57acd32022-01-11 12:18:53.586root 11241100x80000000000000003907819Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c4160a45e2827aba2022-01-11 12:18:53.586root 11241100x80000000000000003907820Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.858860f2a82962012022-01-11 12:18:53.586root 11241100x80000000000000003907821Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.820fe3455da111ad2022-01-11 12:18:53.586root 11241100x80000000000000003907822Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b9410c499340d6b2022-01-11 12:18:53.587root 11241100x80000000000000003907823Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c019b4b23a91c352022-01-11 12:18:53.587root 11241100x80000000000000003907824Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4455c61b3313ed32022-01-11 12:18:53.587root 11241100x80000000000000003907825Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.049884b252b369302022-01-11 12:18:53.587root 11241100x80000000000000003907826Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.caadb17f1a575ca32022-01-11 12:18:53.587root 11241100x80000000000000003907827Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4824576b1b2ec4632022-01-11 12:18:53.588root 11241100x80000000000000003907828Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3ace28a162c451e2022-01-11 12:18:53.588root 11241100x80000000000000003907829Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8a1c2ed2b99bc5e2022-01-11 12:18:53.588root 11241100x80000000000000003907830Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b352ec7e6ee83852022-01-11 12:18:53.588root 11241100x80000000000000003907831Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16bcd658fa38f7dd2022-01-11 12:18:53.589root 11241100x80000000000000003907832Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20fdb34c3d6596282022-01-11 12:18:53.589root 11241100x80000000000000003907833Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef68fcfacbe18d662022-01-11 12:18:53.589root 11241100x80000000000000003907834Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9896f12ca6c3eb52022-01-11 12:18:53.589root 11241100x80000000000000003907835Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8045db03dfa2c4a92022-01-11 12:18:53.589root 11241100x80000000000000003907836Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c0dc3b33ff2c7942022-01-11 12:18:53.589root 11241100x80000000000000003907837Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36aace0cded5c3502022-01-11 12:18:53.590root 11241100x80000000000000003907838Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48d771494ae066b32022-01-11 12:18:53.590root 11241100x80000000000000003907839Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:53.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.281101c2fdec775d2022-01-11 12:18:53.590root 11241100x80000000000000003907840Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e1f35eb9a0594212022-01-11 12:18:54.084root 11241100x80000000000000003907841Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de254b97bc335b472022-01-11 12:18:54.084root 11241100x80000000000000003907842Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.acbeaeac76436e142022-01-11 12:18:54.084root 11241100x80000000000000003907843Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d97515b806db68482022-01-11 12:18:54.084root 11241100x80000000000000003907844Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dcde0360db67c0312022-01-11 12:18:54.084root 11241100x80000000000000003907845Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.643e99d443394ac12022-01-11 12:18:54.084root 11241100x80000000000000003907846Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ef22ade11d328d42022-01-11 12:18:54.084root 11241100x80000000000000003907847Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55663b4f1dc098e22022-01-11 12:18:54.085root 11241100x80000000000000003907848Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a64f9120eb2345eb2022-01-11 12:18:54.085root 11241100x80000000000000003907849Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f828f155e294b91f2022-01-11 12:18:54.085root 11241100x80000000000000003907850Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.802ba6eda3e60f592022-01-11 12:18:54.085root 11241100x80000000000000003907851Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4189ae9fdb15d202022-01-11 12:18:54.085root 11241100x80000000000000003907852Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a96a0c3962f424a2022-01-11 12:18:54.085root 11241100x80000000000000003907853Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e504012b1d8cdd5f2022-01-11 12:18:54.085root 11241100x80000000000000003907854Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f144c883aedbc5662022-01-11 12:18:54.085root 11241100x80000000000000003907855Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8db847c252d52cc2022-01-11 12:18:54.085root 11241100x80000000000000003907856Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95a5d0f32cc3e6602022-01-11 12:18:54.086root 11241100x80000000000000003907857Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96fc5cad1ebcd99b2022-01-11 12:18:54.086root 11241100x80000000000000003907858Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5dbf0d7c7b96e5c42022-01-11 12:18:54.086root 11241100x80000000000000003907859Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b87550fa1adcd8a2022-01-11 12:18:54.086root 11241100x80000000000000003907860Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7572ba512dc8fcfa2022-01-11 12:18:54.086root 11241100x80000000000000003907861Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ac67fd92945e7192022-01-11 12:18:54.087root 11241100x80000000000000003907862Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1bcad3892488cd3a2022-01-11 12:18:54.087root 11241100x80000000000000003907863Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4276c65246ac34b2022-01-11 12:18:54.087root 11241100x80000000000000003907864Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90b94b4266bba38e2022-01-11 12:18:54.087root 11241100x80000000000000003907865Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.954dad637e1f5e852022-01-11 12:18:54.087root 11241100x80000000000000003907866Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90e863b39c2b43e62022-01-11 12:18:54.088root 11241100x80000000000000003907867Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f85037e94e809ae82022-01-11 12:18:54.088root 11241100x80000000000000003907868Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7693897ca6c5b4a62022-01-11 12:18:54.088root 11241100x80000000000000003907869Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0c3e7fa8bd94aa22022-01-11 12:18:54.088root 11241100x80000000000000003907870Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26559af923cc69462022-01-11 12:18:54.088root 11241100x80000000000000003907871Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01d7587a5cc445a62022-01-11 12:18:54.088root 11241100x80000000000000003907872Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7041f7f90793e9ac2022-01-11 12:18:54.088root 11241100x80000000000000003907873Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab4ff5de344936592022-01-11 12:18:54.088root 11241100x80000000000000003907874Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32887ce6d6ad006b2022-01-11 12:18:54.089root 11241100x80000000000000003907875Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f55335e551307dfd2022-01-11 12:18:54.089root 11241100x80000000000000003907876Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5615453bc6a5e2042022-01-11 12:18:54.089root 11241100x80000000000000003907877Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0ee4edee95376ca2022-01-11 12:18:54.089root 11241100x80000000000000003907878Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3fe572e26358f60c2022-01-11 12:18:54.089root 11241100x80000000000000003907879Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0746ba395e9ff5a62022-01-11 12:18:54.090root 11241100x80000000000000003907880Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d29a5fe340cce00f2022-01-11 12:18:54.090root 11241100x80000000000000003907881Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9b5e8009be1156c2022-01-11 12:18:54.090root 11241100x80000000000000003907882Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5bfe601c1036ba152022-01-11 12:18:54.583root 11241100x80000000000000003907883Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7058572dbacb96652022-01-11 12:18:54.583root 11241100x80000000000000003907884Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01371b6827d6b0412022-01-11 12:18:54.583root 11241100x80000000000000003907885Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7874825ef0ebe32b2022-01-11 12:18:54.584root 11241100x80000000000000003907886Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c86d3612bce27d62022-01-11 12:18:54.584root 11241100x80000000000000003907887Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c0d9c5588be80062022-01-11 12:18:54.584root 11241100x80000000000000003907888Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d797893744de8b9c2022-01-11 12:18:54.584root 11241100x80000000000000003907889Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5d3784493f5c54d2022-01-11 12:18:54.584root 11241100x80000000000000003907890Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5962b6f8785ca72d2022-01-11 12:18:54.584root 11241100x80000000000000003907891Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20bd123c465783772022-01-11 12:18:54.585root 11241100x80000000000000003907892Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5700ff81e826f0fb2022-01-11 12:18:54.585root 11241100x80000000000000003907893Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.afcbbc3a984d35982022-01-11 12:18:54.585root 11241100x80000000000000003907894Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f5a38921e9b0bd22022-01-11 12:18:54.586root 11241100x80000000000000003907895Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49ff31cd6e242acd2022-01-11 12:18:54.586root 11241100x80000000000000003907896Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1327c08f608228b72022-01-11 12:18:54.586root 11241100x80000000000000003907897Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b521f0b04aee58fc2022-01-11 12:18:54.586root 11241100x80000000000000003907898Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dab9b659bd6362372022-01-11 12:18:54.586root 11241100x80000000000000003907899Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ab36ac57fe906b12022-01-11 12:18:54.587root 11241100x80000000000000003907900Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.802880bc206756892022-01-11 12:18:54.588root 11241100x80000000000000003907901Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f28675b87baa8bf2022-01-11 12:18:54.588root 11241100x80000000000000003907902Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b09edafaf993ff772022-01-11 12:18:54.588root 11241100x80000000000000003907903Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea8bdc96534bf24a2022-01-11 12:18:54.588root 11241100x80000000000000003907904Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c70cfa3f491b4bce2022-01-11 12:18:54.588root 11241100x80000000000000003907905Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd76049eb02caeae2022-01-11 12:18:54.589root 11241100x80000000000000003907906Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe4b0a8886b9c8e52022-01-11 12:18:54.589root 11241100x80000000000000003907907Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4238c8a8b4d92dbe2022-01-11 12:18:54.589root 11241100x80000000000000003907908Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97f80ab48f1b891b2022-01-11 12:18:54.589root 11241100x80000000000000003907909Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2d9759e2d2607c32022-01-11 12:18:54.589root 11241100x80000000000000003907910Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12b9a904f07427f82022-01-11 12:18:54.590root 11241100x80000000000000003907911Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff15a4f470e903f82022-01-11 12:18:54.590root 11241100x80000000000000003907912Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.afe21a0f0b9ab36b2022-01-11 12:18:54.590root 11241100x80000000000000003907913Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b4e8e75699c48f02022-01-11 12:18:54.590root 11241100x80000000000000003907914Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a53713001d131f82022-01-11 12:18:54.590root 11241100x80000000000000003907915Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c843f9e2ed8036d2022-01-11 12:18:54.590root 11241100x80000000000000003907916Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a476a6d5f8ace7c62022-01-11 12:18:54.590root 11241100x80000000000000003907917Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8654ec4e31d61b2c2022-01-11 12:18:54.591root 11241100x80000000000000003907918Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a52e5fa64b5bfac12022-01-11 12:18:54.591root 11241100x80000000000000003907919Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79fabb5723f5dd072022-01-11 12:18:54.591root 11241100x80000000000000003907920Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05b49dcf5340dd302022-01-11 12:18:54.591root 11241100x80000000000000003907921Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1e7cf96291555ce2022-01-11 12:18:54.591root 11241100x80000000000000003907922Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79f9c87c64e4d3192022-01-11 12:18:54.591root 11241100x80000000000000003907923Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c53eefa919f625622022-01-11 12:18:54.591root 11241100x80000000000000003907924Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.592{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fdbdbd55b8759b662022-01-11 12:18:54.592root 11241100x80000000000000003907925Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.592{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f380cc86799307dd2022-01-11 12:18:54.592root 11241100x80000000000000003907926Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.895{ec2d504d-f0f9-61db-30a8-2a40f5550000}5391/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log2022-01-11 12:18:54.895root 11241100x80000000000000003907927Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d428a55344727c382022-01-11 12:18:54.896root 11241100x80000000000000003907928Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8f76af8a739a7032022-01-11 12:18:54.896root 11241100x80000000000000003907929Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6dcba5e1eecadcbd2022-01-11 12:18:54.897root 11241100x80000000000000003907930Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d7e4afb0c99a6eb2022-01-11 12:18:54.897root 11241100x80000000000000003907931Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.651714b5ce971d992022-01-11 12:18:54.897root 11241100x80000000000000003907932Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f59fbd8710ddb5932022-01-11 12:18:54.898root 11241100x80000000000000003907933Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f27445a9d4d677c2022-01-11 12:18:54.898root 11241100x80000000000000003907934Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96a6b56850b6a8442022-01-11 12:18:54.898root 11241100x80000000000000003907935Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06dfdb0f6b74f9f22022-01-11 12:18:54.898root 11241100x80000000000000003907936Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.899{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ff9c631921b7b002022-01-11 12:18:54.899root 11241100x80000000000000003907937Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.899{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.45275cf0e908435d2022-01-11 12:18:54.899root 11241100x80000000000000003907938Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.900{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8cd14f4140adf3012022-01-11 12:18:54.900root 11241100x80000000000000003907939Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.900{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72017884a7c715672022-01-11 12:18:54.900root 11241100x80000000000000003907940Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.900{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a15494cbc83cc2582022-01-11 12:18:54.900root 11241100x80000000000000003907941Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.900{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b81b067a6609c0872022-01-11 12:18:54.900root 11241100x80000000000000003907942Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.900{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfc7fb583142aba22022-01-11 12:18:54.900root 11241100x80000000000000003907943Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.900{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a3a001aaaf499fb2022-01-11 12:18:54.900root 11241100x80000000000000003907944Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.900{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5370943cb2cf494d2022-01-11 12:18:54.900root 11241100x80000000000000003907945Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.900{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c22f757d895abea2022-01-11 12:18:54.900root 11241100x80000000000000003907946Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.900{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1f416532c5bf4512022-01-11 12:18:54.900root 11241100x80000000000000003907947Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.901{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f9b2715baba30972022-01-11 12:18:54.901root 11241100x80000000000000003907948Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.901{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b65aa2dfa90c69a2022-01-11 12:18:54.901root 11241100x80000000000000003907949Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.901{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a12fe575669849702022-01-11 12:18:54.901root 11241100x80000000000000003907950Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.901{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3bc95e97e8d1c0732022-01-11 12:18:54.901root 11241100x80000000000000003907951Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.901{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a4f10266adc230c2022-01-11 12:18:54.901root 11241100x80000000000000003907952Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.901{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.52854dcc9400d1132022-01-11 12:18:54.901root 11241100x80000000000000003907953Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.901{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5bb10a3f91ae15752022-01-11 12:18:54.901root 11241100x80000000000000003907954Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.901{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.236cc3ac5fdb9d312022-01-11 12:18:54.901root 11241100x80000000000000003907955Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.901{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3dd22a9f0012acc72022-01-11 12:18:54.901root 11241100x80000000000000003907956Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.901{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2825597783509c492022-01-11 12:18:54.901root 11241100x80000000000000003907957Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.901{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8da8d7b0b182c4b42022-01-11 12:18:54.901root 11241100x80000000000000003907958Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.901{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b86a0594fcd4b752022-01-11 12:18:54.901root 11241100x80000000000000003907959Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.902{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a738a1e70c617592022-01-11 12:18:54.902root 11241100x80000000000000003907960Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.902{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9073a7783d0d23fb2022-01-11 12:18:54.902root 11241100x80000000000000003907961Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.902{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd03f46fae51defd2022-01-11 12:18:54.902root 11241100x80000000000000003907962Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.902{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e7153ef80ae2c102022-01-11 12:18:54.902root 11241100x80000000000000003907963Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.902{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40afa5778c2609ed2022-01-11 12:18:54.902root 11241100x80000000000000003907964Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.902{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c85a3bd5a3d683162022-01-11 12:18:54.902root 11241100x80000000000000003907965Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.902{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5944a24d0663bc532022-01-11 12:18:54.902root 11241100x80000000000000003907966Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.902{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b4b46c7acfe23b92022-01-11 12:18:54.902root 11241100x80000000000000003907967Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:54.902{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72d2a6087049b4a92022-01-11 12:18:54.902root 11241100x80000000000000003907968Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4201c5f13363ed62022-01-11 12:18:55.333root 11241100x80000000000000003907969Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d7f428d854a93882022-01-11 12:18:55.333root 11241100x80000000000000003907970Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40b749bea14d7e9f2022-01-11 12:18:55.334root 11241100x80000000000000003907971Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc0756a37462783f2022-01-11 12:18:55.334root 11241100x80000000000000003907972Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f41da054103625832022-01-11 12:18:55.334root 11241100x80000000000000003907973Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7f68f76bb2678692022-01-11 12:18:55.334root 11241100x80000000000000003907974Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ac7e6582251cf262022-01-11 12:18:55.334root 11241100x80000000000000003907975Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f1ddef900c07f4f2022-01-11 12:18:55.334root 11241100x80000000000000003907976Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8051849b1802d7a2022-01-11 12:18:55.334root 11241100x80000000000000003907977Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1cb40b08df1934272022-01-11 12:18:55.334root 11241100x80000000000000003907978Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b47b3079256ad6102022-01-11 12:18:55.334root 11241100x80000000000000003907979Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eab682b0a5e344442022-01-11 12:18:55.335root 11241100x80000000000000003907980Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b64674eec17b5a92022-01-11 12:18:55.335root 11241100x80000000000000003907981Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ffd4d1cb1021710d2022-01-11 12:18:55.335root 11241100x80000000000000003907982Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa23e9427490ddf12022-01-11 12:18:55.335root 11241100x80000000000000003907983Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c09b168bbf248da92022-01-11 12:18:55.335root 11241100x80000000000000003907984Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e67962504e0b61252022-01-11 12:18:55.335root 11241100x80000000000000003907985Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af0e42c11292e31b2022-01-11 12:18:55.335root 11241100x80000000000000003907986Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.749a2d7c16f413332022-01-11 12:18:55.335root 11241100x80000000000000003907987Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.562a9c4ee86bd0da2022-01-11 12:18:55.336root 11241100x80000000000000003907988Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b09563cdf5caba52022-01-11 12:18:55.336root 11241100x80000000000000003907989Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b450f8aafdd1bbc72022-01-11 12:18:55.336root 11241100x80000000000000003907990Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c27e22c02dae890b2022-01-11 12:18:55.336root 11241100x80000000000000003907991Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d46e22f8fa18ca22022-01-11 12:18:55.336root 11241100x80000000000000003907992Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4cd76cc3cc28d5192022-01-11 12:18:55.336root 11241100x80000000000000003907993Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb0b50f635bc4ee22022-01-11 12:18:55.336root 11241100x80000000000000003907994Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b25d66b9f9cedddd2022-01-11 12:18:55.336root 11241100x80000000000000003907995Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97352cbc5eb9469e2022-01-11 12:18:55.336root 11241100x80000000000000003907996Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7b41abdf64091ee2022-01-11 12:18:55.337root 11241100x80000000000000003907997Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b286ff86583e8382022-01-11 12:18:55.337root 11241100x80000000000000003907998Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c65b29d481165c42022-01-11 12:18:55.337root 11241100x80000000000000003907999Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8308cb5a7de36e842022-01-11 12:18:55.337root 11241100x80000000000000003908000Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a7b38738ec771342022-01-11 12:18:55.337root 11241100x80000000000000003908001Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f3e061eda774e7f2022-01-11 12:18:55.337root 11241100x80000000000000003908002Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2caf6e245e0315e2022-01-11 12:18:55.337root 11241100x80000000000000003908003Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74a4f9556455d3ca2022-01-11 12:18:55.337root 11241100x80000000000000003908004Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a6da94419ed5e192022-01-11 12:18:55.337root 11241100x80000000000000003908005Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b337402bd06ca26b2022-01-11 12:18:55.337root 11241100x80000000000000003908006Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.615e6ff2bb4276f12022-01-11 12:18:55.338root 11241100x80000000000000003908007Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef534485ef6a5e132022-01-11 12:18:55.338root 11241100x80000000000000003908008Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0fa1186d75684792022-01-11 12:18:55.834root 11241100x80000000000000003908009Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.520f3cb64d78fcb52022-01-11 12:18:55.834root 11241100x80000000000000003908010Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56e7f309ed503e802022-01-11 12:18:55.834root 11241100x80000000000000003908011Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2779e4641650b292022-01-11 12:18:55.834root 11241100x80000000000000003908012Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c860ac1220d1b91a2022-01-11 12:18:55.834root 11241100x80000000000000003908013Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d430b0b03c3a9432022-01-11 12:18:55.834root 11241100x80000000000000003908014Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad12d5eb0ac7fdae2022-01-11 12:18:55.835root 11241100x80000000000000003908015Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6aea48d7e9e383b22022-01-11 12:18:55.835root 11241100x80000000000000003908016Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8fecdd5544c13302022-01-11 12:18:55.835root 11241100x80000000000000003908017Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad950110aed78ea82022-01-11 12:18:55.835root 11241100x80000000000000003908018Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de0700b75a178ff22022-01-11 12:18:55.835root 11241100x80000000000000003908019Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4b433fcddd83eba2022-01-11 12:18:55.835root 11241100x80000000000000003908020Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6735dc27704fad372022-01-11 12:18:55.835root 11241100x80000000000000003908021Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd95c620406bed7d2022-01-11 12:18:55.835root 11241100x80000000000000003908022Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12fd12979b8b19ad2022-01-11 12:18:55.835root 11241100x80000000000000003908023Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5bae19a024c3338d2022-01-11 12:18:55.836root 11241100x80000000000000003908024Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6b1ed5e5671d55c2022-01-11 12:18:55.836root 11241100x80000000000000003908025Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f0da6895905ffe72022-01-11 12:18:55.836root 11241100x80000000000000003908026Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5097f175688877472022-01-11 12:18:55.836root 11241100x80000000000000003908027Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3fabd21f5a94bfb32022-01-11 12:18:55.836root 11241100x80000000000000003908028Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd861bbf4158986e2022-01-11 12:18:55.836root 11241100x80000000000000003908029Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd39a6c5ef4f8e5c2022-01-11 12:18:55.836root 11241100x80000000000000003908030Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c19721ca7bc6c9322022-01-11 12:18:55.836root 11241100x80000000000000003908031Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4bded7c1657b0ad52022-01-11 12:18:55.836root 11241100x80000000000000003908032Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.725ddf8e52821d532022-01-11 12:18:55.837root 11241100x80000000000000003908033Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23aeeac18c56bbec2022-01-11 12:18:55.837root 11241100x80000000000000003908034Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.99dedae3aa1dcb042022-01-11 12:18:55.837root 11241100x80000000000000003908035Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d0b6a88f4cb1891c2022-01-11 12:18:55.837root 11241100x80000000000000003908036Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84773b18b24b381a2022-01-11 12:18:55.837root 11241100x80000000000000003908037Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.126dd5d5fadf8c682022-01-11 12:18:55.837root 11241100x80000000000000003908038Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af886cb073d09d8a2022-01-11 12:18:55.837root 11241100x80000000000000003908039Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d84b06e8870d10882022-01-11 12:18:55.837root 11241100x80000000000000003908040Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df99e2d561dcda7f2022-01-11 12:18:55.838root 11241100x80000000000000003908041Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f44e569c5b5ece0f2022-01-11 12:18:55.838root 11241100x80000000000000003908042Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.490c2ccb028b10f22022-01-11 12:18:55.838root 11241100x80000000000000003908043Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:55.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c32d729bc932b9a2022-01-11 12:18:55.838root 11241100x80000000000000003908044Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1828efaef4f26962022-01-11 12:18:56.334root 11241100x80000000000000003908045Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.440bb8ffac7a701f2022-01-11 12:18:56.334root 11241100x80000000000000003908046Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2baf83f613c172ec2022-01-11 12:18:56.334root 11241100x80000000000000003908047Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72ff5eeca138ead82022-01-11 12:18:56.334root 11241100x80000000000000003908048Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.71dd6403906cc7112022-01-11 12:18:56.335root 11241100x80000000000000003908049Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a15416d3524fde742022-01-11 12:18:56.335root 11241100x80000000000000003908050Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7926ac7ca99642aa2022-01-11 12:18:56.335root 11241100x80000000000000003908051Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfd6fe7a2896606a2022-01-11 12:18:56.335root 11241100x80000000000000003908052Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83dee3cb5c9d55d42022-01-11 12:18:56.335root 11241100x80000000000000003908053Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34f059deddb058402022-01-11 12:18:56.336root 11241100x80000000000000003908054Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.423ff8f89d413b0c2022-01-11 12:18:56.336root 11241100x80000000000000003908055Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63214a6e2b6a212f2022-01-11 12:18:56.336root 11241100x80000000000000003908056Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11c3e468a7ce0e332022-01-11 12:18:56.336root 11241100x80000000000000003908057Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9004e64a9ea700492022-01-11 12:18:56.336root 11241100x80000000000000003908058Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3891c0211a98ac512022-01-11 12:18:56.337root 11241100x80000000000000003908059Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d9938fe19acfc8642022-01-11 12:18:56.337root 11241100x80000000000000003908060Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d509ba5ac11e5412022-01-11 12:18:56.337root 11241100x80000000000000003908061Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65284ce8cf09933b2022-01-11 12:18:56.337root 11241100x80000000000000003908062Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16950e15dfdf99302022-01-11 12:18:56.337root 11241100x80000000000000003908063Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f216f0badf746ad2022-01-11 12:18:56.337root 11241100x80000000000000003908064Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f9c43796908e1cd2022-01-11 12:18:56.337root 11241100x80000000000000003908065Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8134777525fc82472022-01-11 12:18:56.338root 11241100x80000000000000003908066Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.037b97b1d4dfad7a2022-01-11 12:18:56.338root 11241100x80000000000000003908067Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.569b034d2cbe621c2022-01-11 12:18:56.338root 11241100x80000000000000003908068Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e7a54aa0e3bd6972022-01-11 12:18:56.338root 11241100x80000000000000003908069Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.223f02ef132bc0b42022-01-11 12:18:56.338root 11241100x80000000000000003908070Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e0b9193838b4f412022-01-11 12:18:56.338root 11241100x80000000000000003908071Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82ea6a53c570dd832022-01-11 12:18:56.338root 11241100x80000000000000003908072Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36ae02b660dd5cc42022-01-11 12:18:56.338root 11241100x80000000000000003908073Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc6628903e8c049a2022-01-11 12:18:56.338root 11241100x80000000000000003908074Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.793bfc50e39475bc2022-01-11 12:18:56.338root 11241100x80000000000000003908075Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b78d1c0f5d1553912022-01-11 12:18:56.340root 11241100x80000000000000003908076Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b14057e0accf39f2022-01-11 12:18:56.340root 11241100x80000000000000003908077Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5f0dc02bdf96dc52022-01-11 12:18:56.340root 11241100x80000000000000003908078Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c1a26d2a5f124352022-01-11 12:18:56.340root 11241100x80000000000000003908079Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e806ca30ffd27172022-01-11 12:18:56.340root 11241100x80000000000000003908080Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7bf01661b4215c5c2022-01-11 12:18:56.340root 11241100x80000000000000003908081Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.341{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec3890db6db98b2f2022-01-11 12:18:56.341root 11241100x80000000000000003908082Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68a730e3975834552022-01-11 12:18:56.833root 11241100x80000000000000003908083Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.28a58883b75df5342022-01-11 12:18:56.834root 11241100x80000000000000003908084Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d2717a93bced6c62022-01-11 12:18:56.834root 11241100x80000000000000003908085Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6bf88d39166afe72022-01-11 12:18:56.834root 11241100x80000000000000003908086Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72464f2e8571e9972022-01-11 12:18:56.834root 11241100x80000000000000003908087Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77c59e3b0c499f6b2022-01-11 12:18:56.834root 11241100x80000000000000003908088Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dda59b955caeeacb2022-01-11 12:18:56.835root 11241100x80000000000000003908089Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.70fdfdb6216a78662022-01-11 12:18:56.835root 11241100x80000000000000003908090Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ba8efd88c83bbb72022-01-11 12:18:56.835root 11241100x80000000000000003908091Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f42916bb75640b0b2022-01-11 12:18:56.835root 11241100x80000000000000003908092Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c0078048597a4752022-01-11 12:18:56.835root 11241100x80000000000000003908093Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d9f169ef2a2e32442022-01-11 12:18:56.835root 11241100x80000000000000003908094Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc24966da5cd63102022-01-11 12:18:56.836root 11241100x80000000000000003908095Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09b22e9d21ddb8272022-01-11 12:18:56.836root 11241100x80000000000000003908096Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7313776fb64eebe22022-01-11 12:18:56.836root 11241100x80000000000000003908097Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eea605f6a10cbe592022-01-11 12:18:56.836root 11241100x80000000000000003908098Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d84545b1d7d061a2022-01-11 12:18:56.836root 11241100x80000000000000003908099Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a2ca47fdec4f7412022-01-11 12:18:56.837root 11241100x80000000000000003908100Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7754e0f56595ebb2022-01-11 12:18:56.837root 11241100x80000000000000003908101Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.52a130ba7a6125472022-01-11 12:18:56.837root 11241100x80000000000000003908102Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a0904f985625daf2022-01-11 12:18:56.837root 11241100x80000000000000003908103Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd9172c5fe78e65b2022-01-11 12:18:56.837root 11241100x80000000000000003908104Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9b6fdaa135cd8402022-01-11 12:18:56.837root 11241100x80000000000000003908105Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec71153bbe483ead2022-01-11 12:18:56.837root 11241100x80000000000000003908106Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2f01a53da80c3f62022-01-11 12:18:56.838root 11241100x80000000000000003908107Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd17f077ad6ed7812022-01-11 12:18:56.838root 11241100x80000000000000003908108Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47e2cd35e35dc2742022-01-11 12:18:56.838root 11241100x80000000000000003908109Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d12437ef7d5008122022-01-11 12:18:56.838root 11241100x80000000000000003908110Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e59c286f85fbd6ab2022-01-11 12:18:56.838root 11241100x80000000000000003908111Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.461010aceecedb7b2022-01-11 12:18:56.838root 11241100x80000000000000003908112Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4beb8ba9ca76c7a2022-01-11 12:18:56.838root 11241100x80000000000000003908113Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3fe98e040d125d82022-01-11 12:18:56.838root 11241100x80000000000000003908114Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.167d3a3eee67b7f62022-01-11 12:18:56.838root 11241100x80000000000000003908115Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2a55d9a8795e4ce2022-01-11 12:18:56.839root 11241100x80000000000000003908116Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af8abf7071c78a912022-01-11 12:18:56.839root 11241100x80000000000000003908117Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c90b1cc6bccec242022-01-11 12:18:56.839root 11241100x80000000000000003908118Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.94c4475b6f9c799e2022-01-11 12:18:56.839root 11241100x80000000000000003908119Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ebede149590f7902022-01-11 12:18:56.839root 11241100x80000000000000003908120Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:56.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5f9dfc402a161542022-01-11 12:18:56.839root 354300x80000000000000003908121Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.019{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56258-false10.0.1.12-8000- 11241100x80000000000000003908122Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4eab1f3549119bd32022-01-11 12:18:57.334root 11241100x80000000000000003908123Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac932dc447b25e7a2022-01-11 12:18:57.334root 11241100x80000000000000003908124Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9755f14db539db692022-01-11 12:18:57.334root 11241100x80000000000000003908125Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f82f1f011c6576802022-01-11 12:18:57.334root 11241100x80000000000000003908126Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.31b72c5ddb63faaf2022-01-11 12:18:57.334root 11241100x80000000000000003908127Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.faca0500dacd531a2022-01-11 12:18:57.334root 11241100x80000000000000003908128Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c5b8f82695845462022-01-11 12:18:57.335root 11241100x80000000000000003908129Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d9293fb55552c9242022-01-11 12:18:57.335root 11241100x80000000000000003908130Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f3298edf0e8cb96a2022-01-11 12:18:57.335root 11241100x80000000000000003908131Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f982842a4751bf5f2022-01-11 12:18:57.335root 11241100x80000000000000003908132Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cbe959ea65fdc65b2022-01-11 12:18:57.335root 11241100x80000000000000003908133Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.13b99f2d354e04042022-01-11 12:18:57.335root 11241100x80000000000000003908134Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b8fafb76d5378052022-01-11 12:18:57.335root 11241100x80000000000000003908135Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb36e4203732aed92022-01-11 12:18:57.336root 11241100x80000000000000003908136Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c69281f19447efdb2022-01-11 12:18:57.336root 11241100x80000000000000003908137Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.506a6e0b79723f062022-01-11 12:18:57.336root 11241100x80000000000000003908138Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b16e3148004fb0842022-01-11 12:18:57.336root 11241100x80000000000000003908139Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.032386b4bc7af8f52022-01-11 12:18:57.336root 11241100x80000000000000003908140Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80ee533bf161701c2022-01-11 12:18:57.336root 11241100x80000000000000003908141Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.514a0224803cc5002022-01-11 12:18:57.336root 11241100x80000000000000003908142Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.caad55ffc88ad7742022-01-11 12:18:57.336root 11241100x80000000000000003908143Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62f969fa64b05d2b2022-01-11 12:18:57.336root 11241100x80000000000000003908144Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6503743acd9611eb2022-01-11 12:18:57.337root 11241100x80000000000000003908145Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d063affda0f5b7de2022-01-11 12:18:57.337root 11241100x80000000000000003908146Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b95a0bf0eb660d742022-01-11 12:18:57.337root 11241100x80000000000000003908147Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18ee66917c03e6942022-01-11 12:18:57.337root 11241100x80000000000000003908148Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c97662e6f5ce1e742022-01-11 12:18:57.337root 11241100x80000000000000003908149Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.635426147321918d2022-01-11 12:18:57.337root 11241100x80000000000000003908150Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9043a5b09ce488af2022-01-11 12:18:57.338root 11241100x80000000000000003908151Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a5cf33b78a854382022-01-11 12:18:57.338root 11241100x80000000000000003908152Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.94e19ebdeea756d12022-01-11 12:18:57.338root 11241100x80000000000000003908153Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b99375d2334d72f2022-01-11 12:18:57.338root 11241100x80000000000000003908154Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.102940ea97ac0a752022-01-11 12:18:57.338root 11241100x80000000000000003908155Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd5ab8a780614de12022-01-11 12:18:57.338root 11241100x80000000000000003908156Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1e46e51f00c1589d2022-01-11 12:18:57.338root 11241100x80000000000000003908157Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfdf8b562aa2439d2022-01-11 12:18:57.339root 11241100x80000000000000003908158Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d5cd8dbbdeede0e2022-01-11 12:18:57.339root 11241100x80000000000000003908159Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb44b50a9bd7ab682022-01-11 12:18:57.339root 11241100x80000000000000003908160Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ee99366f844698c2022-01-11 12:18:57.339root 11241100x80000000000000003908161Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.082a1b004bac4eb42022-01-11 12:18:57.834root 11241100x80000000000000003908162Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed5bcdc92cd841ac2022-01-11 12:18:57.834root 11241100x80000000000000003908163Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2406153b8a76119a2022-01-11 12:18:57.834root 11241100x80000000000000003908164Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9082987c702226422022-01-11 12:18:57.834root 11241100x80000000000000003908165Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc799d057e2c847f2022-01-11 12:18:57.834root 11241100x80000000000000003908166Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c107925b6e8e33462022-01-11 12:18:57.834root 11241100x80000000000000003908167Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6b7bc96af77bfdf2022-01-11 12:18:57.834root 11241100x80000000000000003908168Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9255fd7ecda371f2022-01-11 12:18:57.834root 11241100x80000000000000003908169Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc6f3801a0e088db2022-01-11 12:18:57.835root 11241100x80000000000000003908170Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d3b947edb11f04e2022-01-11 12:18:57.835root 11241100x80000000000000003908171Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57d6d712919551852022-01-11 12:18:57.835root 11241100x80000000000000003908172Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a3f00e73c46dc7d2022-01-11 12:18:57.835root 11241100x80000000000000003908173Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.356f6ae45ec3825b2022-01-11 12:18:57.835root 11241100x80000000000000003908174Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ace5100282a0e9292022-01-11 12:18:57.835root 11241100x80000000000000003908175Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3cd2d2e70a05cd792022-01-11 12:18:57.835root 11241100x80000000000000003908176Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.056f9da728c068b92022-01-11 12:18:57.836root 11241100x80000000000000003908177Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6ee0ff7b49445942022-01-11 12:18:57.836root 11241100x80000000000000003908178Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb5f3e03c2938b0a2022-01-11 12:18:57.836root 11241100x80000000000000003908179Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc9f49867c9e1b382022-01-11 12:18:57.836root 11241100x80000000000000003908180Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.867529837161709f2022-01-11 12:18:57.836root 11241100x80000000000000003908181Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6377988eda26d06a2022-01-11 12:18:57.836root 11241100x80000000000000003908182Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ee90f6b94aabe942022-01-11 12:18:57.837root 11241100x80000000000000003908183Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c195af3dbf0b5d32022-01-11 12:18:57.837root 11241100x80000000000000003908184Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf4f046fdc9f3b3b2022-01-11 12:18:57.837root 11241100x80000000000000003908185Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.427a04f97ce6c6de2022-01-11 12:18:57.837root 11241100x80000000000000003908186Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b8707a3eb4565742022-01-11 12:18:57.837root 11241100x80000000000000003908187Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6d35825ad02ed9a2022-01-11 12:18:57.837root 11241100x80000000000000003908188Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2bce4fa4ff8da0cc2022-01-11 12:18:57.837root 11241100x80000000000000003908189Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.518d0bbcf26d822d2022-01-11 12:18:57.837root 11241100x80000000000000003908190Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1375e36fe91d75292022-01-11 12:18:57.837root 11241100x80000000000000003908191Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.52e25f444451e0982022-01-11 12:18:57.838root 11241100x80000000000000003908192Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83f25f933e504d962022-01-11 12:18:57.838root 11241100x80000000000000003908193Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96953911f2f0fb6c2022-01-11 12:18:57.838root 11241100x80000000000000003908194Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.719257b2ae40f4092022-01-11 12:18:57.838root 11241100x80000000000000003908195Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.60d83b4dabbf8b932022-01-11 12:18:57.838root 11241100x80000000000000003908196Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4daf92984cf918162022-01-11 12:18:57.838root 11241100x80000000000000003908197Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b6960028d4816d12022-01-11 12:18:57.838root 11241100x80000000000000003908198Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c510f8ac17dd6dc2022-01-11 12:18:57.839root 23542300x80000000000000003908199Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:57.896{ec2d504d-f0f9-61db-30a8-2a40f5550000}5391root/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log--- 11241100x80000000000000003908200Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b5208ee11670e6f92022-01-11 12:18:58.333root 11241100x80000000000000003908201Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23b583198da6823c2022-01-11 12:18:58.333root 11241100x80000000000000003908202Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b23fa36b1c852412022-01-11 12:18:58.333root 11241100x80000000000000003908203Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b88655747d8cb5f52022-01-11 12:18:58.334root 11241100x80000000000000003908204Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dfccc317ae31ce6f2022-01-11 12:18:58.334root 11241100x80000000000000003908205Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4c432a1fdc8fbcd2022-01-11 12:18:58.334root 11241100x80000000000000003908206Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f263891c837ee78f2022-01-11 12:18:58.334root 11241100x80000000000000003908207Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40f0c2510594aea72022-01-11 12:18:58.334root 11241100x80000000000000003908208Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.926d09376d808aa02022-01-11 12:18:58.334root 11241100x80000000000000003908209Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cecb9af6c90779262022-01-11 12:18:58.335root 11241100x80000000000000003908210Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61f09e0b16c3da892022-01-11 12:18:58.335root 11241100x80000000000000003908211Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f00cd73a537c7fa82022-01-11 12:18:58.335root 11241100x80000000000000003908212Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8bb05630239103882022-01-11 12:18:58.335root 11241100x80000000000000003908213Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5231a3f168a28a712022-01-11 12:18:58.335root 11241100x80000000000000003908214Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2738792b05c7dce42022-01-11 12:18:58.335root 11241100x80000000000000003908215Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5384aabe06d37c82022-01-11 12:18:58.335root 11241100x80000000000000003908216Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd189bcd34b0d2222022-01-11 12:18:58.335root 11241100x80000000000000003908217Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce7c111b61700cc82022-01-11 12:18:58.335root 11241100x80000000000000003908218Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.468aa77cfbdb2ff52022-01-11 12:18:58.336root 11241100x80000000000000003908219Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b084d40d720b48a2022-01-11 12:18:58.336root 11241100x80000000000000003908220Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d43c17305fe4c41b2022-01-11 12:18:58.336root 11241100x80000000000000003908221Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4aa09e09d67820532022-01-11 12:18:58.336root 11241100x80000000000000003908222Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.461c231e4c657c4f2022-01-11 12:18:58.336root 11241100x80000000000000003908223Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84cbdd92b5d080062022-01-11 12:18:58.336root 11241100x80000000000000003908224Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af7f72e27250de882022-01-11 12:18:58.336root 11241100x80000000000000003908225Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e5444367e74b98c2022-01-11 12:18:58.337root 11241100x80000000000000003908226Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2431f8bc3053b6132022-01-11 12:18:58.337root 11241100x80000000000000003908227Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77973779362f92c12022-01-11 12:18:58.337root 11241100x80000000000000003908228Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a39d24a0ba854bb62022-01-11 12:18:58.337root 11241100x80000000000000003908229Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b458ef39c8adf2e2022-01-11 12:18:58.337root 11241100x80000000000000003908230Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80c588c35da1174c2022-01-11 12:18:58.337root 11241100x80000000000000003908231Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.000515f9233dc34f2022-01-11 12:18:58.337root 11241100x80000000000000003908232Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84291234e95cecb42022-01-11 12:18:58.337root 11241100x80000000000000003908233Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e90562287b22b62a2022-01-11 12:18:58.337root 11241100x80000000000000003908234Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76b0f560e99397d72022-01-11 12:18:58.337root 11241100x80000000000000003908235Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.813e10103054e2652022-01-11 12:18:58.338root 11241100x80000000000000003908236Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5113c5b12a85a4662022-01-11 12:18:58.338root 11241100x80000000000000003908237Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3fdfbdb64276ec1c2022-01-11 12:18:58.338root 11241100x80000000000000003908238Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53c04bff5e2b24f72022-01-11 12:18:58.338root 11241100x80000000000000003908239Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b04fa66209a4a8c72022-01-11 12:18:58.338root 11241100x80000000000000003908240Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.07f71831b3a157632022-01-11 12:18:58.338root 11241100x80000000000000003908241Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06befb9eb137f0c02022-01-11 12:18:58.338root 11241100x80000000000000003908242Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f06e1fb67b63b092022-01-11 12:18:58.338root 11241100x80000000000000003908243Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7d7e51ccccaf4052022-01-11 12:18:58.338root 11241100x80000000000000003908244Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38053e77af9449fa2022-01-11 12:18:58.339root 11241100x80000000000000003908245Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ca7e44cbad8836f2022-01-11 12:18:58.339root 11241100x80000000000000003908246Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61304a884544c3c52022-01-11 12:18:58.339root 11241100x80000000000000003908247Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62d83d0f8a3c9ce92022-01-11 12:18:58.339root 11241100x80000000000000003908248Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.947f427ee12c6a5a2022-01-11 12:18:58.339root 11241100x80000000000000003908249Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8eef339c411cf86d2022-01-11 12:18:58.339root 11241100x80000000000000003908250Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2af2430d615dc37d2022-01-11 12:18:58.339root 11241100x80000000000000003908251Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee0aca3274031a512022-01-11 12:18:58.339root 11241100x80000000000000003908252Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.714d30db7ad030e82022-01-11 12:18:58.339root 11241100x80000000000000003908253Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f681f29f14e0f0612022-01-11 12:18:58.340root 11241100x80000000000000003908254Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39afb4fcffa8a5912022-01-11 12:18:58.340root 11241100x80000000000000003908255Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f3a5c7a605e62f2b2022-01-11 12:18:58.340root 11241100x80000000000000003908256Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.484765c2cf77c4282022-01-11 12:18:58.340root 11241100x80000000000000003908257Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d6a12590d394bfd2022-01-11 12:18:58.340root 11241100x80000000000000003908258Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f3affbc5a11d93ef2022-01-11 12:18:58.340root 11241100x80000000000000003908259Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3795c4bca98260a82022-01-11 12:18:58.340root 11241100x80000000000000003908260Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.87c9e6b2cb7fb8ab2022-01-11 12:18:58.340root 11241100x80000000000000003908261Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ccae8ffd440eff2c2022-01-11 12:18:58.340root 11241100x80000000000000003908262Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.341{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd015002166f56f62022-01-11 12:18:58.341root 11241100x80000000000000003908263Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.341{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3e4b994728af9122022-01-11 12:18:58.341root 11241100x80000000000000003908264Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.341{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2425db0d79439ae2022-01-11 12:18:58.341root 11241100x80000000000000003908265Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.342{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8494dc905c597492022-01-11 12:18:58.342root 11241100x80000000000000003908266Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.342{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79ab6cf42e4c31322022-01-11 12:18:58.342root 11241100x80000000000000003908267Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.342{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c3c137e99bd91ab2022-01-11 12:18:58.342root 11241100x80000000000000003908268Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.342{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49b7258b6b3fcd2a2022-01-11 12:18:58.342root 11241100x80000000000000003908269Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.342{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c83b36936f93f8992022-01-11 12:18:58.342root 11241100x80000000000000003908270Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.342{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f00969afc5dde512022-01-11 12:18:58.342root 11241100x80000000000000003908271Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.343{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.434a87200237b54e2022-01-11 12:18:58.343root 11241100x80000000000000003908272Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.343{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d424594bf83e20cf2022-01-11 12:18:58.343root 11241100x80000000000000003908273Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.343{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc357397d3e25a0d2022-01-11 12:18:58.343root 11241100x80000000000000003908274Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.343{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c6dff5b16f0923b2022-01-11 12:18:58.343root 11241100x80000000000000003908275Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.343{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41e4cb9a6cf2bd1d2022-01-11 12:18:58.343root 11241100x80000000000000003908276Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.344{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2439754fa7a39802022-01-11 12:18:58.344root 11241100x80000000000000003908277Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.344{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8706ae8d151261c2022-01-11 12:18:58.344root 11241100x80000000000000003908278Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.344{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e8676d5c18d93ee2022-01-11 12:18:58.344root 11241100x80000000000000003908279Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.344{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9cb1b712ca7c51df2022-01-11 12:18:58.344root 11241100x80000000000000003908280Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.344{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.655c45c1495360e12022-01-11 12:18:58.344root 11241100x80000000000000003908281Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.345{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c7fb2e6e3a416422022-01-11 12:18:58.345root 11241100x80000000000000003908282Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.345{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9bde88cd986971972022-01-11 12:18:58.345root 11241100x80000000000000003908283Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.345{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54ec11e74283ed912022-01-11 12:18:58.345root 11241100x80000000000000003908284Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.345{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9de8129e0081eb172022-01-11 12:18:58.345root 11241100x80000000000000003908285Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.345{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.203f9dc3ecb01b8f2022-01-11 12:18:58.345root 11241100x80000000000000003908286Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.345{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f3c0bd65ce189f7d2022-01-11 12:18:58.345root 11241100x80000000000000003908287Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.345{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91870c4e7036d01f2022-01-11 12:18:58.345root 11241100x80000000000000003908288Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.345{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.984197dfdf1ba3dc2022-01-11 12:18:58.345root 11241100x80000000000000003908289Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.346{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e7fc90101e679fa2022-01-11 12:18:58.346root 11241100x80000000000000003908290Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.346{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.425ae42834b5a4bc2022-01-11 12:18:58.346root 11241100x80000000000000003908291Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.346{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3d9e33cf97f69222022-01-11 12:18:58.346root 11241100x80000000000000003908292Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.346{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca33adab36a7339a2022-01-11 12:18:58.346root 11241100x80000000000000003908293Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.346{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32053455bb8c22b32022-01-11 12:18:58.346root 11241100x80000000000000003908294Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.346{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25950aab0d0399752022-01-11 12:18:58.346root 11241100x80000000000000003908295Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.346{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3701bc2b3985c74d2022-01-11 12:18:58.346root 11241100x80000000000000003908296Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.346{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44c8b3ec0dcd584b2022-01-11 12:18:58.346root 11241100x80000000000000003908297Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a582e3aa79212232022-01-11 12:18:58.833root 11241100x80000000000000003908298Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.790aac4edbfd92be2022-01-11 12:18:58.834root 11241100x80000000000000003908299Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12b2cf702f9828382022-01-11 12:18:58.834root 11241100x80000000000000003908300Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d8cfbb67a3e187c2022-01-11 12:18:58.834root 11241100x80000000000000003908301Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d987bb93af057af02022-01-11 12:18:58.834root 11241100x80000000000000003908302Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2c1ae46bbf86fec2022-01-11 12:18:58.834root 11241100x80000000000000003908303Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2b2164cda0b0c4a2022-01-11 12:18:58.835root 11241100x80000000000000003908304Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f50179712eb5059d2022-01-11 12:18:58.835root 11241100x80000000000000003908305Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb8a72b68121f95b2022-01-11 12:18:58.835root 11241100x80000000000000003908306Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c916d052070db9332022-01-11 12:18:58.835root 11241100x80000000000000003908307Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.392523ccba435e0e2022-01-11 12:18:58.836root 11241100x80000000000000003908308Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76c80d4f1bdbb7ef2022-01-11 12:18:58.836root 11241100x80000000000000003908309Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e745a34ebc81c332022-01-11 12:18:58.836root 11241100x80000000000000003908310Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dcfc73fae2440f1d2022-01-11 12:18:58.836root 11241100x80000000000000003908311Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ba3812a9b8966fb2022-01-11 12:18:58.836root 11241100x80000000000000003908312Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fac09fbc3b26b9ba2022-01-11 12:18:58.836root 11241100x80000000000000003908313Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe1488a8568f4e752022-01-11 12:18:58.837root 11241100x80000000000000003908314Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f76f320e3f40f142022-01-11 12:18:58.837root 11241100x80000000000000003908315Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36d569b6fb51e0462022-01-11 12:18:58.837root 11241100x80000000000000003908316Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7326299bd157b5ca2022-01-11 12:18:58.837root 11241100x80000000000000003908317Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c35f3ab831823f52022-01-11 12:18:58.837root 11241100x80000000000000003908318Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a0b4afd71b48e242022-01-11 12:18:58.837root 11241100x80000000000000003908319Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2895cd51aef730432022-01-11 12:18:58.837root 11241100x80000000000000003908320Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3c817db635304cd2022-01-11 12:18:58.837root 11241100x80000000000000003908321Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.439c20b8c94083bc2022-01-11 12:18:58.837root 11241100x80000000000000003908322Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce568089dba785232022-01-11 12:18:58.838root 11241100x80000000000000003908323Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9287460bc02ada522022-01-11 12:18:58.838root 11241100x80000000000000003908324Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd3844f0b8277c6d2022-01-11 12:18:58.838root 11241100x80000000000000003908325Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2af2e404ebf3bfe72022-01-11 12:18:58.838root 11241100x80000000000000003908326Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4131f2f1e216b5572022-01-11 12:18:58.838root 11241100x80000000000000003908327Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d86b3057f4d43fd2022-01-11 12:18:58.838root 11241100x80000000000000003908328Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6a07f9dc11e90ad2022-01-11 12:18:58.838root 11241100x80000000000000003908329Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce70076f95b1da792022-01-11 12:18:58.838root 11241100x80000000000000003908330Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa6110d0ee1385e22022-01-11 12:18:58.838root 11241100x80000000000000003908331Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d1064b95450daa92022-01-11 12:18:58.838root 11241100x80000000000000003908332Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.157a3a2ceca76f4e2022-01-11 12:18:58.839root 11241100x80000000000000003908333Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fbaff28f76746d42022-01-11 12:18:58.839root 11241100x80000000000000003908334Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4be126f5594bb0b12022-01-11 12:18:58.839root 11241100x80000000000000003908335Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ef9c3ee81013f0a2022-01-11 12:18:58.839root 11241100x80000000000000003908336Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:58.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.939f61d7cca63f102022-01-11 12:18:58.839root 11241100x80000000000000003908337Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9313c9b3e1cb015a2022-01-11 12:18:59.333root 11241100x80000000000000003908338Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dff703ca9d686dee2022-01-11 12:18:59.334root 11241100x80000000000000003908339Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4d1076c5dde13a502022-01-11 12:18:59.334root 11241100x80000000000000003908340Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0967ad6878d4f0c22022-01-11 12:18:59.334root 11241100x80000000000000003908341Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6a6cd180aa3858a2022-01-11 12:18:59.335root 11241100x80000000000000003908342Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ea9ec03592619f62022-01-11 12:18:59.336root 11241100x80000000000000003908343Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.782da9a84e4035242022-01-11 12:18:59.336root 11241100x80000000000000003908344Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.893ccddd2f43eef32022-01-11 12:18:59.336root 11241100x80000000000000003908345Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43ceba2b4a3a30dd2022-01-11 12:18:59.336root 11241100x80000000000000003908346Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97c239a85e6ac8b52022-01-11 12:18:59.336root 11241100x80000000000000003908347Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43d43ce8118f4de02022-01-11 12:18:59.336root 11241100x80000000000000003908348Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97da28af121a1e9d2022-01-11 12:18:59.336root 11241100x80000000000000003908349Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eac4e828745d9b492022-01-11 12:18:59.336root 11241100x80000000000000003908350Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.87401b576ace96e42022-01-11 12:18:59.336root 11241100x80000000000000003908351Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f594b59545bcc9db2022-01-11 12:18:59.336root 11241100x80000000000000003908352Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d96ee2c2594ef592022-01-11 12:18:59.337root 11241100x80000000000000003908353Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77c96c95bb8825e12022-01-11 12:18:59.337root 11241100x80000000000000003908354Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e5c3ad12d83b8ca2022-01-11 12:18:59.337root 11241100x80000000000000003908355Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b932fac9944cee32022-01-11 12:18:59.337root 11241100x80000000000000003908356Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.377297fd3a6743ed2022-01-11 12:18:59.337root 11241100x80000000000000003908357Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.037968114ce1f70f2022-01-11 12:18:59.337root 11241100x80000000000000003908358Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.caed58e65219e4c12022-01-11 12:18:59.337root 11241100x80000000000000003908359Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8decad27fd762602022-01-11 12:18:59.337root 11241100x80000000000000003908360Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.85c39038e4227b672022-01-11 12:18:59.337root 11241100x80000000000000003908361Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.802a65bc38becd892022-01-11 12:18:59.337root 11241100x80000000000000003908362Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3ce1ac505c5c9ec2022-01-11 12:18:59.337root 11241100x80000000000000003908363Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48a0028a00de52e92022-01-11 12:18:59.337root 11241100x80000000000000003908364Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ef9d6c0d81844782022-01-11 12:18:59.337root 11241100x80000000000000003908365Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d776f447df19114c2022-01-11 12:18:59.337root 11241100x80000000000000003908366Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.463d7e4a27d4c17a2022-01-11 12:18:59.337root 11241100x80000000000000003908367Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3de3c840b73d1d772022-01-11 12:18:59.337root 11241100x80000000000000003908368Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.259a972c7f10bd5c2022-01-11 12:18:59.338root 11241100x80000000000000003908369Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.694fb8fd547e0c7b2022-01-11 12:18:59.338root 11241100x80000000000000003908370Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10e17a00561b04ee2022-01-11 12:18:59.338root 11241100x80000000000000003908371Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a83cf61ae2a8b8912022-01-11 12:18:59.338root 11241100x80000000000000003908372Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c93009d7f3ee5962022-01-11 12:18:59.338root 11241100x80000000000000003908373Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f20c161e43b7df62022-01-11 12:18:59.338root 11241100x80000000000000003908374Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b862a256b7db55982022-01-11 12:18:59.338root 11241100x80000000000000003908375Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21eca8f722ec10052022-01-11 12:18:59.338root 11241100x80000000000000003908376Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1592d08d16de80872022-01-11 12:18:59.338root 11241100x80000000000000003908377Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5309f7746ba48b5a2022-01-11 12:18:59.338root 11241100x80000000000000003908378Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a51fa88c02aa2b12022-01-11 12:18:59.338root 11241100x80000000000000003908379Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a87892f3613ff6262022-01-11 12:18:59.833root 11241100x80000000000000003908380Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6bdeb977786b6a92022-01-11 12:18:59.834root 11241100x80000000000000003908381Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1fcdea87fef6baff2022-01-11 12:18:59.834root 11241100x80000000000000003908382Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cce6a8473d30df5c2022-01-11 12:18:59.835root 11241100x80000000000000003908383Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be0b9a17ef4492a52022-01-11 12:18:59.835root 11241100x80000000000000003908384Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.faa99cbd8b39f12c2022-01-11 12:18:59.835root 11241100x80000000000000003908385Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b37486175ff799e92022-01-11 12:18:59.835root 11241100x80000000000000003908386Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3525d55b0a2969a2022-01-11 12:18:59.836root 11241100x80000000000000003908387Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3a62d78066a1d982022-01-11 12:18:59.836root 11241100x80000000000000003908388Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.214f7d11d73b724a2022-01-11 12:18:59.836root 11241100x80000000000000003908389Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95c258026a14ef8c2022-01-11 12:18:59.836root 11241100x80000000000000003908390Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47b2ea4f9798234d2022-01-11 12:18:59.836root 11241100x80000000000000003908391Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2b9c863cb9d87072022-01-11 12:18:59.836root 11241100x80000000000000003908392Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.097c993a665088692022-01-11 12:18:59.836root 11241100x80000000000000003908393Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a19144e56ec5644f2022-01-11 12:18:59.836root 11241100x80000000000000003908394Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d06fd810ea2e62942022-01-11 12:18:59.837root 11241100x80000000000000003908395Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c53aab957a991a862022-01-11 12:18:59.837root 11241100x80000000000000003908396Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a2d4fcec5ca7ac72022-01-11 12:18:59.837root 11241100x80000000000000003908397Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04e4e30404d104542022-01-11 12:18:59.837root 11241100x80000000000000003908398Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b01cff17dcf886842022-01-11 12:18:59.837root 11241100x80000000000000003908399Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.828d1e0ed845243e2022-01-11 12:18:59.837root 11241100x80000000000000003908400Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e2c5a6ceb966a812022-01-11 12:18:59.837root 11241100x80000000000000003908401Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6733c44cf5b097722022-01-11 12:18:59.837root 11241100x80000000000000003908402Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c92c8f11551ef8f2022-01-11 12:18:59.837root 11241100x80000000000000003908403Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef4b49191c5357fa2022-01-11 12:18:59.837root 11241100x80000000000000003908404Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a7315c7379cc9ca2022-01-11 12:18:59.838root 11241100x80000000000000003908405Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55cd62270136aa422022-01-11 12:18:59.838root 11241100x80000000000000003908406Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f573b00d7d912ddc2022-01-11 12:18:59.838root 11241100x80000000000000003908407Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce05f348b4566b312022-01-11 12:18:59.838root 11241100x80000000000000003908408Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.811de947755be3012022-01-11 12:18:59.838root 11241100x80000000000000003908409Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2352d11001842c42022-01-11 12:18:59.838root 11241100x80000000000000003908410Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2b54a42f686d0d72022-01-11 12:18:59.838root 11241100x80000000000000003908411Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d593912811ba25992022-01-11 12:18:59.838root 11241100x80000000000000003908412Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e5944bbb32eead6d2022-01-11 12:18:59.838root 11241100x80000000000000003908413Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6178653857f2b3a2022-01-11 12:18:59.839root 11241100x80000000000000003908414Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.093eb97e9ae2a0e62022-01-11 12:18:59.839root 11241100x80000000000000003908415Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d6f05c92dc0b2b82022-01-11 12:18:59.839root 11241100x80000000000000003908416Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a76dcf267d453a9a2022-01-11 12:18:59.839root 11241100x80000000000000003908417Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90f58c75c33be7732022-01-11 12:18:59.839root 11241100x80000000000000003908418Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be4207742e739bac2022-01-11 12:18:59.839root 11241100x80000000000000003908419Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:59.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db68cf90e1f5199c2022-01-11 12:18:59.840root 11241100x80000000000000003908420Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.942a787abfeb45fb2022-01-11 12:19:00.333root 11241100x80000000000000003908421Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc0577b04d75f9082022-01-11 12:19:00.334root 11241100x80000000000000003908422Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b15e487e742d39a2022-01-11 12:19:00.334root 11241100x80000000000000003908423Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9c1816f1310ce792022-01-11 12:19:00.334root 11241100x80000000000000003908424Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0803711dad5114082022-01-11 12:19:00.335root 11241100x80000000000000003908425Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89456cf58363803e2022-01-11 12:19:00.335root 11241100x80000000000000003908426Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e4897657ceab26e2022-01-11 12:19:00.335root 11241100x80000000000000003908427Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e5e4c403856ca8f2022-01-11 12:19:00.335root 11241100x80000000000000003908428Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc52cee408ccf1db2022-01-11 12:19:00.335root 11241100x80000000000000003908429Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc4f3d58a68d2cdb2022-01-11 12:19:00.335root 11241100x80000000000000003908430Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.985daa05a40aabb52022-01-11 12:19:00.335root 11241100x80000000000000003908431Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b844732a45b63d0b2022-01-11 12:19:00.335root 11241100x80000000000000003908432Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c825a2655d53c5af2022-01-11 12:19:00.335root 11241100x80000000000000003908433Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.abf3f5166d7905e52022-01-11 12:19:00.335root 11241100x80000000000000003908434Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8923e556ab2fcf112022-01-11 12:19:00.335root 11241100x80000000000000003908435Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b11c056799dcffdb2022-01-11 12:19:00.336root 11241100x80000000000000003908436Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.248e11f2e9eb7eef2022-01-11 12:19:00.336root 11241100x80000000000000003908437Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d21abeba151b6bba2022-01-11 12:19:00.336root 11241100x80000000000000003908438Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee1faad1b26b674e2022-01-11 12:19:00.336root 11241100x80000000000000003908439Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2aca8fac07151a572022-01-11 12:19:00.336root 11241100x80000000000000003908440Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23b111755d0014de2022-01-11 12:19:00.336root 11241100x80000000000000003908441Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a03ea66d786a78552022-01-11 12:19:00.336root 11241100x80000000000000003908442Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d91189a60c5c36552022-01-11 12:19:00.336root 11241100x80000000000000003908443Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c185afe6628e9a252022-01-11 12:19:00.336root 11241100x80000000000000003908444Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.821930820c39f0a02022-01-11 12:19:00.336root 11241100x80000000000000003908445Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9ef91b4c068a1cf2022-01-11 12:19:00.337root 11241100x80000000000000003908446Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ec2d22232c2ee862022-01-11 12:19:00.337root 11241100x80000000000000003908447Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76e0db72ad36487f2022-01-11 12:19:00.337root 11241100x80000000000000003908448Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d94773ab7e6ba722022-01-11 12:19:00.337root 11241100x80000000000000003908449Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39bed0eeb3bf3b182022-01-11 12:19:00.337root 11241100x80000000000000003908450Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2079d5be98ad9e5e2022-01-11 12:19:00.337root 11241100x80000000000000003908451Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76c1ef2de123460d2022-01-11 12:19:00.337root 11241100x80000000000000003908452Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3b69681d1a69f932022-01-11 12:19:00.337root 11241100x80000000000000003908453Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88f5f1a53cbfc67c2022-01-11 12:19:00.337root 11241100x80000000000000003908454Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b36bce379514c612022-01-11 12:19:00.338root 11241100x80000000000000003908455Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.feccc173da8cd1712022-01-11 12:19:00.338root 11241100x80000000000000003908456Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.99f177f20bb586ae2022-01-11 12:19:00.338root 11241100x80000000000000003908457Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2feaec7d3776f61e2022-01-11 12:19:00.338root 11241100x80000000000000003908458Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33bd5858c408ba562022-01-11 12:19:00.338root 11241100x80000000000000003908459Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51c671f17886b7962022-01-11 12:19:00.338root 11241100x80000000000000003908460Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36ca74607a65f8072022-01-11 12:19:00.338root 11241100x80000000000000003908461Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5eaa1c796ea7e32f2022-01-11 12:19:00.835root 11241100x80000000000000003908462Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.496b0625670812912022-01-11 12:19:00.835root 11241100x80000000000000003908463Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.98baa0c3666e87312022-01-11 12:19:00.835root 11241100x80000000000000003908464Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1666ed06dc3e79882022-01-11 12:19:00.836root 11241100x80000000000000003908465Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab28e38fc1cf696e2022-01-11 12:19:00.836root 11241100x80000000000000003908466Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d1367307712d92e2022-01-11 12:19:00.836root 11241100x80000000000000003908467Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca3845b6c7a7a7642022-01-11 12:19:00.836root 11241100x80000000000000003908468Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.630da29a2806b35e2022-01-11 12:19:00.836root 11241100x80000000000000003908469Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.810b69f890ea94dd2022-01-11 12:19:00.836root 11241100x80000000000000003908470Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a1e0c1c8cddc52b2022-01-11 12:19:00.836root 11241100x80000000000000003908471Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d89ce9b9a791b342022-01-11 12:19:00.836root 11241100x80000000000000003908472Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6aeb4772eadee3e82022-01-11 12:19:00.837root 11241100x80000000000000003908473Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63c546805c6be3412022-01-11 12:19:00.837root 11241100x80000000000000003908474Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.880906d29a57cdc52022-01-11 12:19:00.837root 11241100x80000000000000003908475Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.757afe9847cf55942022-01-11 12:19:00.837root 11241100x80000000000000003908476Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d516ab02831f9fb72022-01-11 12:19:00.837root 11241100x80000000000000003908477Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d08a94d34c49d1f2022-01-11 12:19:00.837root 11241100x80000000000000003908478Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88f775069a5bc3a82022-01-11 12:19:00.837root 11241100x80000000000000003908479Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8e4badbdb6c766d2022-01-11 12:19:00.837root 11241100x80000000000000003908480Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3521dd0ce3bbd1f02022-01-11 12:19:00.837root 11241100x80000000000000003908481Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.062c7c894047bc562022-01-11 12:19:00.837root 11241100x80000000000000003908482Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f7cab32b04cd4b52022-01-11 12:19:00.838root 11241100x80000000000000003908483Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5587240b4c3a0b452022-01-11 12:19:00.838root 11241100x80000000000000003908484Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6effe13dcbf8b0df2022-01-11 12:19:00.838root 11241100x80000000000000003908485Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.52ec27a945bbedff2022-01-11 12:19:00.838root 11241100x80000000000000003908486Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c63b1c7b7bc649272022-01-11 12:19:00.838root 11241100x80000000000000003908487Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.792162a9f994e8862022-01-11 12:19:00.838root 11241100x80000000000000003908488Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63fbd754ed00984a2022-01-11 12:19:00.838root 11241100x80000000000000003908489Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.feb39323a43566ab2022-01-11 12:19:00.838root 11241100x80000000000000003908490Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8e15d7e479f1ad22022-01-11 12:19:00.838root 11241100x80000000000000003908491Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b7105591e8bc50f2022-01-11 12:19:00.838root 11241100x80000000000000003908492Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72f1f3f711fa5c562022-01-11 12:19:00.839root 11241100x80000000000000003908493Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db2a454c837625932022-01-11 12:19:00.839root 11241100x80000000000000003908494Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2071d4529b6859442022-01-11 12:19:00.839root 11241100x80000000000000003908495Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32832564ee5e2bde2022-01-11 12:19:00.839root 11241100x80000000000000003908496Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81962ebe00c59ed72022-01-11 12:19:00.839root 11241100x80000000000000003908497Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4678d7dd54bef2312022-01-11 12:19:00.839root 11241100x80000000000000003908498Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:00.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b26f717be1de26122022-01-11 12:19:00.839root 11241100x80000000000000003908499Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.14f11634eca9d0b32022-01-11 12:19:01.333root 11241100x80000000000000003908500Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.328831fc9469ad672022-01-11 12:19:01.334root 11241100x80000000000000003908501Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d4b85d038e91d642022-01-11 12:19:01.334root 11241100x80000000000000003908502Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.59c2334f96e2fb132022-01-11 12:19:01.334root 11241100x80000000000000003908503Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec3293540fd5dec82022-01-11 12:19:01.334root 11241100x80000000000000003908504Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d4cc2ce9f3dce442022-01-11 12:19:01.334root 11241100x80000000000000003908505Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04d7a00fe3cd5f622022-01-11 12:19:01.334root 11241100x80000000000000003908506Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d707bcd481ed7db62022-01-11 12:19:01.334root 11241100x80000000000000003908507Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.370d59cdcddb10002022-01-11 12:19:01.334root 11241100x80000000000000003908508Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e89f4187a1fa64562022-01-11 12:19:01.334root 11241100x80000000000000003908509Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8edb794cf4fcce392022-01-11 12:19:01.334root 11241100x80000000000000003908510Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83546a594b92f1232022-01-11 12:19:01.334root 11241100x80000000000000003908511Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7345fec3241e99ac2022-01-11 12:19:01.334root 11241100x80000000000000003908512Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a56210ba6022916f2022-01-11 12:19:01.335root 11241100x80000000000000003908513Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e345daabc486c1b62022-01-11 12:19:01.335root 11241100x80000000000000003908514Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0227f3f48561c4002022-01-11 12:19:01.335root 11241100x80000000000000003908515Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa1ceb00c8c7221d2022-01-11 12:19:01.335root 11241100x80000000000000003908516Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.58f45e3da8ed6c8a2022-01-11 12:19:01.335root 11241100x80000000000000003908517Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.802c43b1392e416c2022-01-11 12:19:01.335root 11241100x80000000000000003908518Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.87ff82df5e07706f2022-01-11 12:19:01.335root 11241100x80000000000000003908519Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1e6a9b6d75a03132022-01-11 12:19:01.336root 11241100x80000000000000003908520Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e786742abfd2bfe92022-01-11 12:19:01.336root 11241100x80000000000000003908521Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d59059188859c152022-01-11 12:19:01.336root 11241100x80000000000000003908522Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74166327ab43a3532022-01-11 12:19:01.336root 11241100x80000000000000003908523Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97d443d069395f362022-01-11 12:19:01.336root 11241100x80000000000000003908524Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.814254a3dd92eb642022-01-11 12:19:01.337root 11241100x80000000000000003908525Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed82e2e90fce6a5e2022-01-11 12:19:01.337root 11241100x80000000000000003908526Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3081b4761de0801c2022-01-11 12:19:01.337root 11241100x80000000000000003908527Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39f17bb1d7b832742022-01-11 12:19:01.337root 11241100x80000000000000003908528Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34c5b96dc9f419b32022-01-11 12:19:01.338root 11241100x80000000000000003908529Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5dcb6b3f0a3c62642022-01-11 12:19:01.338root 11241100x80000000000000003908530Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.532f59d68ded34032022-01-11 12:19:01.338root 11241100x80000000000000003908531Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3777978891e3f0212022-01-11 12:19:01.338root 11241100x80000000000000003908532Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22d3290dbf04b5202022-01-11 12:19:01.338root 11241100x80000000000000003908533Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.461a59ee4700f3ea2022-01-11 12:19:01.338root 11241100x80000000000000003908534Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06902b6cd440d9b02022-01-11 12:19:01.339root 11241100x80000000000000003908535Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.137b22ef090ce1952022-01-11 12:19:01.340root 11241100x80000000000000003908536Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8142e9c43f9e5a282022-01-11 12:19:01.340root 11241100x80000000000000003908537Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.99eae1088b5d2e122022-01-11 12:19:01.834root 11241100x80000000000000003908538Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7fd5db8f531dc4e12022-01-11 12:19:01.834root 11241100x80000000000000003908539Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d279bd31e2da80302022-01-11 12:19:01.834root 11241100x80000000000000003908540Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f338d952fa7802cd2022-01-11 12:19:01.834root 11241100x80000000000000003908541Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.753c455a72d87d6c2022-01-11 12:19:01.834root 11241100x80000000000000003908542Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.761918740f6eae902022-01-11 12:19:01.834root 11241100x80000000000000003908543Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f73dde481cb4e9b12022-01-11 12:19:01.834root 11241100x80000000000000003908544Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68bc2831f0fe514c2022-01-11 12:19:01.835root 11241100x80000000000000003908545Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6066313ade33ba52022-01-11 12:19:01.835root 11241100x80000000000000003908546Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.306eacfd84e0644e2022-01-11 12:19:01.835root 11241100x80000000000000003908547Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.432b3d27d20a63512022-01-11 12:19:01.835root 11241100x80000000000000003908548Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa6aa5195db0edce2022-01-11 12:19:01.835root 11241100x80000000000000003908549Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b7dc20761584c952022-01-11 12:19:01.835root 11241100x80000000000000003908550Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b32a9c6dea7b9eb62022-01-11 12:19:01.835root 11241100x80000000000000003908551Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3fc27d0e5e82764e2022-01-11 12:19:01.836root 11241100x80000000000000003908552Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.24f13f666b415b502022-01-11 12:19:01.836root 11241100x80000000000000003908553Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f3e7a6f7a535188f2022-01-11 12:19:01.836root 11241100x80000000000000003908554Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.185b80f44b0d17122022-01-11 12:19:01.836root 11241100x80000000000000003908555Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1010afa0015e63142022-01-11 12:19:01.836root 11241100x80000000000000003908556Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c95feee6233529b12022-01-11 12:19:01.836root 11241100x80000000000000003908557Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19cc7b325e0cb29e2022-01-11 12:19:01.837root 11241100x80000000000000003908558Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd1dc6ea8b7264832022-01-11 12:19:01.837root 11241100x80000000000000003908559Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1db9db372d1319c2022-01-11 12:19:01.837root 11241100x80000000000000003908560Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48b71926dc028de52022-01-11 12:19:01.837root 11241100x80000000000000003908561Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8091b1a3f4b7797d2022-01-11 12:19:01.837root 11241100x80000000000000003908562Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ecf9eda6d9943f62022-01-11 12:19:01.838root 11241100x80000000000000003908563Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a7b96034309efa12022-01-11 12:19:01.838root 11241100x80000000000000003908564Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.537b18886082fc312022-01-11 12:19:01.838root 11241100x80000000000000003908565Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b45a48db6b866422022-01-11 12:19:01.839root 11241100x80000000000000003908566Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.201ddc8a9af456052022-01-11 12:19:01.839root 11241100x80000000000000003908567Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.837bba11b8a9c7de2022-01-11 12:19:01.839root 11241100x80000000000000003908568Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfb8492bacede9a52022-01-11 12:19:01.839root 11241100x80000000000000003908569Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c084e41e9ed2d022022-01-11 12:19:01.839root 11241100x80000000000000003908570Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.298cf22f81fd463c2022-01-11 12:19:01.839root 11241100x80000000000000003908571Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b973e38079bd928a2022-01-11 12:19:01.840root 11241100x80000000000000003908572Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa7ae9794c4fafe52022-01-11 12:19:01.840root 11241100x80000000000000003908573Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35519c452879f2762022-01-11 12:19:01.840root 11241100x80000000000000003908574Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a2030406b7c0bff2022-01-11 12:19:01.840root 11241100x80000000000000003908575Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ee558619bda0e402022-01-11 12:19:01.840root 11241100x80000000000000003908576Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9961596c9c2b94f22022-01-11 12:19:01.840root 11241100x80000000000000003908577Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.841{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10fd1c4b393642a52022-01-11 12:19:01.841root 11241100x80000000000000003908578Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.841{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.87d2c078df4961b72022-01-11 12:19:01.841root 11241100x80000000000000003908579Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:01.841{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7da43d2e1168ba9f2022-01-11 12:19:01.841root 354300x80000000000000003908580Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.208{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56260-false10.0.1.12-8000- 11241100x80000000000000003908581Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.209{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.edaf369b981f9b3f2022-01-11 12:19:02.209root 11241100x80000000000000003908582Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.209{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c1c173577ca69892022-01-11 12:19:02.209root 11241100x80000000000000003908583Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.209{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f325db769d02feb2022-01-11 12:19:02.209root 11241100x80000000000000003908584Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.210{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.64af100afe572adf2022-01-11 12:19:02.210root 11241100x80000000000000003908585Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.210{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55fac088e6fb91d12022-01-11 12:19:02.210root 11241100x80000000000000003908586Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.210{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.142e6c20797328082022-01-11 12:19:02.210root 11241100x80000000000000003908587Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.210{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc4474ce83b00b6b2022-01-11 12:19:02.210root 11241100x80000000000000003908588Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.210{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.487aa8221e2daf952022-01-11 12:19:02.210root 11241100x80000000000000003908589Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.210{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.423c711653125f262022-01-11 12:19:02.210root 11241100x80000000000000003908590Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.211{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d05b8ae8c2eb08442022-01-11 12:19:02.211root 11241100x80000000000000003908591Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.211{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e3796e7f1a31e242022-01-11 12:19:02.211root 11241100x80000000000000003908592Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.211{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df41af9641379c3f2022-01-11 12:19:02.211root 11241100x80000000000000003908593Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.211{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f968414db3d1896a2022-01-11 12:19:02.211root 11241100x80000000000000003908594Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.212{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a47ed85f5937cccd2022-01-11 12:19:02.212root 11241100x80000000000000003908595Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.212{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.235dd25cea4c226f2022-01-11 12:19:02.212root 11241100x80000000000000003908596Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.212{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d30f450790db0d802022-01-11 12:19:02.212root 11241100x80000000000000003908597Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.213{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8c324b172d928382022-01-11 12:19:02.213root 11241100x80000000000000003908598Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.213{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c1588d8cfa150372022-01-11 12:19:02.213root 11241100x80000000000000003908599Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.213{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba0c503d239afdca2022-01-11 12:19:02.213root 11241100x80000000000000003908600Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.213{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b16be32e746e6792022-01-11 12:19:02.213root 11241100x80000000000000003908601Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.213{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a78059fd6c01c31a2022-01-11 12:19:02.213root 11241100x80000000000000003908602Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.213{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9667501d52bc318c2022-01-11 12:19:02.213root 11241100x80000000000000003908603Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.215{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfc22654e49f7d982022-01-11 12:19:02.215root 11241100x80000000000000003908604Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.215{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f31eeee6a6aa90352022-01-11 12:19:02.215root 11241100x80000000000000003908605Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.215{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84292b5cfce5186c2022-01-11 12:19:02.215root 11241100x80000000000000003908606Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.215{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.158617d55a5c34272022-01-11 12:19:02.215root 11241100x80000000000000003908607Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.215{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.94b5881fbed8b4b32022-01-11 12:19:02.215root 11241100x80000000000000003908608Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.215{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0997397592b0e7d2022-01-11 12:19:02.215root 11241100x80000000000000003908609Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.215{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2b6b7a343b534622022-01-11 12:19:02.215root 11241100x80000000000000003908610Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.216{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f9c83f9ea448c582022-01-11 12:19:02.216root 11241100x80000000000000003908611Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.216{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae76c532b7bcbbd32022-01-11 12:19:02.216root 11241100x80000000000000003908612Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.216{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.178700491bdf0ee22022-01-11 12:19:02.216root 11241100x80000000000000003908613Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.216{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.551637a10c45af962022-01-11 12:19:02.216root 11241100x80000000000000003908614Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.216{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf4ac118cd9a3cb32022-01-11 12:19:02.216root 11241100x80000000000000003908615Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.216{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05aedcff7d0b6d722022-01-11 12:19:02.216root 11241100x80000000000000003908616Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.216{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54ab4fe72b985a6a2022-01-11 12:19:02.216root 11241100x80000000000000003908617Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.216{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dab52b21ad2845e22022-01-11 12:19:02.216root 11241100x80000000000000003908618Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.216{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d29a880d24fb3962022-01-11 12:19:02.216root 11241100x80000000000000003908619Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.217{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.714949056e5d7a132022-01-11 12:19:02.217root 11241100x80000000000000003908620Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.217{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf1612280cab027c2022-01-11 12:19:02.217root 11241100x80000000000000003908621Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.217{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ef9b756e3563a622022-01-11 12:19:02.217root 11241100x80000000000000003908622Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.217{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d22828d71761da202022-01-11 12:19:02.217root 11241100x80000000000000003908623Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.217{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cba6bd6992b9e5552022-01-11 12:19:02.217root 11241100x80000000000000003908624Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.217{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e864b5409e8a22912022-01-11 12:19:02.217root 11241100x80000000000000003908625Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.217{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.336479b65d6e06cf2022-01-11 12:19:02.217root 11241100x80000000000000003908626Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.217{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.421ab142ce139f702022-01-11 12:19:02.217root 11241100x80000000000000003908627Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.217{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.351f5d409a3fc6dd2022-01-11 12:19:02.217root 11241100x80000000000000003908628Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.217{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1beacc706911c4892022-01-11 12:19:02.217root 11241100x80000000000000003908629Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc74d7e3923a21272022-01-11 12:19:02.584root 11241100x80000000000000003908630Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d57799206e18a0a52022-01-11 12:19:02.584root 11241100x80000000000000003908631Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf466eb38956a75d2022-01-11 12:19:02.584root 11241100x80000000000000003908632Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2e150469c530fef2022-01-11 12:19:02.584root 11241100x80000000000000003908633Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6bec1601786a54a42022-01-11 12:19:02.584root 11241100x80000000000000003908634Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0c9bc551d2127822022-01-11 12:19:02.584root 11241100x80000000000000003908635Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7da1f264fc0ce2f42022-01-11 12:19:02.584root 11241100x80000000000000003908636Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5fc99c4f8413e0d32022-01-11 12:19:02.585root 11241100x80000000000000003908637Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.009088af09df383e2022-01-11 12:19:02.585root 11241100x80000000000000003908638Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.516905b0819e778c2022-01-11 12:19:02.585root 11241100x80000000000000003908639Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1b4ea6ff97d6f762022-01-11 12:19:02.585root 11241100x80000000000000003908640Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.28f93768d0a1a7272022-01-11 12:19:02.585root 11241100x80000000000000003908641Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0fc548c38e60df372022-01-11 12:19:02.585root 11241100x80000000000000003908642Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4fff2657c54fe112022-01-11 12:19:02.585root 11241100x80000000000000003908643Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2dfed3a63f6a3b0c2022-01-11 12:19:02.585root 11241100x80000000000000003908644Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be0bf3900fcb0fbb2022-01-11 12:19:02.585root 11241100x80000000000000003908645Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.825e64692a8679572022-01-11 12:19:02.585root 11241100x80000000000000003908646Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba252a2ae589b47e2022-01-11 12:19:02.585root 11241100x80000000000000003908647Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d2a95f3380da5562022-01-11 12:19:02.585root 11241100x80000000000000003908648Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.14da563405756fc82022-01-11 12:19:02.585root 11241100x80000000000000003908649Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.59a5850c806a30422022-01-11 12:19:02.585root 11241100x80000000000000003908650Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.acea0ce7df0fb7912022-01-11 12:19:02.585root 11241100x80000000000000003908651Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.14393b7b5c0bda6b2022-01-11 12:19:02.585root 11241100x80000000000000003908652Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed1fa56e898aa7a12022-01-11 12:19:02.586root 11241100x80000000000000003908653Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dfdadbd72f6902762022-01-11 12:19:02.586root 11241100x80000000000000003908654Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b24efdd72095fcd62022-01-11 12:19:02.586root 11241100x80000000000000003908655Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22607e9fa6d7932b2022-01-11 12:19:02.586root 11241100x80000000000000003908656Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1cfa6a9aac0712d2022-01-11 12:19:02.586root 11241100x80000000000000003908657Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4acd64ba32daf3f2022-01-11 12:19:02.586root 11241100x80000000000000003908658Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d360c6568f935bd82022-01-11 12:19:02.586root 11241100x80000000000000003908659Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4890a30655f136902022-01-11 12:19:02.586root 11241100x80000000000000003908660Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4aac97411441c0c22022-01-11 12:19:02.587root 11241100x80000000000000003908661Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67d8b70476e3f3292022-01-11 12:19:02.587root 11241100x80000000000000003908662Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3451a0f30a695a5a2022-01-11 12:19:02.587root 11241100x80000000000000003908663Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7bbb7e4ac091b8cd2022-01-11 12:19:02.588root 11241100x80000000000000003908664Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d650db5108c67132022-01-11 12:19:02.588root 11241100x80000000000000003908665Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad174e7038861ee52022-01-11 12:19:02.588root 11241100x80000000000000003908666Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da5806b212fc56ea2022-01-11 12:19:02.588root 11241100x80000000000000003908667Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f22f176d1c003efd2022-01-11 12:19:02.588root 11241100x80000000000000003908668Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa75461e676e5ead2022-01-11 12:19:02.588root 11241100x80000000000000003908669Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.58bc61de29ba82502022-01-11 12:19:02.589root 11241100x80000000000000003908670Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9acff12b1ff4e55e2022-01-11 12:19:02.589root 11241100x80000000000000003908671Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.713f43c95d2347952022-01-11 12:19:02.589root 11241100x80000000000000003908672Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.337c849dc5f463662022-01-11 12:19:02.589root 11241100x80000000000000003908673Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca450f090fb0932d2022-01-11 12:19:02.589root 11241100x80000000000000003908674Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b985775b3e3e50272022-01-11 12:19:02.589root 11241100x80000000000000003908675Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8e52dfd8a5561052022-01-11 12:19:02.589root 11241100x80000000000000003908676Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d52113f4fb49f842022-01-11 12:19:02.590root 11241100x80000000000000003908677Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd58e7f522dcdebe2022-01-11 12:19:02.590root 11241100x80000000000000003908678Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54d0302bb43bff092022-01-11 12:19:02.590root 11241100x80000000000000003908679Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.394feda7f0c96aaf2022-01-11 12:19:02.590root 11241100x80000000000000003908680Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f6c8b71fc6e38072022-01-11 12:19:02.590root 11241100x80000000000000003908681Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f8bb9602994c7af2022-01-11 12:19:02.590root 11241100x80000000000000003908682Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96d041cbf45ee2782022-01-11 12:19:02.591root 11241100x80000000000000003908683Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91072d7b391c280a2022-01-11 12:19:02.591root 11241100x80000000000000003908684Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2bce4dbc07e18ab2022-01-11 12:19:02.591root 11241100x80000000000000003908685Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed936c621f7b21012022-01-11 12:19:02.591root 11241100x80000000000000003908686Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf0398eb8d3f14012022-01-11 12:19:02.591root 11241100x80000000000000003908687Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.592{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81b8dfbfb6c4fcee2022-01-11 12:19:02.592root 11241100x80000000000000003908688Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.592{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b16895134d7b3622022-01-11 12:19:02.592root 11241100x80000000000000003908689Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.592{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9ae31b9a97abc472022-01-11 12:19:02.592root 11241100x80000000000000003908690Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.592{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a59ec863a09974842022-01-11 12:19:02.592root 11241100x80000000000000003908691Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.592{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f55fdadc839d63cf2022-01-11 12:19:02.592root 11241100x80000000000000003908692Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.592{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ccfacb5498d213d2022-01-11 12:19:02.592root 11241100x80000000000000003908693Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.593{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1fcc77dd39075d392022-01-11 12:19:02.593root 11241100x80000000000000003908694Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.593{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89f1e5b793e54aea2022-01-11 12:19:02.593root 11241100x80000000000000003908695Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.593{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02189b6f942642992022-01-11 12:19:02.593root 11241100x80000000000000003908696Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.593{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.24ad394a0c7b5a462022-01-11 12:19:02.593root 11241100x80000000000000003908697Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.593{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.533184ba8ff536a02022-01-11 12:19:02.593root 11241100x80000000000000003908698Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.593{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.75981a270d24ffbf2022-01-11 12:19:02.593root 11241100x80000000000000003908699Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.593{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3511d0a8fde724622022-01-11 12:19:02.593root 11241100x80000000000000003908700Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.593{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9dbe5c9000f6b022022-01-11 12:19:02.593root 11241100x80000000000000003908701Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.594{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a434bf1d36248b122022-01-11 12:19:02.594root 11241100x80000000000000003908702Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.594{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6279d60d49966ea2022-01-11 12:19:02.594root 11241100x80000000000000003908703Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.594{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0777e1163c444742022-01-11 12:19:02.594root 11241100x80000000000000003908704Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.594{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb8533308f44b5082022-01-11 12:19:02.594root 11241100x80000000000000003908705Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.594{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.907f5678cd4f0a902022-01-11 12:19:02.594root 11241100x80000000000000003908706Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.595{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96b176fe6a8e525e2022-01-11 12:19:02.595root 11241100x80000000000000003908707Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.595{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.428d3d33df2e3eb52022-01-11 12:19:02.595root 11241100x80000000000000003908708Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.595{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a1dfaf3ad6b245e2022-01-11 12:19:02.595root 11241100x80000000000000003908709Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.595{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb03a1fb13a6fdd42022-01-11 12:19:02.595root 11241100x80000000000000003908710Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.595{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb530ee8b50927dc2022-01-11 12:19:02.595root 11241100x80000000000000003908711Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.596{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f7c6c40a949ee52f2022-01-11 12:19:02.596root 11241100x80000000000000003908712Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.596{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3769955760c78c12022-01-11 12:19:02.596root 11241100x80000000000000003908713Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.596{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c2ff2d9bfd974112022-01-11 12:19:02.596root 11241100x80000000000000003908714Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.596{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.171398495ad294992022-01-11 12:19:02.596root 11241100x80000000000000003908715Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.596{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88dd724d1dfb231c2022-01-11 12:19:02.596root 11241100x80000000000000003908716Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:02.596{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf31b20193eb4bde2022-01-11 12:19:02.596root 11241100x80000000000000003908717Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d03996480482cc1a2022-01-11 12:19:03.083root 11241100x80000000000000003908718Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c54557494bb038c2022-01-11 12:19:03.083root 11241100x80000000000000003908719Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae8c3b2e8ad22c132022-01-11 12:19:03.084root 11241100x80000000000000003908720Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0ffd0c87639cd932022-01-11 12:19:03.084root 11241100x80000000000000003908721Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ccf008428630f9c2022-01-11 12:19:03.084root 11241100x80000000000000003908722Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da1ce1921f265cc82022-01-11 12:19:03.084root 11241100x80000000000000003908723Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.334f8a650e1b811f2022-01-11 12:19:03.084root 11241100x80000000000000003908724Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c08f497cfd311772022-01-11 12:19:03.084root 11241100x80000000000000003908725Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.13fc710fff65a48c2022-01-11 12:19:03.084root 11241100x80000000000000003908726Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.302a39e6d54d9fe92022-01-11 12:19:03.085root 11241100x80000000000000003908727Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.598e383821cef9fb2022-01-11 12:19:03.085root 11241100x80000000000000003908728Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f1e4a80c0983b892022-01-11 12:19:03.085root 11241100x80000000000000003908729Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6657605f7a9b6ff42022-01-11 12:19:03.085root 11241100x80000000000000003908730Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d01520ca7e6664982022-01-11 12:19:03.085root 11241100x80000000000000003908731Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76d2cecc71c39efd2022-01-11 12:19:03.085root 11241100x80000000000000003908732Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1409c60cd366e3962022-01-11 12:19:03.086root 11241100x80000000000000003908733Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97b08c438d8e54e12022-01-11 12:19:03.086root 11241100x80000000000000003908734Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9617889a77d653f2022-01-11 12:19:03.086root 11241100x80000000000000003908735Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e275716cda160d62022-01-11 12:19:03.086root 11241100x80000000000000003908736Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af3ff29951e226132022-01-11 12:19:03.086root 11241100x80000000000000003908737Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1dacd0b83a43bb832022-01-11 12:19:03.086root 11241100x80000000000000003908738Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f93562b2adf4b9f72022-01-11 12:19:03.087root 11241100x80000000000000003908739Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73d85f11df2550a32022-01-11 12:19:03.087root 11241100x80000000000000003908740Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e52302c840a74e852022-01-11 12:19:03.087root 11241100x80000000000000003908741Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f9479b80a1d6ed82022-01-11 12:19:03.087root 11241100x80000000000000003908742Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32a7bc399852298b2022-01-11 12:19:03.087root 11241100x80000000000000003908743Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a28227d89960aff2022-01-11 12:19:03.088root 11241100x80000000000000003908744Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6045a83cfbc064c12022-01-11 12:19:03.088root 11241100x80000000000000003908745Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40b2e02f6dfa88d62022-01-11 12:19:03.088root 11241100x80000000000000003908746Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb57ebf7ad6e1e622022-01-11 12:19:03.088root 11241100x80000000000000003908747Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91830cd8b850aa5f2022-01-11 12:19:03.089root 11241100x80000000000000003908748Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1443df174e32dd0f2022-01-11 12:19:03.089root 11241100x80000000000000003908749Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a42442d73ee9a172022-01-11 12:19:03.089root 11241100x80000000000000003908750Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a937a345b62143a2022-01-11 12:19:03.089root 11241100x80000000000000003908751Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3a4163fb25274a42022-01-11 12:19:03.089root 11241100x80000000000000003908752Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a5729469af0d7c72022-01-11 12:19:03.089root 11241100x80000000000000003908753Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f6daa03a125743d2022-01-11 12:19:03.090root 11241100x80000000000000003908754Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa8972f44d6403b22022-01-11 12:19:03.090root 11241100x80000000000000003908755Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09a0330cdf342b7b2022-01-11 12:19:03.090root 11241100x80000000000000003908756Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d88fb33852eb146f2022-01-11 12:19:03.090root 11241100x80000000000000003908757Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4426b3f974df0c8d2022-01-11 12:19:03.091root 11241100x80000000000000003908758Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd672cadeefe68ea2022-01-11 12:19:03.091root 11241100x80000000000000003908759Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbe98009085bb9a32022-01-11 12:19:03.091root 11241100x80000000000000003908760Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6334172c46a9794f2022-01-11 12:19:03.091root 11241100x80000000000000003908761Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b2562c72f9c10032022-01-11 12:19:03.091root 11241100x80000000000000003908762Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f98ec7194e515e322022-01-11 12:19:03.091root 11241100x80000000000000003908763Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8038a24ceff51a52022-01-11 12:19:03.091root 11241100x80000000000000003908764Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93a0094ee9ecc8192022-01-11 12:19:03.583root 11241100x80000000000000003908765Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbbc7cd09c885ce72022-01-11 12:19:03.583root 11241100x80000000000000003908766Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.58930348e6fededd2022-01-11 12:19:03.584root 11241100x80000000000000003908767Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d14caddcdbc4443b2022-01-11 12:19:03.584root 11241100x80000000000000003908768Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2dfd47c8335c7aa2022-01-11 12:19:03.584root 11241100x80000000000000003908769Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a12115f8c795e172022-01-11 12:19:03.584root 11241100x80000000000000003908770Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c85e6abe85005e202022-01-11 12:19:03.585root 11241100x80000000000000003908771Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c6df49eafa178a12022-01-11 12:19:03.585root 11241100x80000000000000003908772Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.30fd73b642ea6d4f2022-01-11 12:19:03.585root 11241100x80000000000000003908773Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a540460375edf8b2022-01-11 12:19:03.585root 11241100x80000000000000003908774Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e00832126db7ad872022-01-11 12:19:03.585root 11241100x80000000000000003908775Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5806bda97e3224f12022-01-11 12:19:03.585root 11241100x80000000000000003908776Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3bfcfb4cdeb46d5a2022-01-11 12:19:03.586root 11241100x80000000000000003908777Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db809149e557fa1c2022-01-11 12:19:03.586root 11241100x80000000000000003908778Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a7e89f88026030e2022-01-11 12:19:03.586root 11241100x80000000000000003908779Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65182d7412799c682022-01-11 12:19:03.586root 11241100x80000000000000003908780Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.404d37402a2d8ca52022-01-11 12:19:03.587root 11241100x80000000000000003908781Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1060ac2f1aef3a862022-01-11 12:19:03.587root 11241100x80000000000000003908782Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd660ad2fea089cf2022-01-11 12:19:03.587root 11241100x80000000000000003908783Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20657ac30dee81ac2022-01-11 12:19:03.587root 11241100x80000000000000003908784Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db63e56e5f33a1fe2022-01-11 12:19:03.587root 11241100x80000000000000003908785Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.573bfab3afc52a842022-01-11 12:19:03.587root 11241100x80000000000000003908786Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d017e6bb9a18033b2022-01-11 12:19:03.587root 11241100x80000000000000003908787Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22047f09e6602c042022-01-11 12:19:03.587root 11241100x80000000000000003908788Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c4f7625e5fec47a42022-01-11 12:19:03.588root 11241100x80000000000000003908789Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc466a63044e200e2022-01-11 12:19:03.588root 11241100x80000000000000003908790Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c33f00785ee99ddb2022-01-11 12:19:03.588root 11241100x80000000000000003908791Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e12f07a7c24ccbd52022-01-11 12:19:03.588root 11241100x80000000000000003908792Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09816c6bf8bcd2272022-01-11 12:19:03.588root 11241100x80000000000000003908793Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.223a940aaad641dd2022-01-11 12:19:03.588root 11241100x80000000000000003908794Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da54e2d69d7babb02022-01-11 12:19:03.588root 11241100x80000000000000003908795Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a7b87ea5304731c2022-01-11 12:19:03.588root 11241100x80000000000000003908796Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63d1223a8b16d8fa2022-01-11 12:19:03.588root 11241100x80000000000000003908797Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd02ab0fe015b0142022-01-11 12:19:03.588root 11241100x80000000000000003908798Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4efa73f3751813bd2022-01-11 12:19:03.588root 11241100x80000000000000003908799Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e54e05ef082a8ed92022-01-11 12:19:03.588root 11241100x80000000000000003908800Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e625fc4311218e32022-01-11 12:19:03.588root 11241100x80000000000000003908801Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ea875295361aed12022-01-11 12:19:03.589root 11241100x80000000000000003908802Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bef922e9281116872022-01-11 12:19:03.589root 11241100x80000000000000003908803Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1b424e64448252d2022-01-11 12:19:03.589root 11241100x80000000000000003908804Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9325e9c38616ae0d2022-01-11 12:19:03.589root 11241100x80000000000000003908805Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0955661c88cea262022-01-11 12:19:03.589root 11241100x80000000000000003908806Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83b4f4542718ea522022-01-11 12:19:03.589root 11241100x80000000000000003908807Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d370333d912b4d82022-01-11 12:19:03.589root 11241100x80000000000000003908808Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a35a08363dd362d82022-01-11 12:19:03.589root 11241100x80000000000000003908809Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6fd91d7f762d7b2b2022-01-11 12:19:03.589root 11241100x80000000000000003908810Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.babbd9a814680f7c2022-01-11 12:19:03.589root 11241100x80000000000000003908811Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61262384a0c04f7e2022-01-11 12:19:03.589root 11241100x80000000000000003908812Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:03.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6cc692d332e42982022-01-11 12:19:03.589root 11241100x80000000000000003908813Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.656c753d0aaa0df12022-01-11 12:19:04.083root 11241100x80000000000000003908814Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00398bd53b2376232022-01-11 12:19:04.083root 11241100x80000000000000003908815Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed9f4360784406412022-01-11 12:19:04.083root 11241100x80000000000000003908816Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d0d1769557865032022-01-11 12:19:04.083root 11241100x80000000000000003908817Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.466863e03a37be502022-01-11 12:19:04.083root 11241100x80000000000000003908818Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e66127b504a74dad2022-01-11 12:19:04.083root 11241100x80000000000000003908819Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba345fff87fb86782022-01-11 12:19:04.084root 11241100x80000000000000003908820Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.494d5828c9636b2a2022-01-11 12:19:04.084root 11241100x80000000000000003908821Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be563c248062f64f2022-01-11 12:19:04.084root 11241100x80000000000000003908822Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e057a77af63e1272022-01-11 12:19:04.084root 11241100x80000000000000003908823Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7be54ee7fb9bcb42022-01-11 12:19:04.084root 11241100x80000000000000003908824Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec3ccb6ce87e5fdc2022-01-11 12:19:04.084root 11241100x80000000000000003908825Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.744db8a1090921842022-01-11 12:19:04.084root 11241100x80000000000000003908826Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55e3fc888a7dc13e2022-01-11 12:19:04.085root 11241100x80000000000000003908827Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5420711a405980662022-01-11 12:19:04.085root 11241100x80000000000000003908828Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a214abed9338a6222022-01-11 12:19:04.085root 11241100x80000000000000003908829Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e24a5457f6cc0ac2022-01-11 12:19:04.085root 11241100x80000000000000003908830Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.644329e4a494658b2022-01-11 12:19:04.085root 11241100x80000000000000003908831Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8faf5c696bef935d2022-01-11 12:19:04.085root 11241100x80000000000000003908832Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83cde525da4c91b92022-01-11 12:19:04.086root 11241100x80000000000000003908833Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22469f65de72c07e2022-01-11 12:19:04.086root 11241100x80000000000000003908834Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26335f31066a20bf2022-01-11 12:19:04.086root 11241100x80000000000000003908835Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d41a4951a21f46f92022-01-11 12:19:04.086root 11241100x80000000000000003908836Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df24fb4ba39514ce2022-01-11 12:19:04.086root 11241100x80000000000000003908837Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65c070015d34e9232022-01-11 12:19:04.086root 11241100x80000000000000003908838Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a457aa832efdff952022-01-11 12:19:04.087root 11241100x80000000000000003908839Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b0c6c1763892bba2022-01-11 12:19:04.087root 11241100x80000000000000003908840Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b191f04e13bd0a3f2022-01-11 12:19:04.087root 11241100x80000000000000003908841Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.611f7311fa4977ca2022-01-11 12:19:04.087root 11241100x80000000000000003908842Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0127e5563e2b669b2022-01-11 12:19:04.087root 11241100x80000000000000003908843Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf28aa2137e032c32022-01-11 12:19:04.087root 11241100x80000000000000003908844Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf34e8e744b385bf2022-01-11 12:19:04.087root 11241100x80000000000000003908845Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e76e3b085bbaeacd2022-01-11 12:19:04.088root 11241100x80000000000000003908846Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4959e23dabf96dc02022-01-11 12:19:04.088root 11241100x80000000000000003908847Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b030df9c0d264732022-01-11 12:19:04.088root 11241100x80000000000000003908848Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eef6c25a1ea7e7782022-01-11 12:19:04.088root 11241100x80000000000000003908849Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d21833e72d856ae02022-01-11 12:19:04.088root 11241100x80000000000000003908850Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.721a10046a4fd2392022-01-11 12:19:04.088root 11241100x80000000000000003908851Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6deafcefaf8bfb442022-01-11 12:19:04.089root 11241100x80000000000000003908852Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49fbb888fe69b3cf2022-01-11 12:19:04.089root 11241100x80000000000000003908853Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fca8cc1f70dfa822022-01-11 12:19:04.089root 11241100x80000000000000003908854Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12c2f1d7db258abb2022-01-11 12:19:04.089root 11241100x80000000000000003908855Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cea49c97b2d0e07e2022-01-11 12:19:04.584root 11241100x80000000000000003908856Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00f9a48242a23ec82022-01-11 12:19:04.584root 11241100x80000000000000003908857Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ea1407a005109672022-01-11 12:19:04.584root 11241100x80000000000000003908858Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26d00e5f6fdf9ba62022-01-11 12:19:04.584root 11241100x80000000000000003908859Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5bdde73ec4c393f22022-01-11 12:19:04.584root 11241100x80000000000000003908860Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae8f53452528c8742022-01-11 12:19:04.584root 11241100x80000000000000003908861Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7e702128924121f2022-01-11 12:19:04.584root 11241100x80000000000000003908862Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74fd6fc6ad5365b52022-01-11 12:19:04.585root 11241100x80000000000000003908863Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c19ef8ba8b388ee12022-01-11 12:19:04.585root 11241100x80000000000000003908864Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34234c1cdfcb52ab2022-01-11 12:19:04.585root 11241100x80000000000000003908865Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ccafe30b659af6202022-01-11 12:19:04.585root 11241100x80000000000000003908866Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a43625518ee991b72022-01-11 12:19:04.585root 11241100x80000000000000003908867Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f5639821b125b352022-01-11 12:19:04.585root 11241100x80000000000000003908868Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd3fd9541d83d37f2022-01-11 12:19:04.585root 11241100x80000000000000003908869Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eee4e788cc815ed62022-01-11 12:19:04.585root 11241100x80000000000000003908870Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17bd5abf9da0da222022-01-11 12:19:04.585root 11241100x80000000000000003908871Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a98d717e52c7ab012022-01-11 12:19:04.585root 11241100x80000000000000003908872Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4d1bd56d964c329b2022-01-11 12:19:04.585root 11241100x80000000000000003908873Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.665f4782e3af5f482022-01-11 12:19:04.585root 11241100x80000000000000003908874Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c07c7b9e7bcdbddf2022-01-11 12:19:04.585root 11241100x80000000000000003908875Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e96ebfb34913f6e42022-01-11 12:19:04.585root 11241100x80000000000000003908876Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11da6a74a0ff9a552022-01-11 12:19:04.586root 11241100x80000000000000003908877Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.07b2fc64f891f5fb2022-01-11 12:19:04.586root 11241100x80000000000000003908878Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3942b3fbd84ccbcd2022-01-11 12:19:04.586root 11241100x80000000000000003908879Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40be873eef0467102022-01-11 12:19:04.586root 11241100x80000000000000003908880Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fafb6ed0b76f0fec2022-01-11 12:19:04.586root 11241100x80000000000000003908881Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f9fc06bd0ce55f6d2022-01-11 12:19:04.586root 11241100x80000000000000003908882Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.159f1d65294a7ccb2022-01-11 12:19:04.586root 11241100x80000000000000003908883Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39263bf2782577032022-01-11 12:19:04.586root 11241100x80000000000000003908884Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.488d64bdd8e0581b2022-01-11 12:19:04.586root 11241100x80000000000000003908885Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80b1d1cbbc8c4ba12022-01-11 12:19:04.587root 11241100x80000000000000003908886Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf442a5afda5b8d52022-01-11 12:19:04.587root 11241100x80000000000000003908887Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15e8bb7dfe9af3472022-01-11 12:19:04.587root 11241100x80000000000000003908888Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.559f89f544eb6ce52022-01-11 12:19:04.587root 11241100x80000000000000003908889Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b706bb53dac8f8af2022-01-11 12:19:04.587root 11241100x80000000000000003908890Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46a95dd0e8d2db612022-01-11 12:19:04.587root 11241100x80000000000000003908891Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c9f17578c967ec82022-01-11 12:19:04.587root 11241100x80000000000000003908892Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54c46268ddaee9742022-01-11 12:19:04.587root 11241100x80000000000000003908893Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a8a89b1baf457492022-01-11 12:19:04.587root 11241100x80000000000000003908894Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb14ed685375f9b02022-01-11 12:19:04.587root 11241100x80000000000000003908895Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48ec7ac4e0d41c7c2022-01-11 12:19:04.588root 11241100x80000000000000003908896Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2e7432a54ecebc02022-01-11 12:19:04.588root 11241100x80000000000000003908897Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7a86558d0497cc02022-01-11 12:19:04.588root 11241100x80000000000000003908898Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec1cdb063bf806e32022-01-11 12:19:04.588root 11241100x80000000000000003908899Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6a5ac81f1a71fa02022-01-11 12:19:04.588root 11241100x80000000000000003908900Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eabc708c8400b1972022-01-11 12:19:04.588root 11241100x80000000000000003908901Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6e891a498ee53732022-01-11 12:19:04.588root 11241100x80000000000000003908902Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7908b5640bd7943d2022-01-11 12:19:04.589root 11241100x80000000000000003908903Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9a6db05d34736852022-01-11 12:19:04.589root 11241100x80000000000000003908904Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d47bb7e045e063df2022-01-11 12:19:04.589root 11241100x80000000000000003908905Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.52843cee003cebdf2022-01-11 12:19:04.589root 11241100x80000000000000003908906Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8752ba17df7dc6e22022-01-11 12:19:04.589root 11241100x80000000000000003908907Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a557c7b18eadc9042022-01-11 12:19:04.589root 11241100x80000000000000003908908Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.280268f2d7138a2b2022-01-11 12:19:04.589root 11241100x80000000000000003908909Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63f36f26671f6d7f2022-01-11 12:19:04.589root 11241100x80000000000000003908910Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bda06cd371f8abed2022-01-11 12:19:04.590root 11241100x80000000000000003908911Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49ee7ab345cf76652022-01-11 12:19:04.590root 11241100x80000000000000003908912Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32c9c2958bcef8d22022-01-11 12:19:04.590root 11241100x80000000000000003908913Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ee65d3e994720242022-01-11 12:19:04.590root 11241100x80000000000000003908914Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb537da7af6241012022-01-11 12:19:04.590root 11241100x80000000000000003908915Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38ab7252497d22e72022-01-11 12:19:04.590root 11241100x80000000000000003908916Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7d346bd4a2b16da2022-01-11 12:19:04.590root 11241100x80000000000000003908917Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69eb6084c78251832022-01-11 12:19:04.590root 11241100x80000000000000003908918Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e38134d15d472492022-01-11 12:19:04.590root 11241100x80000000000000003908919Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9959391b476678682022-01-11 12:19:04.590root 11241100x80000000000000003908920Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc09640fa11894e12022-01-11 12:19:04.590root 11241100x80000000000000003908921Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43f3ae88a00f5f692022-01-11 12:19:04.591root 11241100x80000000000000003908922Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f164eb10de48f25b2022-01-11 12:19:04.591root 11241100x80000000000000003908923Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c758c087975afd922022-01-11 12:19:04.591root 11241100x80000000000000003908924Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba2135abef4c11752022-01-11 12:19:04.591root 11241100x80000000000000003908925Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89f6cb5c18e168152022-01-11 12:19:04.591root 11241100x80000000000000003908926Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7bba77b70d6c11cb2022-01-11 12:19:04.591root 11241100x80000000000000003908927Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.846d1e3275ac30ba2022-01-11 12:19:04.591root 11241100x80000000000000003908928Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66b15a09f6385f3e2022-01-11 12:19:04.591root 11241100x80000000000000003908929Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a08bae0fb7c1211c2022-01-11 12:19:04.591root 11241100x80000000000000003908930Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:04.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ace7af49bfce40712022-01-11 12:19:04.591root 11241100x80000000000000003908931Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2028b9ac538fa1da2022-01-11 12:19:05.083root 11241100x80000000000000003908932Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10b80179e0b45a9a2022-01-11 12:19:05.083root 11241100x80000000000000003908933Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f9790d479d4498742022-01-11 12:19:05.083root 11241100x80000000000000003908934Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6cbe848828041aeb2022-01-11 12:19:05.083root 11241100x80000000000000003908935Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74d5be3da0c0c9cd2022-01-11 12:19:05.084root 11241100x80000000000000003908936Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff3fcfd59eb5722f2022-01-11 12:19:05.084root 11241100x80000000000000003908937Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.277def9d259714382022-01-11 12:19:05.084root 11241100x80000000000000003908938Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b6e534294169db92022-01-11 12:19:05.084root 11241100x80000000000000003908939Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee940246af743e212022-01-11 12:19:05.084root 11241100x80000000000000003908940Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00f9cf573b3e927a2022-01-11 12:19:05.084root 11241100x80000000000000003908941Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf4e03a2c0c2004f2022-01-11 12:19:05.084root 11241100x80000000000000003908942Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f9e4c63a9bb938832022-01-11 12:19:05.084root 11241100x80000000000000003908943Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1a9eaa178836ccf2022-01-11 12:19:05.084root 11241100x80000000000000003908944Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a54ffb63cfec002f2022-01-11 12:19:05.084root 11241100x80000000000000003908945Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.346feca434c2c6822022-01-11 12:19:05.084root 11241100x80000000000000003908946Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e696ea4a814898a2022-01-11 12:19:05.084root 11241100x80000000000000003908947Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.edafff54cd94c3892022-01-11 12:19:05.084root 11241100x80000000000000003908948Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68b6d73b4c7a92d82022-01-11 12:19:05.084root 11241100x80000000000000003908949Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bfcaa9aacd8493772022-01-11 12:19:05.084root 11241100x80000000000000003908950Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.001d83c36df133322022-01-11 12:19:05.085root 11241100x80000000000000003908951Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.369f86f0daf29a9e2022-01-11 12:19:05.085root 11241100x80000000000000003908952Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f286b735a0bbc5e2022-01-11 12:19:05.085root 11241100x80000000000000003908953Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.45bc0bd1292c9dd72022-01-11 12:19:05.085root 11241100x80000000000000003908954Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f629d518bc1f51202022-01-11 12:19:05.085root 11241100x80000000000000003908955Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d57792cded68adb62022-01-11 12:19:05.085root 11241100x80000000000000003908956Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1757e91a69bb9f6b2022-01-11 12:19:05.085root 11241100x80000000000000003908957Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c59b14945fcf2c5e2022-01-11 12:19:05.085root 11241100x80000000000000003908958Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9c4178d222d2d892022-01-11 12:19:05.085root 11241100x80000000000000003908959Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ed2c136386a16052022-01-11 12:19:05.085root 11241100x80000000000000003908960Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73da04ced486cf502022-01-11 12:19:05.085root 11241100x80000000000000003908961Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ef9046d147207b82022-01-11 12:19:05.086root 11241100x80000000000000003908962Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f1156f9fe2be2352022-01-11 12:19:05.086root 11241100x80000000000000003908963Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53016c829ced69bd2022-01-11 12:19:05.086root 11241100x80000000000000003908964Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ed51c9a8a609e4a2022-01-11 12:19:05.086root 11241100x80000000000000003908965Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56a780e313e5807f2022-01-11 12:19:05.086root 11241100x80000000000000003908966Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2d118955ed795992022-01-11 12:19:05.086root 11241100x80000000000000003908967Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36f190640ecefec32022-01-11 12:19:05.086root 11241100x80000000000000003908968Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:05.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9627bc6ca3dcfb2f2022-01-11 12:19:05.086root 354300x80000000000000003909009Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:13.043{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56264-false10.0.1.12-8000- 11241100x80000000000000003909010Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:13.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc6c993bf79fccef2022-01-11 12:19:13.333root 11241100x80000000000000003909011Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:13.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb5e66d1d4cff35c2022-01-11 12:19:13.833root 11241100x80000000000000003909012Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:14.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a38c9b79485d6dd2022-01-11 12:19:14.333root 11241100x80000000000000003909013Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:14.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b33e717fa116c4332022-01-11 12:19:14.833root 11241100x80000000000000003909014Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:15.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a7108328d6015262022-01-11 12:19:15.333root 11241100x80000000000000003909015Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:15.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72b23537db8d89432022-01-11 12:19:15.833root 11241100x80000000000000003909016Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:16.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36fc2cf7ff6be8142022-01-11 12:19:16.333root 11241100x80000000000000003909017Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:16.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.555a7e38a17cb2dc2022-01-11 12:19:16.833root 11241100x80000000000000003909018Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:17.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69baa647a3b4ba342022-01-11 12:19:17.333root 11241100x80000000000000003909019Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:17.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae1c43d3be28bb592022-01-11 12:19:17.833root 11241100x80000000000000003909020Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:18.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05f39d55c8bba6922022-01-11 12:19:18.333root 11241100x80000000000000003909021Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:18.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f3931f332d2f70e02022-01-11 12:19:18.833root 354300x80000000000000003909022Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:19.010{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56266-false10.0.1.12-8000- 11241100x80000000000000003909023Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:19.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f03c1a76d2869b612022-01-11 12:19:19.333root 11241100x80000000000000003909024Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:19.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0cb07c061a737c0f2022-01-11 12:19:19.333root 11241100x80000000000000003909025Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:19.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57daefe9ae1e35fe2022-01-11 12:19:19.833root 11241100x80000000000000003909026Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:19.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3e915aa1e6b1f282022-01-11 12:19:19.833root 11241100x80000000000000003909027Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:20.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d6eb71f2abbe0192022-01-11 12:19:20.333root 11241100x80000000000000003909028Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:20.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d2ebed2686763bf2022-01-11 12:19:20.333root 11241100x80000000000000003909029Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:20.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b9caf58015308262022-01-11 12:19:20.833root 11241100x80000000000000003909030Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:20.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.707cbff7ec6e15082022-01-11 12:19:20.833root 11241100x80000000000000003909031Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:21.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73e0fd3944a206e32022-01-11 12:19:21.333root 11241100x80000000000000003909032Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:21.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d45dc9211ba9cfa12022-01-11 12:19:21.333root 11241100x80000000000000003909033Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:21.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0999f19e33ba8d42022-01-11 12:19:21.833root 11241100x80000000000000003909034Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:21.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e52fd8f0f4c64672022-01-11 12:19:21.833root 11241100x80000000000000003909035Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:22.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a775003ed93a17a2022-01-11 12:19:22.333root 11241100x80000000000000003909036Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:22.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a1c80f155f65c032022-01-11 12:19:22.333root 11241100x80000000000000003909037Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:22.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3ad2da5a6da3a6a2022-01-11 12:19:22.833root 11241100x80000000000000003909038Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:22.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2dfd2d79a5e2d6842022-01-11 12:19:22.833root 11241100x80000000000000003909039Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:23.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c8c50d7a55787cf2022-01-11 12:19:23.333root 11241100x80000000000000003909040Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:23.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b5566c6b2b5a95862022-01-11 12:19:23.333root 11241100x80000000000000003909041Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:23.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b344d0457d5a5e7a2022-01-11 12:19:23.833root 11241100x80000000000000003909042Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:23.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0060f482e97588be2022-01-11 12:19:23.833root 354300x80000000000000003909043Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:24.074{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56268-false10.0.1.12-8000- 11241100x80000000000000003909044Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:24.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15803e150410eb442022-01-11 12:19:24.333root 11241100x80000000000000003909045Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:24.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.620087d8094bb0ea2022-01-11 12:19:24.333root 11241100x80000000000000003909046Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:24.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21b56917c6908aa72022-01-11 12:19:24.333root 11241100x80000000000000003909047Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:24.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.70adf30b83eb1c722022-01-11 12:19:24.833root 11241100x80000000000000003909048Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:24.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5158e056d68e886e2022-01-11 12:19:24.833root 11241100x80000000000000003909049Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:24.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.efcf28c709139e7a2022-01-11 12:19:24.833root 11241100x80000000000000003909050Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:24.894{ec2d504d-f0f9-61db-30a8-2a40f5550000}5391/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log2022-01-11 12:19:24.894root 354300x80000000000000003909051Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:24.947{ec2d504d-f0f9-61db-30a8-2a40f5550000}5391/opt/splunkforwarder/bin/splunkdroottcptruefalse10.0.1.25-34202-false10.0.1.12-8089- 11241100x80000000000000003909052Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:25.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.729c4ad3e6fdec182022-01-11 12:19:25.333root 11241100x80000000000000003909053Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:25.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f512a34eaaada952022-01-11 12:19:25.333root 11241100x80000000000000003909054Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:25.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4600531885ce790a2022-01-11 12:19:25.333root 11241100x80000000000000003909055Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:25.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2e8ecbe62bb60982022-01-11 12:19:25.333root 11241100x80000000000000003909056Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:25.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d006c6f3a392bda92022-01-11 12:19:25.333root 11241100x80000000000000003909057Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:25.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.988af54e2294843e2022-01-11 12:19:25.833root 11241100x80000000000000003909058Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:25.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1bd1c4a7e7947202022-01-11 12:19:25.833root 11241100x80000000000000003909059Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:25.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c99c42f852662b52022-01-11 12:19:25.833root 11241100x80000000000000003909060Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:25.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b84aefd118de5bf12022-01-11 12:19:25.833root 11241100x80000000000000003909061Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:25.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91e96b11f2efc3812022-01-11 12:19:25.833root 11241100x80000000000000003909062Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:26.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7f4929a7441b3892022-01-11 12:19:26.333root 11241100x80000000000000003909063Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:26.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c7c411ca683cb552022-01-11 12:19:26.333root 11241100x80000000000000003909064Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:26.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4e49837e86288552022-01-11 12:19:26.333root 11241100x80000000000000003909065Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:26.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2b7f9e856bcd7a32022-01-11 12:19:26.333root 11241100x80000000000000003909066Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.45ef369de3b9c0992022-01-11 12:19:26.334root 11241100x80000000000000003909067Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:26.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.75221326a9e6d3f12022-01-11 12:19:26.833root 11241100x80000000000000003909068Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:26.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f72ad55a9d955d52022-01-11 12:19:26.833root 11241100x80000000000000003909069Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:26.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f26e943754228d152022-01-11 12:19:26.833root 11241100x80000000000000003909070Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6d43e303acf95d02022-01-11 12:19:26.834root 11241100x80000000000000003909071Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.857f0890373d49292022-01-11 12:19:26.834root 11241100x80000000000000003909072Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:27.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79e1f4646fd6543b2022-01-11 12:19:27.333root 11241100x80000000000000003909073Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:27.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed5a1ada1278544b2022-01-11 12:19:27.333root 11241100x80000000000000003909074Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:27.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5658763518977bda2022-01-11 12:19:27.333root 11241100x80000000000000003909075Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:27.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19f0814fd0cb591c2022-01-11 12:19:27.333root 11241100x80000000000000003909076Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:27.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8eae720269b0719f2022-01-11 12:19:27.333root 11241100x80000000000000003909077Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:27.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.314ad5b6df7310a62022-01-11 12:19:27.833root 11241100x80000000000000003909078Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:27.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3409bfac71135b042022-01-11 12:19:27.833root 11241100x80000000000000003909079Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:27.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5da4ef7871a465772022-01-11 12:19:27.833root 11241100x80000000000000003909080Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:27.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77ac8d2cea3b9c722022-01-11 12:19:27.833root 11241100x80000000000000003909081Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:27.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69273e5a5c374feb2022-01-11 12:19:27.834root 23542300x80000000000000003909082Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:27.895{ec2d504d-f0f9-61db-30a8-2a40f5550000}5391root/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log--- 11241100x80000000000000003909083Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:28.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab41e0984c3731e72022-01-11 12:19:28.333root 11241100x80000000000000003909084Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:28.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6a6e5125a028c162022-01-11 12:19:28.333root 11241100x80000000000000003909085Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f590e57e3d3a739f2022-01-11 12:19:28.334root 11241100x80000000000000003909086Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.03f943672cc5e4462022-01-11 12:19:28.334root 11241100x80000000000000003909087Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b303276bf7fab172022-01-11 12:19:28.334root 11241100x80000000000000003909088Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1cdea71a072c94b72022-01-11 12:19:28.334root 11241100x80000000000000003909089Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:28.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f745545bfb2304a92022-01-11 12:19:28.833root 11241100x80000000000000003909090Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:28.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.181b7a28acdcc3432022-01-11 12:19:28.833root 11241100x80000000000000003909091Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:28.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.27aed3671d04cf042022-01-11 12:19:28.834root 11241100x80000000000000003909092Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:28.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.264a6b731bb81ed12022-01-11 12:19:28.834root 11241100x80000000000000003909093Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:28.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f7e1d1ac3d64bda2022-01-11 12:19:28.834root 11241100x80000000000000003909094Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:28.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d191281fefb9d03c2022-01-11 12:19:28.834root 354300x80000000000000003909095Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:29.144{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56272-false10.0.1.12-8000- 11241100x80000000000000003909096Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:29.145{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26b87069b23d95c42022-01-11 12:19:29.145root 11241100x80000000000000003909097Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:29.145{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eefde88ea745c86a2022-01-11 12:19:29.145root 11241100x80000000000000003909098Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:29.145{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.92daa595430431a72022-01-11 12:19:29.145root 11241100x80000000000000003909099Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:29.145{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.29f85731cc1892532022-01-11 12:19:29.145root 11241100x80000000000000003909100Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:29.145{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ed0e834c58248f72022-01-11 12:19:29.145root 11241100x80000000000000003909101Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:29.146{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84a1fe5439f921862022-01-11 12:19:29.146root 11241100x80000000000000003909102Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:29.146{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d32fb9a1c10b26452022-01-11 12:19:29.146root 11241100x80000000000000003909103Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:29.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec8c1b3ad02bef422022-01-11 12:19:29.583root 11241100x80000000000000003909104Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:29.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06ff0f50290704a52022-01-11 12:19:29.583root 11241100x80000000000000003909105Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:29.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ddddaaa5e8a9c3d2022-01-11 12:19:29.583root 11241100x80000000000000003909106Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:29.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f4f90827cdfa22a2022-01-11 12:19:29.583root 11241100x80000000000000003909107Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:29.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4fa9327433fe0882022-01-11 12:19:29.584root 11241100x80000000000000003909108Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:29.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.557a1d08f5ed19892022-01-11 12:19:29.584root 11241100x80000000000000003909109Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:29.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7dcef1f9b729c7982022-01-11 12:19:29.584root 11241100x80000000000000003909110Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:30.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.068ae4054c1807c42022-01-11 12:19:30.083root 11241100x80000000000000003909111Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:30.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa780d84c185b9b52022-01-11 12:19:30.083root 11241100x80000000000000003909112Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:30.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5db8f5dac47734f12022-01-11 12:19:30.084root 11241100x80000000000000003909113Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:30.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a10fe4bb8e6f81d2022-01-11 12:19:30.084root 11241100x80000000000000003909114Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:30.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a94078ed8507f802022-01-11 12:19:30.084root 11241100x80000000000000003909115Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:30.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.905ecb6666b4dc652022-01-11 12:19:30.084root 11241100x80000000000000003909116Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:30.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb5eaf0377e88c362022-01-11 12:19:30.084root 11241100x80000000000000003909117Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:30.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48b14e280f45249b2022-01-11 12:19:30.583root 11241100x80000000000000003909118Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:30.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0b4268d618889182022-01-11 12:19:30.583root 11241100x80000000000000003909119Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:30.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51ee857b2dcbca202022-01-11 12:19:30.584root 11241100x80000000000000003909120Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:30.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2494dcf9dc1b6b92022-01-11 12:19:30.584root 11241100x80000000000000003909121Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:30.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7e2c40d094a187f2022-01-11 12:19:30.584root 11241100x80000000000000003909122Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:30.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de832c18c187a8082022-01-11 12:19:30.584root 11241100x80000000000000003909123Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:30.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e33ef7d7246bff92022-01-11 12:19:30.584root 11241100x80000000000000003909124Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:31.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2fc56223b366c9662022-01-11 12:19:31.083root 11241100x80000000000000003909125Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:31.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1ca81892be8904a2022-01-11 12:19:31.083root 11241100x80000000000000003909126Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:31.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.809f2e7ecf1a8c4c2022-01-11 12:19:31.083root 11241100x80000000000000003909127Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:31.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9fb86063a730a5d2022-01-11 12:19:31.083root 11241100x80000000000000003909128Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:31.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d3bb906b47ba8282022-01-11 12:19:31.084root 11241100x80000000000000003909129Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:31.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86ad97c942a5efa12022-01-11 12:19:31.084root 11241100x80000000000000003909130Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:31.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5b1edc6e774f5192022-01-11 12:19:31.084root 11241100x80000000000000003909131Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:31.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.afe5f6026585441d2022-01-11 12:19:31.583root 11241100x80000000000000003909132Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:31.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36c53ddfd3cc3aed2022-01-11 12:19:31.583root 11241100x80000000000000003909133Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:31.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2531a1a90368492c2022-01-11 12:19:31.583root 11241100x80000000000000003909134Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:31.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef0511ea2be6d3ba2022-01-11 12:19:31.584root 11241100x80000000000000003909135Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:31.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09fe87d8c1b5e1522022-01-11 12:19:31.584root 11241100x80000000000000003909136Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:31.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47288d00224991e32022-01-11 12:19:31.584root 11241100x80000000000000003909137Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:31.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5a7feb02c7a85872022-01-11 12:19:31.584root 11241100x80000000000000003909138Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:32.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab607c43b5b98c152022-01-11 12:19:32.083root 11241100x80000000000000003909139Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:32.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.080395f64fb352f52022-01-11 12:19:32.083root 11241100x80000000000000003909140Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:32.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ce9f0db6c4049712022-01-11 12:19:32.083root 11241100x80000000000000003909141Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:32.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf8119617580795b2022-01-11 12:19:32.083root 11241100x80000000000000003909142Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:32.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5632d374ba1feb552022-01-11 12:19:32.084root 11241100x80000000000000003909143Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:32.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.744f0ed559d406dc2022-01-11 12:19:32.084root 11241100x80000000000000003909144Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:32.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c734ba5d98d218702022-01-11 12:19:32.084root 11241100x80000000000000003909145Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:32.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93327bad27f672752022-01-11 12:19:32.583root 11241100x80000000000000003909146Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:32.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d0f452d164485eda2022-01-11 12:19:32.583root 11241100x80000000000000003909147Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:32.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f06e0b4209b91d962022-01-11 12:19:32.583root 11241100x80000000000000003909148Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:32.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41b01d9136e687a52022-01-11 12:19:32.583root 11241100x80000000000000003909149Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:32.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f5e816f2011603e2022-01-11 12:19:32.584root 11241100x80000000000000003909150Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:32.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4b58d97592f9f0f2022-01-11 12:19:32.584root 11241100x80000000000000003909151Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:32.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8a80405c6be30c22022-01-11 12:19:32.584root 11241100x80000000000000003909152Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:33.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18fcb54207dc42202022-01-11 12:19:33.083root 11241100x80000000000000003909153Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:33.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d9801fe7a754b8dc2022-01-11 12:19:33.083root 11241100x80000000000000003909154Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:33.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a946b771691cc202022-01-11 12:19:33.083root 11241100x80000000000000003909155Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:33.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.586fc44d7c936c4c2022-01-11 12:19:33.083root 11241100x80000000000000003909156Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:33.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed5a7fb462a6e13e2022-01-11 12:19:33.083root 11241100x80000000000000003909157Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:33.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed6acdcd1053e1662022-01-11 12:19:33.083root 11241100x80000000000000003909158Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:33.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.128d1b8519677e752022-01-11 12:19:33.084root 11241100x80000000000000003909159Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:33.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d713b0c5adc076972022-01-11 12:19:33.583root 11241100x80000000000000003909160Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:33.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0547853ccb8f67f2022-01-11 12:19:33.583root 11241100x80000000000000003909161Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:33.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.267a8fe369e2251d2022-01-11 12:19:33.583root 11241100x80000000000000003909162Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:33.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.45f724e5b6756cf22022-01-11 12:19:33.583root 11241100x80000000000000003909163Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:33.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e6d5625692f52be2022-01-11 12:19:33.583root 11241100x80000000000000003909164Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:33.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ba0e4a04ab717d92022-01-11 12:19:33.583root 11241100x80000000000000003909165Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:33.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57d813b787194cca2022-01-11 12:19:33.584root 11241100x80000000000000003909166Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:34.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4384711e9f6304e22022-01-11 12:19:34.083root 11241100x80000000000000003909167Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:34.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.955fbc2c75fcfed52022-01-11 12:19:34.084root 11241100x80000000000000003909168Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:34.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.28c393f1723711732022-01-11 12:19:34.084root 11241100x80000000000000003909169Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:34.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91497c4c457274142022-01-11 12:19:34.084root 11241100x80000000000000003909170Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:34.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c24c46e1a5ccd102022-01-11 12:19:34.084root 11241100x80000000000000003909171Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:34.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6944b633782271052022-01-11 12:19:34.085root 11241100x80000000000000003909172Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:34.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4aaf71b7735b41ab2022-01-11 12:19:34.085root 11241100x80000000000000003909173Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:34.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6be76f82a8460a6a2022-01-11 12:19:34.583root 11241100x80000000000000003909174Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:34.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6aa5d743c44c5ee2022-01-11 12:19:34.584root 11241100x80000000000000003909175Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:34.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.edc3828a2c5230892022-01-11 12:19:34.584root 11241100x80000000000000003909176Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:34.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c22b918bb4df278d2022-01-11 12:19:34.584root 11241100x80000000000000003909177Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:34.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1e3f3ca6836a207a2022-01-11 12:19:34.584root 11241100x80000000000000003909178Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:34.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8afa3130309b85472022-01-11 12:19:34.585root 11241100x80000000000000003909179Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:34.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab65af691ff580d02022-01-11 12:19:34.585root 354300x80000000000000003909180Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.024{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56274-false10.0.1.12-8000- 11241100x80000000000000003909181Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.024{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e31b810873256ac22022-01-11 12:19:35.024root 11241100x80000000000000003909182Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.024{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dfb1ba1008b0e3a42022-01-11 12:19:35.024root 11241100x80000000000000003909183Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.025{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.080d39f70d0763e32022-01-11 12:19:35.025root 11241100x80000000000000003909184Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.025{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.931d6b7efafb57c62022-01-11 12:19:35.025root 11241100x80000000000000003909185Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.025{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f10dbff044678c912022-01-11 12:19:35.025root 11241100x80000000000000003909186Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.025{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3142ca499bded2352022-01-11 12:19:35.025root 11241100x80000000000000003909187Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.025{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5ffe2872edc3c2a2022-01-11 12:19:35.025root 11241100x80000000000000003909188Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.025{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35eb7759edd304d02022-01-11 12:19:35.025root 11241100x80000000000000003909189Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca26a2472948b1b22022-01-11 12:19:35.333root 11241100x80000000000000003909190Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dbce40fb4439426d2022-01-11 12:19:35.333root 11241100x80000000000000003909191Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.03a07ba6188aa5ab2022-01-11 12:19:35.333root 11241100x80000000000000003909192Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.374401e47c373a6c2022-01-11 12:19:35.334root 11241100x80000000000000003909193Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2af29c210e59f7762022-01-11 12:19:35.334root 11241100x80000000000000003909194Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b159bcbe2e4c4c1e2022-01-11 12:19:35.334root 11241100x80000000000000003909195Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.136fad566ddb5aa82022-01-11 12:19:35.334root 11241100x80000000000000003909196Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.625f1fbb78d5e8852022-01-11 12:19:35.334root 11241100x80000000000000003909197Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd893070c671077b2022-01-11 12:19:35.833root 11241100x80000000000000003909198Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a568af5c77afd472022-01-11 12:19:35.834root 11241100x80000000000000003909199Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15d15a8a704e38762022-01-11 12:19:35.834root 11241100x80000000000000003909200Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21ea5880f85ad8b92022-01-11 12:19:35.834root 11241100x80000000000000003909201Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88bf3a713383a3e52022-01-11 12:19:35.834root 11241100x80000000000000003909202Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc33b9abf0f6e34f2022-01-11 12:19:35.834root 11241100x80000000000000003909203Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f5d886aabc6e1e02022-01-11 12:19:35.834root 11241100x80000000000000003909204Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:35.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b957593811e700542022-01-11 12:19:35.834root 11241100x80000000000000003909205Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:36.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.442a0a59d24f4aba2022-01-11 12:19:36.333root 11241100x80000000000000003909206Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:36.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da9757320713dc662022-01-11 12:19:36.333root 11241100x80000000000000003909207Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:36.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c809a55c1a811a862022-01-11 12:19:36.334root 11241100x80000000000000003909208Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:36.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.716f335d7816b4e52022-01-11 12:19:36.334root 11241100x80000000000000003909209Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:36.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80d1aba4a88a8b862022-01-11 12:19:36.334root 11241100x80000000000000003909210Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:36.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec238a762551f18e2022-01-11 12:19:36.334root 11241100x80000000000000003909211Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:36.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41ab6ea67bf3db502022-01-11 12:19:36.334root 11241100x80000000000000003909212Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:36.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a945a592d44fc0c2022-01-11 12:19:36.334root 11241100x80000000000000003909213Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:36.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb4732a59fe85a772022-01-11 12:19:36.833root 11241100x80000000000000003909214Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:36.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f65e4399176ab7862022-01-11 12:19:36.833root 11241100x80000000000000003909215Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:36.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aad4fd9edf3c36c72022-01-11 12:19:36.833root 11241100x80000000000000003909216Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:36.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53c2f8732ba1cb612022-01-11 12:19:36.834root 11241100x80000000000000003909217Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:36.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e411459b97ef95cc2022-01-11 12:19:36.834root 11241100x80000000000000003909218Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:36.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5e58a46e1c867282022-01-11 12:19:36.834root 11241100x80000000000000003909219Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:36.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4fe3ac6156b33a592022-01-11 12:19:36.834root 11241100x80000000000000003909220Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:36.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f5e0ca56b2a1eb882022-01-11 12:19:36.834root 11241100x80000000000000003909221Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:37.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4657fb4a6a7f92a2022-01-11 12:19:37.333root 11241100x80000000000000003909222Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:37.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.30b9bcefbfef0e4f2022-01-11 12:19:37.333root 11241100x80000000000000003909223Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:37.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.405e66f3af51b38e2022-01-11 12:19:37.333root 11241100x80000000000000003909224Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:37.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.baf4ce3dacf803982022-01-11 12:19:37.334root 11241100x80000000000000003909225Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:37.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.477c4994e05e64fa2022-01-11 12:19:37.334root 11241100x80000000000000003909226Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:37.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e95f9f45171f85a2022-01-11 12:19:37.334root 11241100x80000000000000003909227Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:37.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63f548532b866e5b2022-01-11 12:19:37.334root 11241100x80000000000000003909228Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:37.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c590d11872474482022-01-11 12:19:37.334root 11241100x80000000000000003909229Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:37.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.29415d03a74aa89f2022-01-11 12:19:37.833root 11241100x80000000000000003909230Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:37.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c37b0ca685ddb3ed2022-01-11 12:19:37.833root 11241100x80000000000000003909231Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:37.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2a32aa307e04b232022-01-11 12:19:37.834root 11241100x80000000000000003909232Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:37.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b04a5cb71ea30f42022-01-11 12:19:37.834root 11241100x80000000000000003909233Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:37.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d798f3d6fd24e092022-01-11 12:19:37.834root 11241100x80000000000000003909234Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:37.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e7c2a7c3d27c6e92022-01-11 12:19:37.834root 11241100x80000000000000003909235Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:37.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f880008bd46a59c2022-01-11 12:19:37.834root 11241100x80000000000000003909236Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:37.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfcdb6f965106f822022-01-11 12:19:37.834root 11241100x80000000000000003909237Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:38.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fcaa29defcbc733f2022-01-11 12:19:38.334root 11241100x80000000000000003909238Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:38.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e68d7fa2e64b86c2022-01-11 12:19:38.334root 11241100x80000000000000003909239Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:38.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05c213bcea46714d2022-01-11 12:19:38.334root 11241100x80000000000000003909240Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:38.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83fb0dc012a729032022-01-11 12:19:38.334root 11241100x80000000000000003909241Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:38.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74aa39cedc3434e22022-01-11 12:19:38.335root 11241100x80000000000000003909242Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:38.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50ac4099e82022212022-01-11 12:19:38.335root 11241100x80000000000000003909243Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:38.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0fa20d5ee3050c3f2022-01-11 12:19:38.335root 11241100x80000000000000003909244Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:38.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a84d7c8834bd40332022-01-11 12:19:38.335root 11241100x80000000000000003909245Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:38.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8e980e78bc968362022-01-11 12:19:38.833root 11241100x80000000000000003909246Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:38.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f77f9edd24f473c62022-01-11 12:19:38.833root 11241100x80000000000000003909247Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:38.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95a10d92d58c77962022-01-11 12:19:38.833root 11241100x80000000000000003909248Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:38.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a7774e47cb5ce992022-01-11 12:19:38.834root 11241100x80000000000000003909249Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:38.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90670ed7e9d4383b2022-01-11 12:19:38.834root 11241100x80000000000000003909250Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:38.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0858f034aa018f22022-01-11 12:19:38.834root 11241100x80000000000000003909251Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:38.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e479ddccfd1db532022-01-11 12:19:38.834root 11241100x80000000000000003909252Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:38.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3bee19ff0d2a560b2022-01-11 12:19:38.834root 11241100x80000000000000003909253Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:39.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.92d24659dbee3c7e2022-01-11 12:19:39.334root 11241100x80000000000000003909254Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:39.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ddad64fcc301a2b72022-01-11 12:19:39.334root 11241100x80000000000000003909255Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:39.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17396b5570002da62022-01-11 12:19:39.334root 11241100x80000000000000003909256Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:39.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da873d61dae13d452022-01-11 12:19:39.334root 11241100x80000000000000003909257Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:39.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5eb091e61a7ce0212022-01-11 12:19:39.335root 11241100x80000000000000003909258Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:39.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a30da88d3e283752022-01-11 12:19:39.335root 11241100x80000000000000003909259Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:39.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e11155f4c7bd13252022-01-11 12:19:39.335root 11241100x80000000000000003909260Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:39.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.358eaa262ea988482022-01-11 12:19:39.335root 11241100x80000000000000003909261Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:39.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c782d5fbe65a95ac2022-01-11 12:19:39.833root 11241100x80000000000000003909262Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:39.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65306dbb07ec79002022-01-11 12:19:39.833root 11241100x80000000000000003909263Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:39.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c39ce08ed65bc4a62022-01-11 12:19:39.833root 11241100x80000000000000003909264Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:39.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fcd61cec251e463e2022-01-11 12:19:39.834root 11241100x80000000000000003909265Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:39.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f91f2b5ed74090752022-01-11 12:19:39.834root 11241100x80000000000000003909266Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:39.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d15e9ed488d28a02022-01-11 12:19:39.834root 11241100x80000000000000003909267Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:39.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a92a7369cc073d702022-01-11 12:19:39.834root 11241100x80000000000000003909268Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:39.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4676858c19fd9f32022-01-11 12:19:39.834root 11241100x80000000000000003909269Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:40.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bcf7756e82f0eb912022-01-11 12:19:40.333root 11241100x80000000000000003909270Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:40.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.faa67a153e32082a2022-01-11 12:19:40.333root 11241100x80000000000000003909271Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:40.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.022c32bda3278c032022-01-11 12:19:40.334root 11241100x80000000000000003909272Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:40.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ccc2b4008b7b80ab2022-01-11 12:19:40.334root 11241100x80000000000000003909273Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:40.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.70af99a4101e9c5c2022-01-11 12:19:40.334root 11241100x80000000000000003909274Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:40.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dfb9d35d7b7b96732022-01-11 12:19:40.334root 11241100x80000000000000003909275Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:40.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a70c67d9014646062022-01-11 12:19:40.334root 11241100x80000000000000003909276Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:40.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af0cc72ce391c8d42022-01-11 12:19:40.334root 11241100x80000000000000003909277Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:40.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f04f8602bb58d3262022-01-11 12:19:40.833root 11241100x80000000000000003909278Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:40.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8db0c10fd3eaa1fc2022-01-11 12:19:40.833root 11241100x80000000000000003909279Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:40.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7c187c44e073abc2022-01-11 12:19:40.833root 11241100x80000000000000003909280Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:40.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6cfa63a3ccb4e9162022-01-11 12:19:40.834root 11241100x80000000000000003909281Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:40.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.910b841c1d12bdfa2022-01-11 12:19:40.834root 11241100x80000000000000003909282Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:40.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d36daa475877cbe2022-01-11 12:19:40.834root 11241100x80000000000000003909283Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:40.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.07a3708a02c0cb4a2022-01-11 12:19:40.834root 11241100x80000000000000003909284Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:40.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68a091bd874e41912022-01-11 12:19:40.834root 354300x80000000000000003909285Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:41.014{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56276-false10.0.1.12-8000- 11241100x80000000000000003909286Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:41.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3cd545d743e84932022-01-11 12:19:41.333root 11241100x80000000000000003909287Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:41.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b14f2cedd9280b932022-01-11 12:19:41.333root 11241100x80000000000000003909288Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:41.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.319c27cf84f7ade02022-01-11 12:19:41.334root 11241100x80000000000000003909289Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:41.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b89d2ea052834f5f2022-01-11 12:19:41.334root 11241100x80000000000000003909290Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:41.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9eddec6596a5a7702022-01-11 12:19:41.334root 11241100x80000000000000003909291Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:41.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f097ff6f948f76ed2022-01-11 12:19:41.334root 11241100x80000000000000003909292Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:41.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bdda56c8ed2995052022-01-11 12:19:41.334root 11241100x80000000000000003909293Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:41.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e798c57bd72255b62022-01-11 12:19:41.334root 11241100x80000000000000003909294Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:41.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.458e44645253b76f2022-01-11 12:19:41.334root 154100x80000000000000003909295Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:41.461{ec2d504d-75dd-61dd-68c4-8ef739560000}9856/bin/ps-----ps -e -o pid,ppid,state,command/var/snap/amazon-ssm-agent/4046root{ec2d504d-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}2402--- 534500x80000000000000003909296Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:41.476{ec2d504d-75dd-61dd-68c4-8ef739560000}9856/bin/psroot 11241100x80000000000000003909297Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:41.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1a63692a2e656872022-01-11 12:19:41.833root 11241100x80000000000000003909298Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:41.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a21179f2eef4c0552022-01-11 12:19:41.834root 11241100x80000000000000003909299Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:41.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54f0b9135c949a182022-01-11 12:19:41.834root 11241100x80000000000000003909300Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:41.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.373ce237906523812022-01-11 12:19:41.834root 11241100x80000000000000003909301Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:41.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b792dc6b98c72ac2022-01-11 12:19:41.834root 11241100x80000000000000003909302Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:41.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4504569665277d372022-01-11 12:19:41.834root 11241100x80000000000000003909303Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:41.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44e603571a1c29b22022-01-11 12:19:41.834root 11241100x80000000000000003909304Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:41.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4a3af897ff325d92022-01-11 12:19:41.834root 11241100x80000000000000003909305Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:41.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e030926ec43690152022-01-11 12:19:41.834root 11241100x80000000000000003909306Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:41.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.900eca9d86ed83ec2022-01-11 12:19:41.834root 11241100x80000000000000003909307Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:41.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19c692842d8ad2522022-01-11 12:19:41.834root 11241100x80000000000000003909308Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:42.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11bd24b6edf3b0352022-01-11 12:19:42.333root 11241100x80000000000000003909309Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:42.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd5e8e7c2f8a5eb12022-01-11 12:19:42.334root 11241100x80000000000000003909310Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:42.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb94918d3fde2bc42022-01-11 12:19:42.334root 11241100x80000000000000003909311Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:42.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8812e835c4a3efcc2022-01-11 12:19:42.334root 11241100x80000000000000003909312Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:42.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bcf88e62a243aa2a2022-01-11 12:19:42.334root 11241100x80000000000000003909313Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:42.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f481c42c80fb8dc72022-01-11 12:19:42.334root 11241100x80000000000000003909314Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:42.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fef864e96ac6f90d2022-01-11 12:19:42.334root 11241100x80000000000000003909315Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:42.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12cd772ff5a60c6a2022-01-11 12:19:42.334root 11241100x80000000000000003909316Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:42.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61e2ce7f7f5ebe7a2022-01-11 12:19:42.334root 11241100x80000000000000003909317Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:42.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05cae15b33b7f7f22022-01-11 12:19:42.335root 11241100x80000000000000003909318Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:42.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ddabd59eb80e67662022-01-11 12:19:42.335root 11241100x80000000000000003909319Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:42.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d782f7a349b18982022-01-11 12:19:42.833root 11241100x80000000000000003909320Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:42.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.988b649161194f632022-01-11 12:19:42.833root 11241100x80000000000000003909321Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:42.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9df60e6221b5d4872022-01-11 12:19:42.834root 11241100x80000000000000003909322Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:42.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b5bc8e4d85dece82022-01-11 12:19:42.834root 11241100x80000000000000003909323Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:42.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c220612ab7ca2b72022-01-11 12:19:42.834root 11241100x80000000000000003909324Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:42.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bfd9553416408ff32022-01-11 12:19:42.834root 11241100x80000000000000003909325Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:42.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e02dd6665bb14d992022-01-11 12:19:42.834root 11241100x80000000000000003909326Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:42.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f7c0ad59c934d3db2022-01-11 12:19:42.834root 11241100x80000000000000003909327Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:42.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6376633e74392cb22022-01-11 12:19:42.834root 11241100x80000000000000003909328Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:42.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.516ac6b6ca421b482022-01-11 12:19:42.834root 11241100x80000000000000003909329Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:42.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1510b36ef009a3c32022-01-11 12:19:42.835root 11241100x80000000000000003909330Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:43.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e94ef794788571ed2022-01-11 12:19:43.333root 11241100x80000000000000003909331Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:43.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4b88becb40588c62022-01-11 12:19:43.333root 11241100x80000000000000003909332Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:43.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e2243226575dbd92022-01-11 12:19:43.333root 11241100x80000000000000003909333Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:43.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db8d75fd9e39e48d2022-01-11 12:19:43.334root 11241100x80000000000000003909334Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:43.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5803811ef99983292022-01-11 12:19:43.334root 11241100x80000000000000003909335Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:43.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1650667cf63f40332022-01-11 12:19:43.334root 11241100x80000000000000003909336Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:43.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.854352a47dff1b542022-01-11 12:19:43.334root 11241100x80000000000000003909337Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:43.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2976a8c6379e6162022-01-11 12:19:43.334root 11241100x80000000000000003909338Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:43.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35744b16da0c0f852022-01-11 12:19:43.334root 11241100x80000000000000003909339Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:43.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23915c4532949dff2022-01-11 12:19:43.335root 11241100x80000000000000003909340Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:43.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f40c848101e40cde2022-01-11 12:19:43.335root 11241100x80000000000000003909341Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:43.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8a2c178efba2eef2022-01-11 12:19:43.833root 11241100x80000000000000003909342Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:43.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6474449241d2c7a2022-01-11 12:19:43.834root 11241100x80000000000000003909343Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:43.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.87f418be8c73df8a2022-01-11 12:19:43.834root 11241100x80000000000000003909344Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:43.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.afb4d8718c1bf07d2022-01-11 12:19:43.834root 11241100x80000000000000003909345Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:43.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d059550746309ec32022-01-11 12:19:43.834root 11241100x80000000000000003909346Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:43.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ce04245648bb1b22022-01-11 12:19:43.835root 11241100x80000000000000003909347Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:43.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fabf2197087830d2022-01-11 12:19:43.835root 11241100x80000000000000003909348Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:43.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce84a88f5c1828982022-01-11 12:19:43.835root 11241100x80000000000000003909349Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:43.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.777b1782d87221fb2022-01-11 12:19:43.835root 11241100x80000000000000003909350Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:43.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d33720d9d9ae4d62022-01-11 12:19:43.835root 11241100x80000000000000003909351Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:43.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00ad17c5e43af29a2022-01-11 12:19:43.835root 11241100x80000000000000003909352Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:44.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0dd5c09ee4f13cae2022-01-11 12:19:44.333root 11241100x80000000000000003909353Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:44.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7eb4d173eb7cf04c2022-01-11 12:19:44.334root 11241100x80000000000000003909354Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:44.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b3afef2d0691fca2022-01-11 12:19:44.334root 11241100x80000000000000003909355Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:44.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac0c674ba3c00d7c2022-01-11 12:19:44.334root 11241100x80000000000000003909356Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:44.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1278251c53fae8b52022-01-11 12:19:44.334root 11241100x80000000000000003909357Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:44.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa51be545301038d2022-01-11 12:19:44.334root 11241100x80000000000000003909358Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:44.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.030cd3f7a1a27cb32022-01-11 12:19:44.334root 11241100x80000000000000003909359Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:44.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a76369043432fbbc2022-01-11 12:19:44.334root 11241100x80000000000000003909360Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:44.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c77f32b7377413b72022-01-11 12:19:44.334root 11241100x80000000000000003909361Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:44.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7662e71bec6661d32022-01-11 12:19:44.334root 11241100x80000000000000003909362Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:44.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d6b26848105c3742022-01-11 12:19:44.334root 11241100x80000000000000003909363Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:44.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47944c17a9e061a02022-01-11 12:19:44.833root 11241100x80000000000000003909364Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:44.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.577cb2b3745b7dbc2022-01-11 12:19:44.833root 11241100x80000000000000003909365Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:44.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ccf36abebcd679902022-01-11 12:19:44.834root 11241100x80000000000000003909366Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:44.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb38aafd252a7f802022-01-11 12:19:44.834root 11241100x80000000000000003909367Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:44.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c30af62ded9b09892022-01-11 12:19:44.834root 11241100x80000000000000003909368Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:44.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.089aaf1bced5e4362022-01-11 12:19:44.834root 11241100x80000000000000003909369Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:44.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ffc32dffb6112302022-01-11 12:19:44.834root 11241100x80000000000000003909370Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:44.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9dd2d47849a6a17a2022-01-11 12:19:44.834root 11241100x80000000000000003909371Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:44.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42ea63424f7765372022-01-11 12:19:44.834root 11241100x80000000000000003909372Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:44.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bbf7430932c472b42022-01-11 12:19:44.834root 11241100x80000000000000003909373Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:44.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.827ad4b1847320922022-01-11 12:19:44.835root 11241100x80000000000000003909374Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:45.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d83f87ca880e96442022-01-11 12:19:45.334root 11241100x80000000000000003909375Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:45.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.abf39c0aa304f6182022-01-11 12:19:45.334root 11241100x80000000000000003909376Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:45.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26018a4a14ad4c8e2022-01-11 12:19:45.334root 11241100x80000000000000003909377Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:45.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec1428e1741b69892022-01-11 12:19:45.334root 11241100x80000000000000003909378Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:45.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7173afcef6289c662022-01-11 12:19:45.334root 11241100x80000000000000003909379Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:45.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a7de8364812d6f62022-01-11 12:19:45.334root 11241100x80000000000000003909380Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:45.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37d42aec72b095432022-01-11 12:19:45.334root 11241100x80000000000000003909381Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:45.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a1f709fd98eb1ea2022-01-11 12:19:45.334root 11241100x80000000000000003909382Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:45.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2373ad1f0d2a2afd2022-01-11 12:19:45.334root 11241100x80000000000000003909383Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:45.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2903916492166d92022-01-11 12:19:45.334root 11241100x80000000000000003909384Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:45.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1b6a153eb6292c72022-01-11 12:19:45.335root 11241100x80000000000000003909385Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:45.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.008ba8f8ab1da4702022-01-11 12:19:45.833root 11241100x80000000000000003909386Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:45.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb0a1b3ccb3ff9872022-01-11 12:19:45.834root 11241100x80000000000000003909387Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:45.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4be1d50f0b819d2e2022-01-11 12:19:45.834root 11241100x80000000000000003909388Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:45.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ea1093e4a3795e82022-01-11 12:19:45.834root 11241100x80000000000000003909389Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:45.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40f9e1a213431f1a2022-01-11 12:19:45.835root 11241100x80000000000000003909390Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:45.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2104c1dae1e7121b2022-01-11 12:19:45.835root 11241100x80000000000000003909391Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:45.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d858c2f2511537592022-01-11 12:19:45.835root 11241100x80000000000000003909392Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:45.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38cf0a8399699c932022-01-11 12:19:45.835root 11241100x80000000000000003909393Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:45.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83620d99f5338e642022-01-11 12:19:45.835root 11241100x80000000000000003909394Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:45.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.14624c6c35db196d2022-01-11 12:19:45.836root 11241100x80000000000000003909395Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:45.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39a3bc7eeffbc3cc2022-01-11 12:19:45.836root 354300x80000000000000003909396Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.102{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56278-false10.0.1.12-8000- 11241100x80000000000000003909397Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.104{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32b94d910ef67bd52022-01-11 12:19:46.104root 11241100x80000000000000003909398Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.104{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c40ee55142f107fc2022-01-11 12:19:46.104root 11241100x80000000000000003909399Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.104{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4058c8c514d4850d2022-01-11 12:19:46.104root 11241100x80000000000000003909400Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.104{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3afdb638e0391d8a2022-01-11 12:19:46.104root 11241100x80000000000000003909401Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.104{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c90dfd2c151ea0ea2022-01-11 12:19:46.104root 11241100x80000000000000003909402Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.104{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a651b59927fcd8812022-01-11 12:19:46.104root 11241100x80000000000000003909403Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.104{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e810b68d031a3c162022-01-11 12:19:46.104root 11241100x80000000000000003909404Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.104{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6868341709e9fe9a2022-01-11 12:19:46.104root 11241100x80000000000000003909405Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.105{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.584f0d65befe8f5d2022-01-11 12:19:46.105root 11241100x80000000000000003909406Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.105{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e280b0ead302076e2022-01-11 12:19:46.105root 11241100x80000000000000003909407Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.105{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dea1946ebc0163e32022-01-11 12:19:46.105root 11241100x80000000000000003909408Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.105{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c4a4664f62df4932022-01-11 12:19:46.105root 11241100x80000000000000003909409Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.736550ddbd2c64df2022-01-11 12:19:46.584root 11241100x80000000000000003909410Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a353825dadf66a82022-01-11 12:19:46.584root 11241100x80000000000000003909411Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25b95927a72ebee02022-01-11 12:19:46.584root 11241100x80000000000000003909412Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69aef3d1700e03bb2022-01-11 12:19:46.584root 11241100x80000000000000003909413Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f9949cdc83b6c7e62022-01-11 12:19:46.584root 11241100x80000000000000003909414Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.808f48f241a007b32022-01-11 12:19:46.584root 11241100x80000000000000003909415Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.87184808b15c37512022-01-11 12:19:46.584root 11241100x80000000000000003909416Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96829bf5c1eb22a82022-01-11 12:19:46.584root 11241100x80000000000000003909417Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74d0e6007d1f904f2022-01-11 12:19:46.584root 11241100x80000000000000003909418Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97d68111ad67b2082022-01-11 12:19:46.584root 11241100x80000000000000003909419Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0081df28d31e8622022-01-11 12:19:46.584root 11241100x80000000000000003909420Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:46.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e8f013764dc58dc2022-01-11 12:19:46.584root 11241100x80000000000000003909421Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:47.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.caf8c00145ac71ce2022-01-11 12:19:47.083root 11241100x80000000000000003909422Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:47.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56cbcac2368e4c822022-01-11 12:19:47.083root 11241100x80000000000000003909423Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:47.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.baf3e6321e0ed8cd2022-01-11 12:19:47.083root 11241100x80000000000000003909424Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:47.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e33fbc897d000f82022-01-11 12:19:47.083root 11241100x80000000000000003909425Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:47.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ce8298eb1c3db172022-01-11 12:19:47.084root 11241100x80000000000000003909426Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:47.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f48152fcc8ce774c2022-01-11 12:19:47.084root 11241100x80000000000000003909427Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:47.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c580c8ac122da4b72022-01-11 12:19:47.084root 11241100x80000000000000003909428Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:47.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.60d38655b3c134c32022-01-11 12:19:47.084root 11241100x80000000000000003909429Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:47.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6efa13cec65684b2022-01-11 12:19:47.084root 11241100x80000000000000003909430Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:47.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1045ee518ff1d0942022-01-11 12:19:47.084root 11241100x80000000000000003909431Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:47.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.700f12e88b35da012022-01-11 12:19:47.084root 11241100x80000000000000003909432Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:47.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3cccbc82ad6ec3632022-01-11 12:19:47.084root 11241100x80000000000000003909433Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:47.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db1868b2ddd7247c2022-01-11 12:19:47.583root 11241100x80000000000000003909434Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:47.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1536ea9b2decef02022-01-11 12:19:47.583root 11241100x80000000000000003909435Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:47.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b8420b022da50c732022-01-11 12:19:47.583root 11241100x80000000000000003909436Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:47.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1dc92f3c6e076252022-01-11 12:19:47.583root 11241100x80000000000000003909437Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:47.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54758e7ef5e60d862022-01-11 12:19:47.583root 11241100x80000000000000003909438Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:47.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7c7f0626cb242da2022-01-11 12:19:47.583root 11241100x80000000000000003909439Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:47.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5e1b6f085f4f4cf2022-01-11 12:19:47.584root 11241100x80000000000000003909440Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:47.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20cc36e8f8eb49b62022-01-11 12:19:47.584root 11241100x80000000000000003909441Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:47.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63defe7e2ea8fa842022-01-11 12:19:47.584root 11241100x80000000000000003909442Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:47.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba6a1f30f03d89e12022-01-11 12:19:47.584root 11241100x80000000000000003909443Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:47.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.024bc9e68737e5c02022-01-11 12:19:47.584root 11241100x80000000000000003909444Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:47.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f16ebe52bec8cbd72022-01-11 12:19:47.584root 11241100x80000000000000003909445Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:48.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6dd07f3836a5af982022-01-11 12:19:48.083root 11241100x80000000000000003909446Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2a0e90886fbc11b2022-01-11 12:19:48.084root 11241100x80000000000000003909447Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.714287b83d4918532022-01-11 12:19:48.084root 11241100x80000000000000003909448Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86b29e60635e5e472022-01-11 12:19:48.084root 11241100x80000000000000003909449Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d66e9e6e77a11c492022-01-11 12:19:48.084root 11241100x80000000000000003909450Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.70a1ddb62f9604002022-01-11 12:19:48.084root 11241100x80000000000000003909451Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:48.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04654e2b3bb3145a2022-01-11 12:19:48.085root 11241100x80000000000000003909452Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:48.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a93b0c0ee78c77ed2022-01-11 12:19:48.085root 11241100x80000000000000003909453Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:48.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0cf8063b202dc5b62022-01-11 12:19:48.085root 11241100x80000000000000003909454Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:48.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a35c3835e8081c072022-01-11 12:19:48.085root 11241100x80000000000000003909455Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:48.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5b96ed7f379d53e2022-01-11 12:19:48.085root 11241100x80000000000000003909456Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:48.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f9f63ba3d9b48ef2022-01-11 12:19:48.085root 11241100x80000000000000003909457Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:48.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b4ba782757c4fe62022-01-11 12:19:48.583root 11241100x80000000000000003909458Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:48.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7777726ae2e973ed2022-01-11 12:19:48.584root 11241100x80000000000000003909459Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:48.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e40886813cc20ec82022-01-11 12:19:48.584root 11241100x80000000000000003909460Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:48.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b268254837a247422022-01-11 12:19:48.584root 11241100x80000000000000003909461Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:48.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8edb7ead039329a52022-01-11 12:19:48.584root 11241100x80000000000000003909462Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.451751e1e0b9783c2022-01-11 12:19:48.585root 11241100x80000000000000003909463Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a907fc827acfaa42022-01-11 12:19:48.585root 11241100x80000000000000003909464Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec67ad4c3f90fe142022-01-11 12:19:48.585root 11241100x80000000000000003909465Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8261768a92fe28c32022-01-11 12:19:48.585root 11241100x80000000000000003909466Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bce2827d19d8c9892022-01-11 12:19:48.585root 11241100x80000000000000003909467Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6287f068c92ff0272022-01-11 12:19:48.586root 11241100x80000000000000003909468Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f9683d572cf20302022-01-11 12:19:48.586root 11241100x80000000000000003909469Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:49.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf46ec10eff902322022-01-11 12:19:49.083root 11241100x80000000000000003909470Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:49.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4741e8d1e2e0a45a2022-01-11 12:19:49.084root 11241100x80000000000000003909471Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:49.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d9b0927d48c2ace42022-01-11 12:19:49.084root 11241100x80000000000000003909472Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:49.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1be36b726083ed5d2022-01-11 12:19:49.084root 11241100x80000000000000003909473Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:49.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.31caf6795d75ae0d2022-01-11 12:19:49.084root 11241100x80000000000000003909474Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:49.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f2f3390fec6ac872022-01-11 12:19:49.084root 11241100x80000000000000003909475Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:49.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be0c018fcf3f88b02022-01-11 12:19:49.084root 11241100x80000000000000003909476Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:49.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d19fb63f7531f7a32022-01-11 12:19:49.084root 11241100x80000000000000003909477Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:49.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8e7521de739fa192022-01-11 12:19:49.085root 11241100x80000000000000003909478Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:49.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b803a6211cd5063f2022-01-11 12:19:49.085root 11241100x80000000000000003909479Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:49.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d923df86155a1ab52022-01-11 12:19:49.085root 11241100x80000000000000003909480Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:49.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3dc050ad2957f982022-01-11 12:19:49.085root 11241100x80000000000000003909481Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:49.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1df1b6c2ebf2d522022-01-11 12:19:49.583root 11241100x80000000000000003909482Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:49.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ebed8a8d285e09b2022-01-11 12:19:49.584root 11241100x80000000000000003909483Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:49.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c439a57803a453142022-01-11 12:19:49.584root 11241100x80000000000000003909484Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:49.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a9530ea4f17b5132022-01-11 12:19:49.584root 11241100x80000000000000003909485Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:49.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6872f8d7a3188a92022-01-11 12:19:49.584root 11241100x80000000000000003909486Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:49.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fed505a9a29be8f82022-01-11 12:19:49.584root 11241100x80000000000000003909487Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:49.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1390c5247e254392022-01-11 12:19:49.584root 11241100x80000000000000003909488Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:49.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e56886c1a705e1df2022-01-11 12:19:49.584root 11241100x80000000000000003909489Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:49.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f55e742b58284b9c2022-01-11 12:19:49.584root 11241100x80000000000000003909490Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:49.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce85f9550433f3292022-01-11 12:19:49.584root 11241100x80000000000000003909491Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:49.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fc1070b8d5ddfbd2022-01-11 12:19:49.584root 11241100x80000000000000003909492Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:49.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d868bc0032c31c092022-01-11 12:19:49.584root 11241100x80000000000000003909493Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:50.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da245c086e07f7422022-01-11 12:19:50.083root 11241100x80000000000000003909494Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:50.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.522226d0acf8aaa02022-01-11 12:19:50.083root 11241100x80000000000000003909495Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:50.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d90bf45bbce397b22022-01-11 12:19:50.084root 11241100x80000000000000003909496Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:50.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5eed3ea7e5591042022-01-11 12:19:50.084root 11241100x80000000000000003909497Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:50.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3f97e928710575c2022-01-11 12:19:50.084root 11241100x80000000000000003909498Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:50.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00c94e799797685d2022-01-11 12:19:50.084root 11241100x80000000000000003909499Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:50.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dcd410ac4bb583b52022-01-11 12:19:50.084root 11241100x80000000000000003909500Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:50.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6588f1d23ba61a22022-01-11 12:19:50.084root 11241100x80000000000000003909501Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:50.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff1ab0899cd0cefb2022-01-11 12:19:50.084root 11241100x80000000000000003909502Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:50.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0cb20ba1951f3d572022-01-11 12:19:50.085root 11241100x80000000000000003909503Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:50.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e9afdfa65b9eed02022-01-11 12:19:50.085root 11241100x80000000000000003909504Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:50.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.266768b4d82b53e92022-01-11 12:19:50.085root 11241100x80000000000000003909505Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:50.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea364b1d0a8532a52022-01-11 12:19:50.583root 11241100x80000000000000003909506Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:50.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4ecdce327730a8f2022-01-11 12:19:50.584root 11241100x80000000000000003909507Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:50.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e6b126e4e34965c2022-01-11 12:19:50.584root 11241100x80000000000000003909508Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:50.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b172b7a23969c3ac2022-01-11 12:19:50.584root 11241100x80000000000000003909509Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:50.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.898a0d5e2a2a21cc2022-01-11 12:19:50.584root 11241100x80000000000000003909510Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:50.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c543f4bbe8bd3c92022-01-11 12:19:50.584root 11241100x80000000000000003909511Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:50.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f86a296b1894c6b2022-01-11 12:19:50.584root 11241100x80000000000000003909512Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:50.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b41103a9a1b99ac32022-01-11 12:19:50.584root 11241100x80000000000000003909513Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:50.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42ada674c77ceffb2022-01-11 12:19:50.584root 11241100x80000000000000003909514Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:50.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0420f6070aac7f42022-01-11 12:19:50.585root 11241100x80000000000000003909515Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:50.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c03c1274fcca91882022-01-11 12:19:50.585root 11241100x80000000000000003909516Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:50.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed2549311ed5c76f2022-01-11 12:19:50.585root 11241100x80000000000000003909517Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6177f739738ed6e2022-01-11 12:19:51.083root 11241100x80000000000000003909518Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.821561b54fea6d442022-01-11 12:19:51.084root 11241100x80000000000000003909519Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d6b581c9be7d0562022-01-11 12:19:51.084root 11241100x80000000000000003909520Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3ecdd84318b91ee2022-01-11 12:19:51.084root 11241100x80000000000000003909521Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d0411724de1b7f412022-01-11 12:19:51.084root 11241100x80000000000000003909522Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63a95a6bdd1e346e2022-01-11 12:19:51.084root 11241100x80000000000000003909523Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bbedb6b802ba7c0a2022-01-11 12:19:51.084root 11241100x80000000000000003909524Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fa22f760e82276b2022-01-11 12:19:51.084root 11241100x80000000000000003909525Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ba9bd219813adb52022-01-11 12:19:51.084root 11241100x80000000000000003909526Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7de2b038fa576d92022-01-11 12:19:51.085root 11241100x80000000000000003909527Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b05eb9fe984fda32022-01-11 12:19:51.085root 11241100x80000000000000003909528Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.186beb204d9244f92022-01-11 12:19:51.085root 354300x80000000000000003909529Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.186{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56280-false10.0.1.12-8000- 11241100x80000000000000003909530Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c03c538ed6fdae92022-01-11 12:19:51.584root 11241100x80000000000000003909531Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.64fdd001941142362022-01-11 12:19:51.584root 11241100x80000000000000003909532Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a6f1a83c325d0e92022-01-11 12:19:51.584root 11241100x80000000000000003909533Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35e1f33fdf2cb8842022-01-11 12:19:51.584root 11241100x80000000000000003909534Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50dd99c3e67c494e2022-01-11 12:19:51.584root 11241100x80000000000000003909535Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aabf041deeaac7e32022-01-11 12:19:51.584root 11241100x80000000000000003909536Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7974d0c159ccb7942022-01-11 12:19:51.584root 11241100x80000000000000003909537Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5fc75cf75f03f3222022-01-11 12:19:51.584root 11241100x80000000000000003909538Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d9dcf0bb22ad23f22022-01-11 12:19:51.584root 11241100x80000000000000003909539Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b5ef3b6604adcd732022-01-11 12:19:51.585root 11241100x80000000000000003909540Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e75efd5195eab9db2022-01-11 12:19:51.585root 11241100x80000000000000003909541Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c295777b7c6830222022-01-11 12:19:51.585root 11241100x80000000000000003909542Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:51.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4bd3d2193191110b2022-01-11 12:19:51.585root 11241100x80000000000000003909543Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6f6eb61b37cfb512022-01-11 12:19:52.084root 11241100x80000000000000003909544Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c3ccaa4a854c6be2022-01-11 12:19:52.084root 11241100x80000000000000003909545Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.302c8d8879d631482022-01-11 12:19:52.084root 11241100x80000000000000003909546Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d833c6bca723115d2022-01-11 12:19:52.084root 11241100x80000000000000003909547Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.219ddd72d9a2b55d2022-01-11 12:19:52.085root 11241100x80000000000000003909548Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ee8e102e78b55202022-01-11 12:19:52.085root 11241100x80000000000000003909549Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5cff8aa242b24b6e2022-01-11 12:19:52.085root 11241100x80000000000000003909550Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.273aa55ef22d8a502022-01-11 12:19:52.085root 11241100x80000000000000003909551Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fdfa255bc25174192022-01-11 12:19:52.085root 11241100x80000000000000003909552Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a14ccfe79e465a72022-01-11 12:19:52.085root 11241100x80000000000000003909553Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ba173779bffc89b2022-01-11 12:19:52.086root 11241100x80000000000000003909554Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2419b3cdc47503e52022-01-11 12:19:52.086root 11241100x80000000000000003909555Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8040d3f076d0a3d2022-01-11 12:19:52.086root 11241100x80000000000000003909556Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a905884607a78832022-01-11 12:19:52.583root 11241100x80000000000000003909557Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d56040d21ed462352022-01-11 12:19:52.584root 11241100x80000000000000003909558Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.522053798f3b4cd82022-01-11 12:19:52.584root 11241100x80000000000000003909559Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ca995f177d817db2022-01-11 12:19:52.584root 11241100x80000000000000003909560Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f5b1c6f0d5dbc732022-01-11 12:19:52.585root 11241100x80000000000000003909561Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc04b149e2ff51662022-01-11 12:19:52.585root 11241100x80000000000000003909562Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56813f48369c885f2022-01-11 12:19:52.585root 11241100x80000000000000003909563Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.153ff1d8efe0c6d92022-01-11 12:19:52.585root 11241100x80000000000000003909564Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2433741c8f259732022-01-11 12:19:52.585root 11241100x80000000000000003909565Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6fdac4afeb7815b2022-01-11 12:19:52.585root 11241100x80000000000000003909566Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.258b8772642986582022-01-11 12:19:52.586root 11241100x80000000000000003909567Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de86e718bc5d21162022-01-11 12:19:52.586root 11241100x80000000000000003909568Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:52.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8d7f98015091b9a2022-01-11 12:19:52.586root 11241100x80000000000000003909569Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f078ecc6d91da8b42022-01-11 12:19:53.083root 11241100x80000000000000003909570Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ecb67618e93105832022-01-11 12:19:53.083root 11241100x80000000000000003909571Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d65636defb977092022-01-11 12:19:53.083root 11241100x80000000000000003909572Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b55f0f871921cda22022-01-11 12:19:53.083root 11241100x80000000000000003909573Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba9d835ed79b909f2022-01-11 12:19:53.083root 11241100x80000000000000003909574Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.764041e8e203bbe92022-01-11 12:19:53.083root 11241100x80000000000000003909575Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1a8163f511674352022-01-11 12:19:53.084root 11241100x80000000000000003909576Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbcdca50d3fc59d12022-01-11 12:19:53.084root 11241100x80000000000000003909577Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8cca8234476d6c132022-01-11 12:19:53.084root 11241100x80000000000000003909578Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dbf09096fe2f60832022-01-11 12:19:53.084root 11241100x80000000000000003909579Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.caa0eb133f04da132022-01-11 12:19:53.084root 11241100x80000000000000003909580Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f661b86b036e44c2022-01-11 12:19:53.084root 11241100x80000000000000003909581Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f7de14b90815843b2022-01-11 12:19:53.084root 11241100x80000000000000003909582Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c14b5d03897e6c92022-01-11 12:19:53.583root 11241100x80000000000000003909583Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f77557f96e866b962022-01-11 12:19:53.583root 11241100x80000000000000003909584Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2cf42e84ec23b9a2022-01-11 12:19:53.583root 11241100x80000000000000003909585Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2023816d2d8e3b032022-01-11 12:19:53.583root 11241100x80000000000000003909586Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca0bc153e1e6195d2022-01-11 12:19:53.584root 11241100x80000000000000003909587Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac5bcf6cdf29805d2022-01-11 12:19:53.584root 11241100x80000000000000003909588Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8afcab2e9ccdb3772022-01-11 12:19:53.584root 11241100x80000000000000003909589Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.391975d5cc6765a92022-01-11 12:19:53.584root 11241100x80000000000000003909590Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fdbd92b69e292b982022-01-11 12:19:53.584root 11241100x80000000000000003909591Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4552adfebe631b5a2022-01-11 12:19:53.584root 11241100x80000000000000003909592Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.87a766adef80bd8f2022-01-11 12:19:53.584root 11241100x80000000000000003909593Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c81da8cdc90a97a2022-01-11 12:19:53.584root 11241100x80000000000000003909594Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:53.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63475ad96b3d1d8f2022-01-11 12:19:53.584root 11241100x80000000000000003909595Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0616c770d80963a32022-01-11 12:19:54.083root 11241100x80000000000000003909596Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.671a427034275e142022-01-11 12:19:54.083root 11241100x80000000000000003909597Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73c7b20ac47c95ca2022-01-11 12:19:54.083root 11241100x80000000000000003909598Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f6dd869c0b210b42022-01-11 12:19:54.083root 11241100x80000000000000003909599Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97b0741b43695dfe2022-01-11 12:19:54.084root 11241100x80000000000000003909600Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1c2a42b11b6f0522022-01-11 12:19:54.084root 11241100x80000000000000003909601Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c683b7ac37620e3b2022-01-11 12:19:54.084root 11241100x80000000000000003909602Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3623f5fd7ce2a6492022-01-11 12:19:54.084root 11241100x80000000000000003909603Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.147038afac35b84a2022-01-11 12:19:54.084root 11241100x80000000000000003909604Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cdc1374a0be8fef42022-01-11 12:19:54.084root 11241100x80000000000000003909605Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17df677611e6b2192022-01-11 12:19:54.084root 11241100x80000000000000003909606Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8da384bc1bfb559d2022-01-11 12:19:54.084root 11241100x80000000000000003909607Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1cca1361490369512022-01-11 12:19:54.084root 11241100x80000000000000003909608Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2538c826cd2566c72022-01-11 12:19:54.583root 11241100x80000000000000003909609Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7460f6d27ec516532022-01-11 12:19:54.584root 11241100x80000000000000003909610Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ddec5b2f9a726f62022-01-11 12:19:54.584root 11241100x80000000000000003909611Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a1a3f6e057d116a2022-01-11 12:19:54.584root 11241100x80000000000000003909612Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fdc30a4e5d3487e22022-01-11 12:19:54.585root 11241100x80000000000000003909613Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7684aa66500e6c592022-01-11 12:19:54.585root 11241100x80000000000000003909614Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7756fd36e5c58932022-01-11 12:19:54.585root 11241100x80000000000000003909615Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ad2cba25b4938a32022-01-11 12:19:54.586root 11241100x80000000000000003909616Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8930452b6f5c0f872022-01-11 12:19:54.586root 11241100x80000000000000003909617Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33b13dfbe9cb631c2022-01-11 12:19:54.586root 11241100x80000000000000003909618Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6574229ae0f76bd2022-01-11 12:19:54.586root 11241100x80000000000000003909619Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3cde4eefc23761562022-01-11 12:19:54.587root 11241100x80000000000000003909620Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb73dcdb5ae618942022-01-11 12:19:54.587root 11241100x80000000000000003909621Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.894{ec2d504d-f0f9-61db-30a8-2a40f5550000}5391/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log2022-01-11 12:19:54.894root 11241100x80000000000000003909622Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.895{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.869a2355b52e76632022-01-11 12:19:54.895root 11241100x80000000000000003909623Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.895{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.972d60871bc7f1652022-01-11 12:19:54.895root 11241100x80000000000000003909624Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.895{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d44c4a7609b3764d2022-01-11 12:19:54.895root 11241100x80000000000000003909625Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d86512e1744b5422022-01-11 12:19:54.896root 11241100x80000000000000003909626Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.103b46725f05a6cd2022-01-11 12:19:54.896root 11241100x80000000000000003909627Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e2ddcdf5901cb872022-01-11 12:19:54.896root 11241100x80000000000000003909628Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6676d235914029ba2022-01-11 12:19:54.897root 11241100x80000000000000003909629Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.edf8d5e1f605e10d2022-01-11 12:19:54.897root 11241100x80000000000000003909630Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a3ae8d13d37c26e2022-01-11 12:19:54.897root 11241100x80000000000000003909631Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39bad8143c7ee76d2022-01-11 12:19:54.898root 11241100x80000000000000003909632Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c541e7295f761e32022-01-11 12:19:54.898root 11241100x80000000000000003909633Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d88cd56ecb98e19b2022-01-11 12:19:54.898root 11241100x80000000000000003909634Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.720ad3961ed587542022-01-11 12:19:54.898root 11241100x80000000000000003909635Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.899{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02a480e5d42beb302022-01-11 12:19:54.899root 11241100x80000000000000003909636Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:54.899{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c6a5896e4fb783d2022-01-11 12:19:54.899root 11241100x80000000000000003909637Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.902ef0e2174348e12022-01-11 12:19:55.334root 11241100x80000000000000003909638Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.058ca69ad113bc0b2022-01-11 12:19:55.334root 11241100x80000000000000003909639Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd07a106c4bc52a52022-01-11 12:19:55.334root 11241100x80000000000000003909640Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4f72aaa315fc2372022-01-11 12:19:55.334root 11241100x80000000000000003909641Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a01c007c94942f2c2022-01-11 12:19:55.334root 11241100x80000000000000003909642Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.357a5c2ed10a463f2022-01-11 12:19:55.334root 11241100x80000000000000003909643Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aed81abc0ba0cb452022-01-11 12:19:55.334root 11241100x80000000000000003909644Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fceecc5045f96f5d2022-01-11 12:19:55.334root 11241100x80000000000000003909645Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3fb3a450c92828692022-01-11 12:19:55.334root 11241100x80000000000000003909646Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.108a9416b36e8fc42022-01-11 12:19:55.334root 11241100x80000000000000003909647Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3f37f438a8205fe2022-01-11 12:19:55.334root 11241100x80000000000000003909648Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1782648ed9552c72022-01-11 12:19:55.334root 11241100x80000000000000003909649Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1d916bab269e5ea2022-01-11 12:19:55.334root 11241100x80000000000000003909650Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.028858bfdb6e6bde2022-01-11 12:19:55.335root 11241100x80000000000000003909651Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5340fcf5a9037d2e2022-01-11 12:19:55.834root 11241100x80000000000000003909652Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86193278af17267e2022-01-11 12:19:55.834root 11241100x80000000000000003909653Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a6f39a34968476c2022-01-11 12:19:55.834root 11241100x80000000000000003909654Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f14581edb507202f2022-01-11 12:19:55.834root 11241100x80000000000000003909655Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5fbb284282160ef2022-01-11 12:19:55.834root 11241100x80000000000000003909656Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9cb5ac86076f3d602022-01-11 12:19:55.834root 11241100x80000000000000003909657Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.78e23616145196212022-01-11 12:19:55.834root 11241100x80000000000000003909658Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c3c840ed1661fda2022-01-11 12:19:55.834root 11241100x80000000000000003909659Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05643a6709f4e8802022-01-11 12:19:55.834root 11241100x80000000000000003909660Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79b3df359f45e2ae2022-01-11 12:19:55.834root 11241100x80000000000000003909661Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbfd626b671a60612022-01-11 12:19:55.834root 11241100x80000000000000003909662Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77466981061dee262022-01-11 12:19:55.834root 11241100x80000000000000003909663Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4bc4f7cda0d0cad52022-01-11 12:19:55.835root 11241100x80000000000000003909664Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:55.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b0f3c32e02faa612022-01-11 12:19:55.835root 354300x80000000000000003909665Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.188{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56282-false10.0.1.12-8000- 11241100x80000000000000003909666Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.189{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06ec1c742e500d662022-01-11 12:19:56.189root 11241100x80000000000000003909667Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.189{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.210571d7744b8cbc2022-01-11 12:19:56.189root 11241100x80000000000000003909668Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.190{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80f4320ae212f0e92022-01-11 12:19:56.190root 11241100x80000000000000003909669Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.190{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6947d2e66af4b582022-01-11 12:19:56.190root 11241100x80000000000000003909670Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.190{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e87f11a2befac93c2022-01-11 12:19:56.190root 11241100x80000000000000003909671Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.190{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7d2e305ecfc23102022-01-11 12:19:56.190root 11241100x80000000000000003909672Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.191{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3621af2806300c732022-01-11 12:19:56.191root 11241100x80000000000000003909673Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.191{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2d3f5b8e6944e0e2022-01-11 12:19:56.191root 11241100x80000000000000003909674Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.191{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.babc53ae072320fa2022-01-11 12:19:56.191root 11241100x80000000000000003909675Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.192{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e6e0c87fe050d322022-01-11 12:19:56.192root 11241100x80000000000000003909676Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.192{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de3e2fd306e0fc3b2022-01-11 12:19:56.192root 11241100x80000000000000003909677Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.192{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5babeec4405b251b2022-01-11 12:19:56.192root 11241100x80000000000000003909678Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.192{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bda7b3c1bee0e7232022-01-11 12:19:56.192root 11241100x80000000000000003909679Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.193{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.837882e429a564112022-01-11 12:19:56.193root 11241100x80000000000000003909680Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.193{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ed3ec4bcfc3f5f62022-01-11 12:19:56.193root 11241100x80000000000000003909681Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.193{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.07c29dc4e2b5be9a2022-01-11 12:19:56.193root 11241100x80000000000000003909682Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.194{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62fb04c62f5726692022-01-11 12:19:56.194root 11241100x80000000000000003909683Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1afe7939d9009a52022-01-11 12:19:56.584root 11241100x80000000000000003909684Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c57dab6703266bc2022-01-11 12:19:56.584root 11241100x80000000000000003909685Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0390dc6a518dd97f2022-01-11 12:19:56.584root 11241100x80000000000000003909686Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d55a9b99441b2fac2022-01-11 12:19:56.584root 11241100x80000000000000003909687Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fcb22a68b307b6792022-01-11 12:19:56.584root 11241100x80000000000000003909688Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa5ad0750df1e6522022-01-11 12:19:56.585root 11241100x80000000000000003909689Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09b29dd7517445be2022-01-11 12:19:56.585root 11241100x80000000000000003909690Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b9214525d6528632022-01-11 12:19:56.585root 11241100x80000000000000003909691Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3196de147b8a3282022-01-11 12:19:56.585root 11241100x80000000000000003909692Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d6b36fbb81ffc802022-01-11 12:19:56.586root 11241100x80000000000000003909693Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ebd31b5a6c62b182022-01-11 12:19:56.586root 11241100x80000000000000003909694Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e909a86002b0b2292022-01-11 12:19:56.586root 11241100x80000000000000003909695Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f4daaea4d07cdee2022-01-11 12:19:56.586root 11241100x80000000000000003909696Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ddeeb375178d267b2022-01-11 12:19:56.586root 11241100x80000000000000003909697Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:56.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3432da854fa002ec2022-01-11 12:19:56.586root 11241100x80000000000000003909698Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.64cdb279132e2f1f2022-01-11 12:19:57.083root 11241100x80000000000000003909699Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aad7861572e249f32022-01-11 12:19:57.083root 11241100x80000000000000003909700Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41bc1dd69c1b12ed2022-01-11 12:19:57.084root 11241100x80000000000000003909701Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c843a65e18a0d06b2022-01-11 12:19:57.084root 11241100x80000000000000003909702Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3995e887ba463d92022-01-11 12:19:57.084root 11241100x80000000000000003909703Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e311ced466b15f692022-01-11 12:19:57.084root 11241100x80000000000000003909704Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb1d24cfb5dbde6e2022-01-11 12:19:57.084root 11241100x80000000000000003909705Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5459c1e8d554896b2022-01-11 12:19:57.084root 11241100x80000000000000003909706Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8638a9a65510d8742022-01-11 12:19:57.084root 11241100x80000000000000003909707Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2daab547acd43f032022-01-11 12:19:57.084root 11241100x80000000000000003909708Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6588f4f17654a1a42022-01-11 12:19:57.085root 11241100x80000000000000003909709Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf96004668a2a3dc2022-01-11 12:19:57.085root 11241100x80000000000000003909710Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43348597eaa343462022-01-11 12:19:57.085root 11241100x80000000000000003909711Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.509527d2ed9102af2022-01-11 12:19:57.085root 11241100x80000000000000003909712Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.446d543a6e84233f2022-01-11 12:19:57.085root 11241100x80000000000000003909713Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc537c4eba815c9e2022-01-11 12:19:57.085root 11241100x80000000000000003909714Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b58e9c400decd4752022-01-11 12:19:57.085root 11241100x80000000000000003909715Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea5407ca8a3a28612022-01-11 12:19:57.583root 11241100x80000000000000003909716Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e50fc60ffc723f32022-01-11 12:19:57.583root 11241100x80000000000000003909717Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a31d884b5d411dd2022-01-11 12:19:57.584root 11241100x80000000000000003909718Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0944b2a67dbe348f2022-01-11 12:19:57.584root 11241100x80000000000000003909719Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9aa4489032698d72022-01-11 12:19:57.584root 11241100x80000000000000003909720Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9f4a14d1f6d98412022-01-11 12:19:57.584root 11241100x80000000000000003909721Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3375eb0b394048492022-01-11 12:19:57.584root 11241100x80000000000000003909722Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.733125c72cd57c212022-01-11 12:19:57.585root 11241100x80000000000000003909723Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb5afddc1228c6ca2022-01-11 12:19:57.585root 11241100x80000000000000003909724Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.416d1f0ccc8a1aa52022-01-11 12:19:57.585root 11241100x80000000000000003909725Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b341e38d70c08fa2022-01-11 12:19:57.585root 11241100x80000000000000003909726Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f4d8b4caa30175c82022-01-11 12:19:57.585root 11241100x80000000000000003909727Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b45bf95c1b080942022-01-11 12:19:57.586root 11241100x80000000000000003909728Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b8806f578fd430ba2022-01-11 12:19:57.586root 11241100x80000000000000003909729Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6664210f1bd21ae42022-01-11 12:19:57.586root 23542300x80000000000000003909730Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.896{ec2d504d-f0f9-61db-30a8-2a40f5550000}5391root/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log--- 11241100x80000000000000003909731Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44ca2cf136e8bf632022-01-11 12:19:57.897root 11241100x80000000000000003909732Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.249e4dd585779dc12022-01-11 12:19:57.897root 11241100x80000000000000003909733Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23676254df1524b22022-01-11 12:19:57.897root 11241100x80000000000000003909734Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9fe4a9c0f07ae082022-01-11 12:19:57.897root 11241100x80000000000000003909735Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67986bbcec36d32c2022-01-11 12:19:57.897root 11241100x80000000000000003909736Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7f47716354b46e92022-01-11 12:19:57.897root 11241100x80000000000000003909737Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dfe1886c1e525c6a2022-01-11 12:19:57.898root 11241100x80000000000000003909738Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a50c05059569daa72022-01-11 12:19:57.898root 11241100x80000000000000003909739Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8513dc8d6e1f71f12022-01-11 12:19:57.898root 11241100x80000000000000003909740Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20855d9781df676a2022-01-11 12:19:57.898root 11241100x80000000000000003909741Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.419243d09e660e092022-01-11 12:19:57.898root 11241100x80000000000000003909742Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.899{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84c1c4af479b80b62022-01-11 12:19:57.899root 11241100x80000000000000003909743Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.899{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0714a9824366b142022-01-11 12:19:57.899root 11241100x80000000000000003909744Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.899{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.105488d2ede69af72022-01-11 12:19:57.899root 11241100x80000000000000003909745Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.899{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b5af6b6776f45802022-01-11 12:19:57.899root 11241100x80000000000000003909746Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:57.899{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bfa15ae6e595c7002022-01-11 12:19:57.899root 11241100x80000000000000003909747Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b07993e03a0b7882022-01-11 12:19:58.334root 11241100x80000000000000003909748Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e7ff215166f36a82022-01-11 12:19:58.334root 11241100x80000000000000003909749Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d9100d68cd2847b2022-01-11 12:19:58.334root 11241100x80000000000000003909750Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.897277b8dbc590072022-01-11 12:19:58.334root 11241100x80000000000000003909751Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44465177588c6c9f2022-01-11 12:19:58.334root 11241100x80000000000000003909752Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.156e9bfb1f1481952022-01-11 12:19:58.334root 11241100x80000000000000003909753Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba56ea74473a07ae2022-01-11 12:19:58.334root 11241100x80000000000000003909754Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b88bac9101e79a002022-01-11 12:19:58.334root 11241100x80000000000000003909755Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1ee3ddfc2f0af072022-01-11 12:19:58.334root 11241100x80000000000000003909756Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.320ae76e9919d00b2022-01-11 12:19:58.334root 11241100x80000000000000003909757Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f0d1180ff6e773f2022-01-11 12:19:58.334root 11241100x80000000000000003909758Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b54796a64c35273c2022-01-11 12:19:58.334root 11241100x80000000000000003909759Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33c1cd49656d95b82022-01-11 12:19:58.334root 11241100x80000000000000003909760Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4cdd893d24478fd52022-01-11 12:19:58.335root 11241100x80000000000000003909761Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e43f9077350fca52022-01-11 12:19:58.335root 11241100x80000000000000003909762Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.98ee25f8752e13172022-01-11 12:19:58.335root 11241100x80000000000000003909763Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b74e11c6c9b12112022-01-11 12:19:58.834root 11241100x80000000000000003909764Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1db459ef2c346c82022-01-11 12:19:58.834root 11241100x80000000000000003909765Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15eb8fe41304989f2022-01-11 12:19:58.834root 11241100x80000000000000003909766Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4785cacde715ec5d2022-01-11 12:19:58.834root 11241100x80000000000000003909767Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ca51124449617172022-01-11 12:19:58.834root 11241100x80000000000000003909768Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.58f4a9f5152a283e2022-01-11 12:19:58.834root 11241100x80000000000000003909769Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.836907c6beca52e62022-01-11 12:19:58.834root 11241100x80000000000000003909770Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd29ada0772801772022-01-11 12:19:58.834root 11241100x80000000000000003909771Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba430d620952831a2022-01-11 12:19:58.834root 11241100x80000000000000003909772Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf519285e8904aec2022-01-11 12:19:58.834root 11241100x80000000000000003909773Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce0f5a9fdf2bcce32022-01-11 12:19:58.834root 11241100x80000000000000003909774Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11f5548046af361f2022-01-11 12:19:58.834root 11241100x80000000000000003909775Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9f9a063a123fa6b2022-01-11 12:19:58.835root 11241100x80000000000000003909776Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1db365b26608731b2022-01-11 12:19:58.835root 11241100x80000000000000003909777Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08b0a8257b2359952022-01-11 12:19:58.835root 11241100x80000000000000003909778Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:58.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57151ceecb216ed22022-01-11 12:19:58.835root 11241100x80000000000000003909779Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d8cc8e0bbdbd0562022-01-11 12:19:59.334root 11241100x80000000000000003909780Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37bf69e6857927102022-01-11 12:19:59.334root 11241100x80000000000000003909781Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ddb71a88504451d82022-01-11 12:19:59.334root 11241100x80000000000000003909782Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c7adadc51e0e9a42022-01-11 12:19:59.334root 11241100x80000000000000003909783Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7da5fb9324dc73bd2022-01-11 12:19:59.334root 11241100x80000000000000003909784Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95dafd8ee0e3acea2022-01-11 12:19:59.334root 11241100x80000000000000003909785Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6ecae76a8328f372022-01-11 12:19:59.334root 11241100x80000000000000003909786Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.59f887e5342299162022-01-11 12:19:59.334root 11241100x80000000000000003909787Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.330d327c3ea87d532022-01-11 12:19:59.334root 11241100x80000000000000003909788Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed801c4676063f132022-01-11 12:19:59.334root 11241100x80000000000000003909789Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.60b7b264c11f15c22022-01-11 12:19:59.334root 11241100x80000000000000003909790Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5315eda50f83eb012022-01-11 12:19:59.334root 11241100x80000000000000003909791Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.baaad01bf3f13f2b2022-01-11 12:19:59.334root 11241100x80000000000000003909792Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3eece26b89939992022-01-11 12:19:59.335root 11241100x80000000000000003909793Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f19162c3799c8c32022-01-11 12:19:59.335root 11241100x80000000000000003909794Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5748b71a147e1ed22022-01-11 12:19:59.335root 11241100x80000000000000003909795Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d386c2f36c49d352022-01-11 12:19:59.834root 11241100x80000000000000003909796Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.220a84a8195186ba2022-01-11 12:19:59.834root 11241100x80000000000000003909797Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0546efa0ba4c1afa2022-01-11 12:19:59.834root 11241100x80000000000000003909798Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b01894f61a43faf2022-01-11 12:19:59.834root 11241100x80000000000000003909799Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f145feb03b94b87a2022-01-11 12:19:59.834root 11241100x80000000000000003909800Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de3626d92cbf61552022-01-11 12:19:59.834root 11241100x80000000000000003909801Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.426647f8edc78d782022-01-11 12:19:59.834root 11241100x80000000000000003909802Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.adffd83354db2a382022-01-11 12:19:59.834root 11241100x80000000000000003909803Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.540fb7715ef5012f2022-01-11 12:19:59.834root 11241100x80000000000000003909804Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62922bfc150682542022-01-11 12:19:59.834root 11241100x80000000000000003909805Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.581798d3ba83b7ee2022-01-11 12:19:59.834root 11241100x80000000000000003909806Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c42936af7fb72f82022-01-11 12:19:59.834root 11241100x80000000000000003909807Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36587007f378b84d2022-01-11 12:19:59.835root 11241100x80000000000000003909808Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb249aca039add9b2022-01-11 12:19:59.835root 11241100x80000000000000003909809Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e4991102fd023df2022-01-11 12:19:59.835root 11241100x80000000000000003909810Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:19:59.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51308f0b38e0c65b2022-01-11 12:19:59.835root 11241100x80000000000000003909811Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c7e26f101cd9b852022-01-11 12:20:00.334root 11241100x80000000000000003909812Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5bf7c48e8569ce32022-01-11 12:20:00.334root 11241100x80000000000000003909813Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9abc361f942df6432022-01-11 12:20:00.335root 11241100x80000000000000003909814Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51c0055511e4dd272022-01-11 12:20:00.335root 11241100x80000000000000003909815Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b72cc683358481bc2022-01-11 12:20:00.335root 11241100x80000000000000003909816Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a482c5440a140162022-01-11 12:20:00.335root 11241100x80000000000000003909817Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a054248d2c49ae2e2022-01-11 12:20:00.335root 11241100x80000000000000003909818Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.413856871a6adcea2022-01-11 12:20:00.335root 11241100x80000000000000003909819Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63dda75ba52d647e2022-01-11 12:20:00.335root 11241100x80000000000000003909820Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6527f1a65a1143b2022-01-11 12:20:00.335root 11241100x80000000000000003909821Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8867cb5775d1beb22022-01-11 12:20:00.335root 11241100x80000000000000003909822Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2bd6f093f896cc902022-01-11 12:20:00.335root 11241100x80000000000000003909823Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a370027c65d31ec12022-01-11 12:20:00.335root 11241100x80000000000000003909824Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.354d6ec2d115b8732022-01-11 12:20:00.335root 11241100x80000000000000003909825Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f25cd18bf6041d12022-01-11 12:20:00.335root 11241100x80000000000000003909826Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7af971882bda1342022-01-11 12:20:00.336root 11241100x80000000000000003909827Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8538e3c3ca4955f2022-01-11 12:20:00.834root 11241100x80000000000000003909828Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.503a9adb02e2f7e22022-01-11 12:20:00.834root 11241100x80000000000000003909829Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3753fac12fb410cd2022-01-11 12:20:00.834root 11241100x80000000000000003909830Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dac8ff0b7e7910b92022-01-11 12:20:00.834root 11241100x80000000000000003909831Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a85c5335c17890952022-01-11 12:20:00.834root 11241100x80000000000000003909832Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e9b7af82265750b2022-01-11 12:20:00.834root 11241100x80000000000000003909833Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9bd091aff0f94d392022-01-11 12:20:00.834root 11241100x80000000000000003909834Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d848e5ab299521472022-01-11 12:20:00.834root 11241100x80000000000000003909835Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a23624969aa5c6832022-01-11 12:20:00.834root 11241100x80000000000000003909836Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a163acee0df214cb2022-01-11 12:20:00.834root 11241100x80000000000000003909837Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e703ef94536e7b252022-01-11 12:20:00.834root 11241100x80000000000000003909838Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4fb55f6a00490e7a2022-01-11 12:20:00.834root 11241100x80000000000000003909839Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f195c4980673cae62022-01-11 12:20:00.835root 11241100x80000000000000003909840Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe154204d4ab540a2022-01-11 12:20:00.835root 11241100x80000000000000003909841Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.281eccdcd958fbff2022-01-11 12:20:00.835root 11241100x80000000000000003909842Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:00.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c208404f868ff6ba2022-01-11 12:20:00.835root 11241100x80000000000000003909843Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2c2bf219801834b2022-01-11 12:20:01.334root 11241100x80000000000000003909844Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9135ea8f6d396012022-01-11 12:20:01.334root 11241100x80000000000000003909845Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac1b6eaabc3389dd2022-01-11 12:20:01.334root 11241100x80000000000000003909846Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.197d5c36e3eaf8f92022-01-11 12:20:01.334root 11241100x80000000000000003909847Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2acac21a4ce8f52c2022-01-11 12:20:01.334root 11241100x80000000000000003909848Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a996b0b06bae8ec2022-01-11 12:20:01.334root 11241100x80000000000000003909849Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81c195cb86311a922022-01-11 12:20:01.334root 11241100x80000000000000003909850Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1da9146dfaea131d2022-01-11 12:20:01.334root 11241100x80000000000000003909851Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e90a9c4fabaa78052022-01-11 12:20:01.334root 11241100x80000000000000003909852Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46fb5c78a82c6d052022-01-11 12:20:01.334root 11241100x80000000000000003909853Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c047dd4605d00f12022-01-11 12:20:01.334root 11241100x80000000000000003909854Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0ae85eafa6de8892022-01-11 12:20:01.334root 11241100x80000000000000003909855Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ead2d73cac135322022-01-11 12:20:01.335root 11241100x80000000000000003909856Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff59cdd44635a7032022-01-11 12:20:01.335root 11241100x80000000000000003909857Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.187366e58c0fc8e62022-01-11 12:20:01.335root 11241100x80000000000000003909858Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9b73d05ea3e1fdc2022-01-11 12:20:01.335root 11241100x80000000000000003909859Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1af3404ad5b392162022-01-11 12:20:01.834root 11241100x80000000000000003909860Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa04826f91e7b2352022-01-11 12:20:01.834root 11241100x80000000000000003909861Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e426ed492f1b84202022-01-11 12:20:01.834root 11241100x80000000000000003909862Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f9aa8780967777972022-01-11 12:20:01.834root 11241100x80000000000000003909863Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6cc1be5c0f9b97212022-01-11 12:20:01.834root 11241100x80000000000000003909864Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c1803d67811afeb2022-01-11 12:20:01.834root 11241100x80000000000000003909865Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.31486c96b9783c0f2022-01-11 12:20:01.834root 11241100x80000000000000003909866Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2044fc1ccbec18e22022-01-11 12:20:01.834root 11241100x80000000000000003909867Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7091a9853339d032022-01-11 12:20:01.834root 11241100x80000000000000003909868Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d11c4fc166da73712022-01-11 12:20:01.834root 11241100x80000000000000003909869Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c50dc70c7628acd2022-01-11 12:20:01.834root 11241100x80000000000000003909870Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b0f5b31a63eea792022-01-11 12:20:01.835root 11241100x80000000000000003909871Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3bd6f9cae44e0d12022-01-11 12:20:01.835root 11241100x80000000000000003909872Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.699147307e7d953f2022-01-11 12:20:01.835root 11241100x80000000000000003909873Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa5fc79f48f0a11d2022-01-11 12:20:01.835root 11241100x80000000000000003909874Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:01.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f6f66a4b580c68c2022-01-11 12:20:01.835root 354300x80000000000000003909875Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.021{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56284-false10.0.1.12-8000- 11241100x80000000000000003909876Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6bc620e4a4d201f2022-01-11 12:20:02.334root 11241100x80000000000000003909877Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80b7f0412ee562cb2022-01-11 12:20:02.334root 11241100x80000000000000003909878Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f87414b1391aa932022-01-11 12:20:02.334root 11241100x80000000000000003909879Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.92b42c7b4d9f5d1d2022-01-11 12:20:02.334root 11241100x80000000000000003909880Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.632db220be7c88c82022-01-11 12:20:02.334root 11241100x80000000000000003909881Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df04782d13248fd62022-01-11 12:20:02.335root 11241100x80000000000000003909882Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a6a5b49df8926282022-01-11 12:20:02.335root 11241100x80000000000000003909883Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e2dd2a9cc75bce22022-01-11 12:20:02.335root 11241100x80000000000000003909884Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f08df92aba5d598a2022-01-11 12:20:02.335root 11241100x80000000000000003909885Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b214a21d9e8097b2022-01-11 12:20:02.335root 11241100x80000000000000003909886Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da8131399289a0f22022-01-11 12:20:02.335root 11241100x80000000000000003909887Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dfc456e6f731fe0e2022-01-11 12:20:02.335root 11241100x80000000000000003909888Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d487a1a5462d07022022-01-11 12:20:02.335root 11241100x80000000000000003909889Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b6a04102eee8e702022-01-11 12:20:02.335root 11241100x80000000000000003909890Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af236906e2eb78c82022-01-11 12:20:02.336root 11241100x80000000000000003909891Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7749cd11a4e663b2022-01-11 12:20:02.336root 11241100x80000000000000003909892Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a81009079d9a86fd2022-01-11 12:20:02.336root 11241100x80000000000000003909893Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89f646471415e4b12022-01-11 12:20:02.834root 11241100x80000000000000003909894Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b7ce46f1ad7d7902022-01-11 12:20:02.834root 11241100x80000000000000003909895Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d9201d684875cf032022-01-11 12:20:02.834root 11241100x80000000000000003909896Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d426b2e45c9e13b2022-01-11 12:20:02.834root 11241100x80000000000000003909897Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8ee296a038132b12022-01-11 12:20:02.834root 11241100x80000000000000003909898Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef48052d1d32f8c22022-01-11 12:20:02.834root 11241100x80000000000000003909899Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.afa480c55af8feaf2022-01-11 12:20:02.834root 11241100x80000000000000003909900Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7362c6e3c186b0c32022-01-11 12:20:02.834root 11241100x80000000000000003909901Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38847edf9f87a4bd2022-01-11 12:20:02.834root 11241100x80000000000000003909902Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1a58613585ec6f92022-01-11 12:20:02.834root 11241100x80000000000000003909903Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a591d37a0ac24962022-01-11 12:20:02.834root 11241100x80000000000000003909904Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae7d7948b11827232022-01-11 12:20:02.834root 11241100x80000000000000003909905Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca315b6a940001a62022-01-11 12:20:02.835root 11241100x80000000000000003909906Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f90f2c9ca516c5e2022-01-11 12:20:02.835root 11241100x80000000000000003909907Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.269a8588f26128332022-01-11 12:20:02.835root 11241100x80000000000000003909908Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fdd39db6cf05ddfd2022-01-11 12:20:02.835root 11241100x80000000000000003909909Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:02.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.afffa64418b309422022-01-11 12:20:02.835root 11241100x80000000000000003909910Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a72aa7a06d214ea2022-01-11 12:20:03.334root 11241100x80000000000000003909911Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.347c5c540187f84f2022-01-11 12:20:03.334root 11241100x80000000000000003909912Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.748b3d1ff21437b92022-01-11 12:20:03.334root 11241100x80000000000000003909913Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.202218555151724c2022-01-11 12:20:03.334root 11241100x80000000000000003909914Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ba059530ce80fa32022-01-11 12:20:03.334root 11241100x80000000000000003909915Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f158a6e49203eb252022-01-11 12:20:03.334root 11241100x80000000000000003909916Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.223be47076882fd92022-01-11 12:20:03.334root 11241100x80000000000000003909917Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.31393eff33ba29d22022-01-11 12:20:03.334root 11241100x80000000000000003909918Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79f306178005dc592022-01-11 12:20:03.334root 11241100x80000000000000003909919Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0d18367185328482022-01-11 12:20:03.334root 11241100x80000000000000003909920Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d16a315bf33d93512022-01-11 12:20:03.334root 11241100x80000000000000003909921Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b214be1355d482722022-01-11 12:20:03.334root 11241100x80000000000000003909922Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4759cddef39ce8d92022-01-11 12:20:03.335root 11241100x80000000000000003909923Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90004a479dca7eaa2022-01-11 12:20:03.335root 11241100x80000000000000003909924Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a31f4e55d32f2e882022-01-11 12:20:03.335root 11241100x80000000000000003909925Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a0cfc19253e95462022-01-11 12:20:03.335root 11241100x80000000000000003909926Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01b888f00049ca332022-01-11 12:20:03.335root 11241100x80000000000000003909927Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0c1da313845c5342022-01-11 12:20:03.834root 11241100x80000000000000003909928Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.691c36589440ed562022-01-11 12:20:03.834root 11241100x80000000000000003909929Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1de6bf762a3789192022-01-11 12:20:03.834root 11241100x80000000000000003909930Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7666dfde358848ba2022-01-11 12:20:03.834root 11241100x80000000000000003909931Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f81b4d1fd46a1e52022-01-11 12:20:03.834root 11241100x80000000000000003909932Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8c4eb837e2ce79b2022-01-11 12:20:03.834root 11241100x80000000000000003909933Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.98cdcdf0d049160c2022-01-11 12:20:03.834root 11241100x80000000000000003909934Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2bd08c8716ea5e72022-01-11 12:20:03.834root 11241100x80000000000000003909935Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f43b2e5a3b4e6b92022-01-11 12:20:03.834root 11241100x80000000000000003909936Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25a0d6d594b5203c2022-01-11 12:20:03.834root 11241100x80000000000000003909937Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3a39f7cfb07527b2022-01-11 12:20:03.834root 11241100x80000000000000003909938Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f027b239dc04fe82022-01-11 12:20:03.835root 11241100x80000000000000003909939Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6a65dd31673e6132022-01-11 12:20:03.835root 11241100x80000000000000003909940Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf6a07dd9b2416c62022-01-11 12:20:03.835root 11241100x80000000000000003909941Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.367dad3e024c22ef2022-01-11 12:20:03.835root 11241100x80000000000000003909942Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8ee38b1085ed55f2022-01-11 12:20:03.835root 11241100x80000000000000003909943Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:03.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37ff48fdc2435c492022-01-11 12:20:03.835root 11241100x80000000000000003909944Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3169af5b6e732d122022-01-11 12:20:04.334root 11241100x80000000000000003909945Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0abd99633c44d7de2022-01-11 12:20:04.334root 11241100x80000000000000003909946Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e779fef5962d07e2022-01-11 12:20:04.334root 11241100x80000000000000003909947Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a493ca73fb7d6a1a2022-01-11 12:20:04.334root 11241100x80000000000000003909948Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee890386a10b3c7c2022-01-11 12:20:04.334root 11241100x80000000000000003909949Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8114dea36f5cfbb42022-01-11 12:20:04.334root 11241100x80000000000000003909950Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5003e1a2036916432022-01-11 12:20:04.334root 11241100x80000000000000003909951Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2bb6746a2b82c3c42022-01-11 12:20:04.334root 11241100x80000000000000003909952Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.28d415d2f1c81d892022-01-11 12:20:04.334root 11241100x80000000000000003909953Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76d86b02788b0b422022-01-11 12:20:04.334root 11241100x80000000000000003909954Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a50ae4559c21d03a2022-01-11 12:20:04.334root 11241100x80000000000000003909955Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.612ec954732d27b22022-01-11 12:20:04.335root 11241100x80000000000000003909956Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2f960727c0b7a7a2022-01-11 12:20:04.335root 11241100x80000000000000003909957Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fe75c110584cad32022-01-11 12:20:04.335root 11241100x80000000000000003909958Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c96b44bf61a75c32022-01-11 12:20:04.335root 11241100x80000000000000003909959Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b69891ac043439472022-01-11 12:20:04.335root 11241100x80000000000000003909960Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.354a2b1f126613232022-01-11 12:20:04.335root 11241100x80000000000000003909961Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f2feab9ac79f1882022-01-11 12:20:04.834root 11241100x80000000000000003909962Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d0c97be72ac93e212022-01-11 12:20:04.834root 11241100x80000000000000003909963Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c513d283e65e2a342022-01-11 12:20:04.834root 11241100x80000000000000003909964Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7b17f21f917db962022-01-11 12:20:04.834root 11241100x80000000000000003909965Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93935a700210faf42022-01-11 12:20:04.834root 11241100x80000000000000003909966Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46083924184c87fd2022-01-11 12:20:04.834root 11241100x80000000000000003909967Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9538b7f5cf97cdd52022-01-11 12:20:04.834root 11241100x80000000000000003909968Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.351f2fd313cd5ccd2022-01-11 12:20:04.835root 11241100x80000000000000003909969Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8a7d0be84cf98572022-01-11 12:20:04.835root 11241100x80000000000000003909970Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dafcf8cf667e6d622022-01-11 12:20:04.835root 11241100x80000000000000003909971Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f467e99aaaa3cf572022-01-11 12:20:04.835root 11241100x80000000000000003909972Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.541b66343c0751b62022-01-11 12:20:04.835root 11241100x80000000000000003909973Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f643f03ca3f78ca2022-01-11 12:20:04.835root 11241100x80000000000000003909974Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.60587aa1a6a96ec42022-01-11 12:20:04.835root 11241100x80000000000000003909975Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec759d0b7a4337a42022-01-11 12:20:04.835root 11241100x80000000000000003909976Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16bca8a8c8af71a52022-01-11 12:20:04.836root 11241100x80000000000000003909977Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:04.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9e7c6565cdc30ca2022-01-11 12:20:04.836root 11241100x80000000000000003909978Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d8bedd444d36b6c2022-01-11 12:20:05.334root 11241100x80000000000000003909979Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea99d18270c5fcc92022-01-11 12:20:05.334root 11241100x80000000000000003909980Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a3d95d52eb30a9b2022-01-11 12:20:05.334root 11241100x80000000000000003909981Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b5db272d085918782022-01-11 12:20:05.334root 11241100x80000000000000003909982Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.567282fe94cb315a2022-01-11 12:20:05.335root 11241100x80000000000000003909983Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c673057908849eb2022-01-11 12:20:05.335root 11241100x80000000000000003909984Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1ff556ef45398172022-01-11 12:20:05.335root 11241100x80000000000000003909985Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93e23efa4db7ba232022-01-11 12:20:05.335root 11241100x80000000000000003909986Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.543d9dd9eedbda2d2022-01-11 12:20:05.335root 11241100x80000000000000003909987Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c95cdc405d778b72022-01-11 12:20:05.335root 11241100x80000000000000003909988Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5fadcdfd775c009e2022-01-11 12:20:05.335root 11241100x80000000000000003909989Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d4800a3c5d1ccb82022-01-11 12:20:05.335root 11241100x80000000000000003909990Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f69fd993dc3768ed2022-01-11 12:20:05.335root 11241100x80000000000000003909991Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de28a65032aa48062022-01-11 12:20:05.335root 11241100x80000000000000003909992Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44afcc5d5d835cc02022-01-11 12:20:05.335root 11241100x80000000000000003909993Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a374318dd33695d2022-01-11 12:20:05.336root 11241100x80000000000000003909994Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7d26730103b889b2022-01-11 12:20:05.336root 11241100x80000000000000003909995Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4d30d059858d859e2022-01-11 12:20:05.834root 11241100x80000000000000003909996Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f83d344084d3b0312022-01-11 12:20:05.834root 11241100x80000000000000003909997Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf2c63abd32fc1012022-01-11 12:20:05.834root 11241100x80000000000000003909998Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.60e8eb2c0ff1730b2022-01-11 12:20:05.834root 11241100x80000000000000003909999Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b22cd6976bbbd4002022-01-11 12:20:05.834root 11241100x80000000000000003910000Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1e66a791e61925a2022-01-11 12:20:05.834root 11241100x80000000000000003910001Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.326a63014e84b5112022-01-11 12:20:05.834root 11241100x80000000000000003910002Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2f04a08ca4ab2c42022-01-11 12:20:05.834root 11241100x80000000000000003910003Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7c3905eac45786b2022-01-11 12:20:05.834root 11241100x80000000000000003910004Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65f6ce56d2958a402022-01-11 12:20:05.834root 11241100x80000000000000003910005Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b1a1805dbe135dc2022-01-11 12:20:05.834root 11241100x80000000000000003910006Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3923ef76997c9dd92022-01-11 12:20:05.834root 11241100x80000000000000003910007Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f10242009b8998372022-01-11 12:20:05.835root 11241100x80000000000000003910008Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f5d3087d058c59d82022-01-11 12:20:05.835root 11241100x80000000000000003910009Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37f4aad5bc68850a2022-01-11 12:20:05.835root 11241100x80000000000000003910010Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.256073283a584c6e2022-01-11 12:20:05.835root 11241100x80000000000000003910011Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:05.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.156b51e1f87cbc152022-01-11 12:20:05.835root 11241100x80000000000000003910012Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c485a85258210aae2022-01-11 12:20:06.334root 11241100x80000000000000003910013Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6edd300b285df2992022-01-11 12:20:06.334root 11241100x80000000000000003910014Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f527a0d6efe2fc42022-01-11 12:20:06.334root 11241100x80000000000000003910015Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d40394cbe17f4ac32022-01-11 12:20:06.334root 11241100x80000000000000003910016Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fcf2803e67222172022-01-11 12:20:06.334root 11241100x80000000000000003910017Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3144870b381dd8b92022-01-11 12:20:06.334root 11241100x80000000000000003910018Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1bb571f39604c352022-01-11 12:20:06.334root 11241100x80000000000000003910019Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8bf7d153ddf2bf682022-01-11 12:20:06.334root 11241100x80000000000000003910020Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1407b4cf1a899a22022-01-11 12:20:06.334root 11241100x80000000000000003910021Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1bdcf01e63d334162022-01-11 12:20:06.334root 11241100x80000000000000003910022Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f27ad54b8115dcb2022-01-11 12:20:06.335root 11241100x80000000000000003910023Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.099e565b894a0fa42022-01-11 12:20:06.335root 11241100x80000000000000003910024Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0cda640fa22adc72022-01-11 12:20:06.335root 11241100x80000000000000003910025Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c4b71a82e8478f92022-01-11 12:20:06.335root 11241100x80000000000000003910026Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2476d57f6aef8b7c2022-01-11 12:20:06.335root 11241100x80000000000000003910027Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.71b84c7de92be84d2022-01-11 12:20:06.335root 11241100x80000000000000003910028Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d8711f36dd336dc2022-01-11 12:20:06.335root 11241100x80000000000000003910029Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6c1158e6e6c5dd62022-01-11 12:20:06.834root 11241100x80000000000000003910030Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.beee96e8a046e3222022-01-11 12:20:06.834root 11241100x80000000000000003910031Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9484d3298f2439e2022-01-11 12:20:06.834root 11241100x80000000000000003910032Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8886a89845027ac2022-01-11 12:20:06.834root 11241100x80000000000000003910033Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f37cd972ab65180a2022-01-11 12:20:06.834root 11241100x80000000000000003910034Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3dffd0132406b8da2022-01-11 12:20:06.834root 11241100x80000000000000003910035Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b61798649155330f2022-01-11 12:20:06.834root 11241100x80000000000000003910036Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11bd417d6deeda282022-01-11 12:20:06.834root 11241100x80000000000000003910037Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25cdfb3a413de9642022-01-11 12:20:06.834root 11241100x80000000000000003910038Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0afbf4df84b270572022-01-11 12:20:06.834root 11241100x80000000000000003910039Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f083381011da0792022-01-11 12:20:06.834root 11241100x80000000000000003910040Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5089e09f93b47aff2022-01-11 12:20:06.834root 11241100x80000000000000003910041Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f92d0057f2c29af2022-01-11 12:20:06.835root 11241100x80000000000000003910042Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81045b59dc90b8aa2022-01-11 12:20:06.835root 11241100x80000000000000003910043Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2faf82b42ba46952022-01-11 12:20:06.835root 11241100x80000000000000003910044Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ab946d9651ac0802022-01-11 12:20:06.835root 11241100x80000000000000003910045Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:06.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20f5a098e28435582022-01-11 12:20:06.835root 354300x80000000000000003910046Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.069{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56286-false10.0.1.12-8000- 11241100x80000000000000003910047Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b326e91f265f3e52022-01-11 12:20:07.334root 11241100x80000000000000003910048Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.420c7cf7c2d7b6172022-01-11 12:20:07.334root 11241100x80000000000000003910049Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b536c8f8e0b53ec02022-01-11 12:20:07.334root 11241100x80000000000000003910050Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.750d1aba93a595162022-01-11 12:20:07.334root 11241100x80000000000000003910051Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08ed290d896b92962022-01-11 12:20:07.334root 11241100x80000000000000003910052Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec353ceba811526a2022-01-11 12:20:07.334root 11241100x80000000000000003910053Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8084f71cbb930ddb2022-01-11 12:20:07.334root 11241100x80000000000000003910054Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d6aaf9b1ab40e1b2022-01-11 12:20:07.334root 11241100x80000000000000003910055Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9487eff6bc0acf232022-01-11 12:20:07.334root 11241100x80000000000000003910056Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b492fef31b32d11e2022-01-11 12:20:07.334root 11241100x80000000000000003910057Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fadcce0dbf4990d92022-01-11 12:20:07.334root 11241100x80000000000000003910058Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.75365c7c570149d62022-01-11 12:20:07.334root 11241100x80000000000000003910059Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7aaae35479b4fbc2022-01-11 12:20:07.335root 11241100x80000000000000003910060Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7df4797fe5f6ee62022-01-11 12:20:07.335root 11241100x80000000000000003910061Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d9dbee43f2d8f39e2022-01-11 12:20:07.335root 11241100x80000000000000003910062Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6b624f7382867ca2022-01-11 12:20:07.335root 11241100x80000000000000003910063Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b498f8746056c212022-01-11 12:20:07.335root 11241100x80000000000000003910064Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af9a28e9710bf4fd2022-01-11 12:20:07.335root 11241100x80000000000000003910065Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5260d1ad802897d42022-01-11 12:20:07.834root 11241100x80000000000000003910066Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ddc7560ca2eb2a702022-01-11 12:20:07.834root 11241100x80000000000000003910067Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b85fb9d2f162d0bd2022-01-11 12:20:07.834root 11241100x80000000000000003910068Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7f0b0f3338be1bf2022-01-11 12:20:07.834root 11241100x80000000000000003910069Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c50b7b2a8737e482022-01-11 12:20:07.834root 11241100x80000000000000003910070Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c3f34a7fa86b83e2022-01-11 12:20:07.834root 11241100x80000000000000003910071Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed14f8f5f0786e4a2022-01-11 12:20:07.834root 11241100x80000000000000003910072Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e67962a4e2212692022-01-11 12:20:07.834root 11241100x80000000000000003910073Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc4e6b47eaffd6f72022-01-11 12:20:07.834root 11241100x80000000000000003910074Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf272c490ee1497f2022-01-11 12:20:07.834root 11241100x80000000000000003910075Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2cc95008a816e6732022-01-11 12:20:07.835root 11241100x80000000000000003910076Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a41ac5029912a6f2022-01-11 12:20:07.835root 11241100x80000000000000003910077Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a037241ba1ee5c052022-01-11 12:20:07.835root 11241100x80000000000000003910078Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.542f2ab0d1f721772022-01-11 12:20:07.835root 11241100x80000000000000003910079Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.759edc668f240ef12022-01-11 12:20:07.835root 11241100x80000000000000003910080Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba38a2089b7014ab2022-01-11 12:20:07.835root 11241100x80000000000000003910081Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57bac0e693ba58a12022-01-11 12:20:07.835root 11241100x80000000000000003910082Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:07.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d77f2884a56603842022-01-11 12:20:07.835root 11241100x80000000000000003910083Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6ee010fac33dddc2022-01-11 12:20:08.334root 11241100x80000000000000003910084Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22d7fca324753a762022-01-11 12:20:08.334root 11241100x80000000000000003910085Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72803d522dd8884d2022-01-11 12:20:08.334root 11241100x80000000000000003910086Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09c0970b6a597d2c2022-01-11 12:20:08.334root 11241100x80000000000000003910087Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.091a171c06950d682022-01-11 12:20:08.334root 11241100x80000000000000003910088Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b21190c8121a08772022-01-11 12:20:08.334root 11241100x80000000000000003910089Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8c14f088f1e5fd52022-01-11 12:20:08.335root 11241100x80000000000000003910090Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3274458af9ace932022-01-11 12:20:08.335root 11241100x80000000000000003910091Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b06f74f916a1c2c12022-01-11 12:20:08.335root 11241100x80000000000000003910092Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d77bfc47dae12e7a2022-01-11 12:20:08.335root 11241100x80000000000000003910093Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aad74767ed4c84722022-01-11 12:20:08.335root 11241100x80000000000000003910094Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.899cc5cd72db0b452022-01-11 12:20:08.335root 11241100x80000000000000003910095Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6f5c0e40eddcb242022-01-11 12:20:08.335root 11241100x80000000000000003910096Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d96d7daf35c432892022-01-11 12:20:08.335root 11241100x80000000000000003910097Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fed84c13d476c5382022-01-11 12:20:08.335root 11241100x80000000000000003910098Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bae6c4f80fcbedc32022-01-11 12:20:08.336root 11241100x80000000000000003910099Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00983a2a38b579212022-01-11 12:20:08.336root 11241100x80000000000000003910100Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.977f9d379c7e7ae32022-01-11 12:20:08.336root 11241100x80000000000000003910101Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa988013d5e659172022-01-11 12:20:08.834root 11241100x80000000000000003910102Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c4e3667433089feb2022-01-11 12:20:08.834root 11241100x80000000000000003910103Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca8c21f02ab445ca2022-01-11 12:20:08.834root 11241100x80000000000000003910104Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61c2527abd7aca652022-01-11 12:20:08.834root 11241100x80000000000000003910105Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93b6469085402d452022-01-11 12:20:08.834root 11241100x80000000000000003910106Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0517a17a2d3bb9042022-01-11 12:20:08.834root 11241100x80000000000000003910107Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8d28cb278e09cb92022-01-11 12:20:08.834root 11241100x80000000000000003910108Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15c7cb7f8df7fbd22022-01-11 12:20:08.835root 11241100x80000000000000003910109Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0aa043448913dac72022-01-11 12:20:08.835root 11241100x80000000000000003910110Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c20da1bd13ef5132022-01-11 12:20:08.835root 11241100x80000000000000003910111Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d685f17513f951f22022-01-11 12:20:08.835root 11241100x80000000000000003910112Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e70ea82e5e29be62022-01-11 12:20:08.835root 11241100x80000000000000003910113Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74c9f293b3fc16c12022-01-11 12:20:08.835root 11241100x80000000000000003910114Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e6f126e782f32072022-01-11 12:20:08.835root 11241100x80000000000000003910115Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e65213162e3cf8572022-01-11 12:20:08.835root 11241100x80000000000000003910116Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b050238cfe7fee9f2022-01-11 12:20:08.835root 11241100x80000000000000003910117Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04914e8392c989c62022-01-11 12:20:08.836root 11241100x80000000000000003910118Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:08.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e38183e18d34b3a22022-01-11 12:20:08.836root 11241100x80000000000000003910119Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1795dfd030b03052022-01-11 12:20:09.334root 11241100x80000000000000003910120Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ddf6d3087ea117a12022-01-11 12:20:09.334root 11241100x80000000000000003910121Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb6884e387ae63392022-01-11 12:20:09.334root 11241100x80000000000000003910122Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ffe7e3f2c197af042022-01-11 12:20:09.334root 11241100x80000000000000003910123Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2cf5899aacaaab22022-01-11 12:20:09.334root 11241100x80000000000000003910124Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46011dc09ee01ae52022-01-11 12:20:09.335root 11241100x80000000000000003910125Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc8c04f3248116e42022-01-11 12:20:09.335root 11241100x80000000000000003910126Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40b12b8f6209e6ef2022-01-11 12:20:09.335root 11241100x80000000000000003910127Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96fdc84376dc8dd42022-01-11 12:20:09.335root 11241100x80000000000000003910128Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ece0b5d337c9fbe22022-01-11 12:20:09.335root 11241100x80000000000000003910129Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f16fdbf3def43eb82022-01-11 12:20:09.335root 11241100x80000000000000003910130Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.404986d17464c04e2022-01-11 12:20:09.335root 11241100x80000000000000003910131Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f43a1a07a126daad2022-01-11 12:20:09.335root 11241100x80000000000000003910132Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.880a084bb428dc1b2022-01-11 12:20:09.335root 11241100x80000000000000003910133Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.091ed0ac6832ee9a2022-01-11 12:20:09.336root 11241100x80000000000000003910134Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7badb9e16bfd16162022-01-11 12:20:09.336root 11241100x80000000000000003910135Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d8b7b7202c28c912022-01-11 12:20:09.336root 11241100x80000000000000003910136Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96e472eb8b4ed7d62022-01-11 12:20:09.336root 11241100x80000000000000003910137Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.588be26fa96cd3ca2022-01-11 12:20:09.834root 11241100x80000000000000003910138Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d9a17851126c99172022-01-11 12:20:09.834root 11241100x80000000000000003910139Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ea52448b8a7d1142022-01-11 12:20:09.834root 11241100x80000000000000003910140Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80be1026146521ec2022-01-11 12:20:09.834root 11241100x80000000000000003910141Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa60df442b39a6032022-01-11 12:20:09.835root 11241100x80000000000000003910142Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63d654fdbb62bf102022-01-11 12:20:09.835root 11241100x80000000000000003910143Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25df2bd2d24af65b2022-01-11 12:20:09.835root 11241100x80000000000000003910144Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77bb211b33d2eaa82022-01-11 12:20:09.835root 11241100x80000000000000003910145Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f04d44bcd8b603d42022-01-11 12:20:09.835root 11241100x80000000000000003910146Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c84196fadc49077a2022-01-11 12:20:09.835root 11241100x80000000000000003910147Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e80897a961ed9012022-01-11 12:20:09.835root 11241100x80000000000000003910148Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e62d07216d7ac4112022-01-11 12:20:09.836root 11241100x80000000000000003910149Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3462d265f67a815e2022-01-11 12:20:09.836root 11241100x80000000000000003910150Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1872e06e4f690fb82022-01-11 12:20:09.836root 11241100x80000000000000003910151Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1cd430103d31eb62022-01-11 12:20:09.836root 11241100x80000000000000003910152Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b59f3510ccfae48d2022-01-11 12:20:09.836root 11241100x80000000000000003910153Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f7c5b49bfb58f0642022-01-11 12:20:09.836root 11241100x80000000000000003910154Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:09.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a4c54797b544bd52022-01-11 12:20:09.836root 11241100x80000000000000003910155Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:10.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e25e8f4f07d012902022-01-11 12:20:10.334root 11241100x80000000000000003910156Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:10.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4101fdb2a8f795b52022-01-11 12:20:10.334root 11241100x80000000000000003910157Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:10.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6410c78731147e82022-01-11 12:20:10.334root 11241100x80000000000000003910158Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:10.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.64dbc17467274f572022-01-11 12:20:10.334root 11241100x80000000000000003910159Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:10.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.64f4a7484f3c11112022-01-11 12:20:10.334root 11241100x80000000000000003910160Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:10.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e383811b110ca56d2022-01-11 12:20:10.334root 11241100x80000000000000003910161Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:10.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2cc2fc7ee731f50a2022-01-11 12:20:10.334root 11241100x80000000000000003910162Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:10.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1749f954dc7a59172022-01-11 12:20:10.334root 11241100x80000000000000003910163Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:10.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41a3a09f858ae3fd2022-01-11 12:20:10.334root 11241100x80000000000000003910164Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:10.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21d4e3bb5c8b78672022-01-11 12:20:10.334root 11241100x80000000000000003910165Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:10.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b5b4d171e8e974422022-01-11 12:20:10.335root 11241100x80000000000000003910166Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:10.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3df4d0590e8cd8c02022-01-11 12:20:10.335root 11241100x80000000000000003910167Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:10.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e33530a4b7006332022-01-11 12:20:10.335root 11241100x80000000000000003910168Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:10.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5330329602fb17392022-01-11 12:20:10.335root 11241100x80000000000000003910169Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:10.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aee97d59a2a71a0b2022-01-11 12:20:10.335root 11241100x80000000000000003910170Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:10.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56b214f1f11309132022-01-11 12:20:10.335root 11241100x80000000000000003910171Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:10.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7a4da745c922c892022-01-11 12:20:10.335root 11241100x80000000000000003910172Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:10.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f6c829e91a918b72022-01-11 12:20:10.335root 11241100x80000000000000003910173Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:10.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3af0c2f872f8bc6c2022-01-11 12:20:10.834root 11241100x80000000000000003910174Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:10.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43b017c0d00a79132022-01-11 12:20:10.834root 11241100x80000000000000003910175Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:10.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bef4212138fa87a02022-01-11 12:20:10.834root 11241100x80000000000000003910176Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:10.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f4f535ef5069d922022-01-11 12:20:10.834root 11241100x80000000000000003910177Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:10.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b798715feab700f2022-01-11 12:20:10.834root 11241100x80000000000000003910178Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:10.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37ee7ab4556835d72022-01-11 12:20:10.834root 11241100x80000000000000003910179Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:10.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b9e94cad29545ab2022-01-11 12:20:10.834root 11241100x80000000000000003910180Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:10.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f27e91eb321a6952022-01-11 12:20:10.834root 11241100x80000000000000003910181Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:10.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f455f6529cfbbc652022-01-11 12:20:10.834root 11241100x80000000000000003910182Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:10.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d7502c0dce1e48b2022-01-11 12:20:10.834root 11241100x80000000000000003910183Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:10.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4cda7debcc59c2a02022-01-11 12:20:10.835root 11241100x80000000000000003910184Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:10.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ebbe92e7ecc91ec82022-01-11 12:20:10.835root 11241100x80000000000000003910185Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:10.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad17dacc329b2a0c2022-01-11 12:20:10.835root 11241100x80000000000000003910186Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:10.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.201bbfff60cd2cf12022-01-11 12:20:10.835root 11241100x80000000000000003910187Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:10.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37bb4eafc73e28fd2022-01-11 12:20:10.835root 11241100x80000000000000003910188Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:10.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c98b991f86e3cc12022-01-11 12:20:10.835root 11241100x80000000000000003910189Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:10.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.658d04922513144a2022-01-11 12:20:10.835root 11241100x80000000000000003910190Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:10.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d344963b4709e3b2022-01-11 12:20:10.835root 11241100x80000000000000003910191Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:11.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5895e7f2455937402022-01-11 12:20:11.334root 11241100x80000000000000003910192Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:11.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.854caa12a6c523b12022-01-11 12:20:11.334root 11241100x80000000000000003910193Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:11.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.70cd5ff2ef0f37d12022-01-11 12:20:11.334root 11241100x80000000000000003910194Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:11.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9556d2bbead9c4f2022-01-11 12:20:11.334root 11241100x80000000000000003910195Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:11.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3d9a3f4877e7ad52022-01-11 12:20:11.335root 11241100x80000000000000003910196Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:11.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0857becde12de642022-01-11 12:20:11.335root 11241100x80000000000000003910197Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:11.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d2144e4fabd48752022-01-11 12:20:11.335root 11241100x80000000000000003910198Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:11.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dedaec98fd329d442022-01-11 12:20:11.335root 11241100x80000000000000003910199Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:11.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bcbd31c1d50b18212022-01-11 12:20:11.335root 11241100x80000000000000003910200Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:11.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4379bb0a0b4e8eb92022-01-11 12:20:11.336root 11241100x80000000000000003910201Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:11.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a84920f022bac9222022-01-11 12:20:11.336root 11241100x80000000000000003910202Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:11.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82644d8ffa88525d2022-01-11 12:20:11.336root 11241100x80000000000000003910203Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:11.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8127bcc65ea23ede2022-01-11 12:20:11.336root 11241100x80000000000000003910204Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:11.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c21791f7989719792022-01-11 12:20:11.336root 11241100x80000000000000003910205Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:11.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6cea3f9f0bfc00242022-01-11 12:20:11.337root 11241100x80000000000000003910206Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:11.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aad37595d37bb8462022-01-11 12:20:11.337root 11241100x80000000000000003910207Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:11.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fcd5052b97bd1142022-01-11 12:20:11.337root 11241100x80000000000000003910208Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:11.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4bb34ec671cd6d0f2022-01-11 12:20:11.337root 11241100x80000000000000003910209Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:11.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d27f67b0f6ebf632022-01-11 12:20:11.337root 11241100x80000000000000003910210Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:11.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc14f90960273be52022-01-11 12:20:11.337root 11241100x80000000000000003910211Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:11.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a095d8ccccefd9952022-01-11 12:20:11.338root 11241100x80000000000000003910212Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:11.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08adf333b7b802c82022-01-11 12:20:11.834root 11241100x80000000000000003910213Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:11.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f53d1ca663f914d2022-01-11 12:20:11.834root 11241100x80000000000000003910214Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:11.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c297c7474a52a382022-01-11 12:20:11.834root 11241100x80000000000000003910215Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:11.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e46ebce85fb6546a2022-01-11 12:20:11.834root 11241100x80000000000000003910216Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:11.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8deb2db4e518b172022-01-11 12:20:11.834root 11241100x80000000000000003910217Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:11.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e1c1db721691e552022-01-11 12:20:11.834root 11241100x80000000000000003910218Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:11.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ef45750828804282022-01-11 12:20:11.835root 11241100x80000000000000003910219Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:11.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77504f4d1d11a9212022-01-11 12:20:11.835root 11241100x80000000000000003910220Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:11.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.132ef4e8a0b4bf222022-01-11 12:20:11.835root 11241100x80000000000000003910221Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:11.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a739ad135a18e1582022-01-11 12:20:11.835root 11241100x80000000000000003910222Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:11.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ba205500aed0d9a2022-01-11 12:20:11.835root 11241100x80000000000000003910223Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:11.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2bc701f889fd3ad2022-01-11 12:20:11.835root 11241100x80000000000000003910224Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:11.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.797c0253e2d808a42022-01-11 12:20:11.835root 11241100x80000000000000003910225Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:11.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1efa87e75226e3c2022-01-11 12:20:11.835root 11241100x80000000000000003910226Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:11.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b7d45da51f4878a2022-01-11 12:20:11.835root 11241100x80000000000000003910227Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:11.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93a87b4e894f1ee52022-01-11 12:20:11.836root 11241100x80000000000000003910228Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:11.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16f70ae7b6a14f272022-01-11 12:20:11.836root 11241100x80000000000000003910229Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:11.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e03b5cbc2ef19782022-01-11 12:20:11.836root 354300x80000000000000003910230Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:12.100{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56288-false10.0.1.12-8000- 11241100x80000000000000003910231Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:12.101{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f52541626dab669b2022-01-11 12:20:12.101root 11241100x80000000000000003910232Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:12.101{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83f811ff2171ce222022-01-11 12:20:12.101root 11241100x80000000000000003910233Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:12.101{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfeda21cf38b540d2022-01-11 12:20:12.101root 11241100x80000000000000003910234Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:12.101{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.761780cff9f59f552022-01-11 12:20:12.101root 11241100x80000000000000003910235Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:12.101{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21172229a7eced272022-01-11 12:20:12.101root 11241100x80000000000000003910236Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:12.101{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83ecbde21b8be9962022-01-11 12:20:12.101root 11241100x80000000000000003910237Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:12.101{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8a732c6e7eff5932022-01-11 12:20:12.101root 11241100x80000000000000003910238Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:12.101{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb87a4edc7d8f5fc2022-01-11 12:20:12.101root 11241100x80000000000000003910239Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:12.102{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d460bc1d6aad75e12022-01-11 12:20:12.102root 11241100x80000000000000003910240Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:12.102{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c771f79404985e42022-01-11 12:20:12.102root 11241100x80000000000000003910241Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:12.102{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9701bbe5718daf0c2022-01-11 12:20:12.102root 11241100x80000000000000003910242Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:12.102{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c22176060b012862022-01-11 12:20:12.102root 11241100x80000000000000003910243Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:12.102{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1adfa4cf3658a1882022-01-11 12:20:12.102root 11241100x80000000000000003910244Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:12.102{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1754f087e831e5742022-01-11 12:20:12.102root 11241100x80000000000000003910245Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:12.102{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5902add1f2a8385c2022-01-11 12:20:12.102root 11241100x80000000000000003910246Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:12.102{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b077c496267550cf2022-01-11 12:20:12.102root 11241100x80000000000000003910247Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:12.102{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.805e2589a67a93502022-01-11 12:20:12.102root 11241100x80000000000000003910248Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:12.102{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e9df90babfdd7e62022-01-11 12:20:12.102root 11241100x80000000000000003910249Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:12.102{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.200624a55d7ea6e42022-01-11 12:20:12.102root 11241100x80000000000000003910250Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:12.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.643daa302d1442c92022-01-11 12:20:12.583root 11241100x80000000000000003910251Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:12.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a49df590ac5e82b2022-01-11 12:20:12.583root 11241100x80000000000000003910252Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:12.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8713e3f68657623c2022-01-11 12:20:12.583root 11241100x80000000000000003910253Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:12.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5728bde87b5a88b72022-01-11 12:20:12.583root 11241100x80000000000000003910254Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:12.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c90035c051580b1e2022-01-11 12:20:12.583root 11241100x80000000000000003910255Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:12.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0043ee1302085632022-01-11 12:20:12.584root 11241100x80000000000000003910256Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:12.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c0c171821adf4d02022-01-11 12:20:12.584root 11241100x80000000000000003910257Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:12.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.864e2835ebcf92512022-01-11 12:20:12.584root 11241100x80000000000000003910258Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:12.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc5cb528a77ba3fd2022-01-11 12:20:12.584root 11241100x80000000000000003910259Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:12.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.abcf0fa36b2a813f2022-01-11 12:20:12.584root 11241100x80000000000000003910260Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:12.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1f9c369adf0943d2022-01-11 12:20:12.584root 11241100x80000000000000003910261Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:12.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8891362d93723d312022-01-11 12:20:12.584root 11241100x80000000000000003910262Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:12.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11364b7a8dd480c32022-01-11 12:20:12.584root 11241100x80000000000000003910263Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:12.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c047ca0e0d8e2012022-01-11 12:20:12.584root 11241100x80000000000000003910264Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:12.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e704c898f54400372022-01-11 12:20:12.584root 11241100x80000000000000003910265Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:12.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0087612c96149d8c2022-01-11 12:20:12.584root 11241100x80000000000000003910266Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:12.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.629bfa6734e2d7302022-01-11 12:20:12.584root 11241100x80000000000000003910267Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:12.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0233bde84eacf2252022-01-11 12:20:12.584root 11241100x80000000000000003910268Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:12.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e8790bb2bc405722022-01-11 12:20:12.584root 11241100x80000000000000003910269Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:12.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10b8aa8e526af2192022-01-11 12:20:12.584root 11241100x80000000000000003910270Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:12.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0fc20162afb4c6692022-01-11 12:20:12.585root 11241100x80000000000000003910271Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:12.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22ccf732b1e0cd182022-01-11 12:20:12.585root 11241100x80000000000000003910272Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:13.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.653e64abe69d6d772022-01-11 12:20:13.083root 11241100x80000000000000003910273Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:13.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26c06537acfe0f5f2022-01-11 12:20:13.083root 11241100x80000000000000003910274Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:13.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d03c9dcaf60de8722022-01-11 12:20:13.084root 11241100x80000000000000003910275Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:13.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.065da5b640d3001c2022-01-11 12:20:13.084root 11241100x80000000000000003910276Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:13.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df93597750eb4fe32022-01-11 12:20:13.084root 11241100x80000000000000003910277Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:13.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.763becfa674d8dbc2022-01-11 12:20:13.084root 11241100x80000000000000003910278Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:13.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34330d9f6f573c6e2022-01-11 12:20:13.085root 11241100x80000000000000003910279Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:13.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b01f75207aba9e82022-01-11 12:20:13.085root 11241100x80000000000000003910280Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:13.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.28c76d535e7810ce2022-01-11 12:20:13.085root 11241100x80000000000000003910281Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:13.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d4d2e15cb3e4a822022-01-11 12:20:13.085root 11241100x80000000000000003910282Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:13.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7eda8a89743ac5b32022-01-11 12:20:13.085root 11241100x80000000000000003910283Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:13.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9808cf254f192a42022-01-11 12:20:13.085root 11241100x80000000000000003910284Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:13.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.862eb04710f555572022-01-11 12:20:13.085root 11241100x80000000000000003910285Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:13.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b6a3400f39fbc8a2022-01-11 12:20:13.085root 11241100x80000000000000003910286Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:13.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.caf4e3f34508426a2022-01-11 12:20:13.085root 11241100x80000000000000003910287Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:13.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da7493343136ad002022-01-11 12:20:13.085root 11241100x80000000000000003910288Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:13.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2f595a5923a01f52022-01-11 12:20:13.085root 11241100x80000000000000003910289Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:13.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.278e95ecc999a3992022-01-11 12:20:13.085root 11241100x80000000000000003910290Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:13.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50f46fe3ff46ea962022-01-11 12:20:13.085root 11241100x80000000000000003910291Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:13.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.70f06a66299ee1c62022-01-11 12:20:13.583root 11241100x80000000000000003910292Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:13.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7436e23b65a7d8852022-01-11 12:20:13.583root 11241100x80000000000000003910293Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:13.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.821e7f76478ca4342022-01-11 12:20:13.583root 11241100x80000000000000003910294Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:13.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d9064b0b80d948c2022-01-11 12:20:13.583root 11241100x80000000000000003910295Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:13.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d07d9cae8227d9de2022-01-11 12:20:13.584root 11241100x80000000000000003910296Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:13.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2227c4bcf04039112022-01-11 12:20:13.584root 11241100x80000000000000003910297Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:13.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9852320fe51f560e2022-01-11 12:20:13.584root 11241100x80000000000000003910298Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:13.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ff683913d311c512022-01-11 12:20:13.584root 11241100x80000000000000003910299Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:13.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53f4af7071e726462022-01-11 12:20:13.584root 11241100x80000000000000003910300Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:13.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74cac38a289348932022-01-11 12:20:13.584root 11241100x80000000000000003910301Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:13.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46bf0d37b81b4d562022-01-11 12:20:13.584root 11241100x80000000000000003910302Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:13.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77c9e15c4e8f30622022-01-11 12:20:13.584root 11241100x80000000000000003910303Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:13.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad5933fceaa154e82022-01-11 12:20:13.584root 11241100x80000000000000003910304Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:13.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d82729758f347d22022-01-11 12:20:13.584root 11241100x80000000000000003910305Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:13.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b772c490c9f4d4a62022-01-11 12:20:13.584root 11241100x80000000000000003910306Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:13.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a95ca2a9cd05af222022-01-11 12:20:13.584root 11241100x80000000000000003910307Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:13.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf90f486bca2aaea2022-01-11 12:20:13.584root 11241100x80000000000000003910308Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:13.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b46f065846ac0e0d2022-01-11 12:20:13.584root 11241100x80000000000000003910309Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:13.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.64cdfcacc3c335572022-01-11 12:20:13.584root 11241100x80000000000000003910310Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:13.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8dfad2ca00cd2ae2022-01-11 12:20:13.585root 11241100x80000000000000003910311Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:14.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ad1a8d9351965ad2022-01-11 12:20:14.083root 11241100x80000000000000003910312Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:14.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f13c70902f63e8362022-01-11 12:20:14.084root 11241100x80000000000000003910313Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:14.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a551e8a21fc7a3ce2022-01-11 12:20:14.084root 11241100x80000000000000003910314Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:14.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8427c8c47932df12022-01-11 12:20:14.084root 11241100x80000000000000003910315Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:14.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4dda4ae4c8ee9752022-01-11 12:20:14.084root 11241100x80000000000000003910316Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:14.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba09b3ec7e1210852022-01-11 12:20:14.085root 11241100x80000000000000003910317Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:14.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d680ce96211c1be02022-01-11 12:20:14.085root 11241100x80000000000000003910318Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:14.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f13dfd97a8d8ae02022-01-11 12:20:14.085root 11241100x80000000000000003910319Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:14.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54f1be1c80b526cc2022-01-11 12:20:14.085root 11241100x80000000000000003910320Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:14.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25760cbafff0a8342022-01-11 12:20:14.085root 11241100x80000000000000003910321Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:14.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36e609f3abae82722022-01-11 12:20:14.085root 11241100x80000000000000003910322Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:14.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd19a901e9f7cb142022-01-11 12:20:14.085root 11241100x80000000000000003910323Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:14.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb2ec614921a4b4b2022-01-11 12:20:14.085root 11241100x80000000000000003910324Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:14.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e8bb2d78f8c8aaa2022-01-11 12:20:14.085root 11241100x80000000000000003910325Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:14.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ea18ce02979bd592022-01-11 12:20:14.085root 11241100x80000000000000003910326Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:14.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c064feae8a8f3ec62022-01-11 12:20:14.085root 11241100x80000000000000003910327Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:14.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.506bac68efe39b2f2022-01-11 12:20:14.085root 11241100x80000000000000003910328Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:14.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a15eb81c21df0b232022-01-11 12:20:14.085root 11241100x80000000000000003910329Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:14.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c53aae76cbb38aea2022-01-11 12:20:14.085root 11241100x80000000000000003910330Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:14.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43d6274cdb41c9cf2022-01-11 12:20:14.583root 11241100x80000000000000003910331Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:14.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25181432e5d829f82022-01-11 12:20:14.583root 11241100x80000000000000003910332Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:14.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d5cc2536130f6b52022-01-11 12:20:14.583root 11241100x80000000000000003910333Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:14.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.246fef398c9d2a862022-01-11 12:20:14.584root 11241100x80000000000000003910334Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:14.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e353ee86a460bce2022-01-11 12:20:14.584root 11241100x80000000000000003910335Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:14.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1fe6df3e060a27472022-01-11 12:20:14.584root 11241100x80000000000000003910336Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:14.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d68c300458ca45ef2022-01-11 12:20:14.584root 11241100x80000000000000003910337Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:14.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a953dab8c5828d8a2022-01-11 12:20:14.584root 11241100x80000000000000003910338Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:14.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36195bba52bf72b72022-01-11 12:20:14.584root 11241100x80000000000000003910339Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:14.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.07bff978f283356a2022-01-11 12:20:14.584root 11241100x80000000000000003910340Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:14.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93c2c6b990efb9b22022-01-11 12:20:14.584root 11241100x80000000000000003910341Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:14.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9398f6b80c4053372022-01-11 12:20:14.584root 11241100x80000000000000003910342Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:14.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1960feeb802343a62022-01-11 12:20:14.584root 11241100x80000000000000003910343Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:14.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c57db9742c35b3662022-01-11 12:20:14.585root 11241100x80000000000000003910344Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:14.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3aafea8259f5ca062022-01-11 12:20:14.585root 11241100x80000000000000003910345Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:14.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b6570986e9250032022-01-11 12:20:14.585root 11241100x80000000000000003910346Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:14.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab980f329c9fffa62022-01-11 12:20:14.585root 11241100x80000000000000003910347Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:14.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76914dcadc68c5a22022-01-11 12:20:14.585root 11241100x80000000000000003910348Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:14.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8254389ef12ac57f2022-01-11 12:20:14.585root 11241100x80000000000000003910349Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:14.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c693922d876a5712022-01-11 12:20:14.585root 11241100x80000000000000003910350Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:15.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1a66457eb6a26012022-01-11 12:20:15.084root 11241100x80000000000000003910351Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:15.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44c78368e4269cdb2022-01-11 12:20:15.084root 11241100x80000000000000003910352Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:15.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.60b058d483a6b39e2022-01-11 12:20:15.084root 11241100x80000000000000003910353Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:15.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d52faff6a4cddac2022-01-11 12:20:15.084root 11241100x80000000000000003910354Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:15.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.847cfe961538e3582022-01-11 12:20:15.084root 11241100x80000000000000003910355Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:15.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a50dd28c82b504ee2022-01-11 12:20:15.084root 11241100x80000000000000003910356Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:15.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4efdc219045ffc6f2022-01-11 12:20:15.084root 11241100x80000000000000003910357Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:15.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77cc5e08bb3fadf72022-01-11 12:20:15.084root 11241100x80000000000000003910358Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:15.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0951dccb93cf82bb2022-01-11 12:20:15.084root 11241100x80000000000000003910359Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:15.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c164dd328dd105462022-01-11 12:20:15.084root 11241100x80000000000000003910360Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:15.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.850211616e7d1b142022-01-11 12:20:15.085root 11241100x80000000000000003910361Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:15.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04825accf6e129352022-01-11 12:20:15.085root 11241100x80000000000000003910362Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:15.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.636729e7371a4dcd2022-01-11 12:20:15.085root 11241100x80000000000000003910363Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:15.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e64e3402ae82b6df2022-01-11 12:20:15.085root 11241100x80000000000000003910364Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:15.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a7daabb79ece7492022-01-11 12:20:15.085root 11241100x80000000000000003910365Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:15.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b09e336f7ca23c112022-01-11 12:20:15.085root 11241100x80000000000000003910366Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:15.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da5f6511f60e19622022-01-11 12:20:15.085root 11241100x80000000000000003910367Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:15.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2eece742858fbc42022-01-11 12:20:15.085root 11241100x80000000000000003910368Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:15.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a90c52233520b782022-01-11 12:20:15.085root 11241100x80000000000000003910369Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:15.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8dcbd6a54678a1ab2022-01-11 12:20:15.584root 11241100x80000000000000003910370Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:15.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c61968475144ae7b2022-01-11 12:20:15.584root 11241100x80000000000000003910371Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:15.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6ce84728572aa922022-01-11 12:20:15.584root 11241100x80000000000000003910372Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:15.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76a5c1cbe561a8c42022-01-11 12:20:15.584root 11241100x80000000000000003910373Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:15.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c44f279919c1ce52022-01-11 12:20:15.584root 11241100x80000000000000003910374Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:15.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ae849b09d63b6832022-01-11 12:20:15.584root 11241100x80000000000000003910375Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:15.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12fe6261a1b912c22022-01-11 12:20:15.584root 11241100x80000000000000003910376Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:15.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3749f992c0a365242022-01-11 12:20:15.584root 11241100x80000000000000003910377Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:15.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.71a946a572abd4232022-01-11 12:20:15.584root 11241100x80000000000000003910378Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:15.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2db1eec08707aa642022-01-11 12:20:15.584root 11241100x80000000000000003910379Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:15.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d23e93ee44d2a0cc2022-01-11 12:20:15.585root 11241100x80000000000000003910380Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:15.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d0e9b01dfcadcf12022-01-11 12:20:15.585root 11241100x80000000000000003910381Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:15.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c21fa6cdacb3671c2022-01-11 12:20:15.585root 11241100x80000000000000003910382Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:15.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d922706ac8602922022-01-11 12:20:15.585root 11241100x80000000000000003910383Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:15.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e66d73aa7357e8142022-01-11 12:20:15.585root 11241100x80000000000000003910384Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:15.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef3340dff3bb7c102022-01-11 12:20:15.585root 11241100x80000000000000003910385Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:15.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a9deeefd4955ec22022-01-11 12:20:15.585root 11241100x80000000000000003910386Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:15.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62bf96168cf7d7b92022-01-11 12:20:15.585root 11241100x80000000000000003910387Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:15.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08982b0797b766bc2022-01-11 12:20:15.585root 11241100x80000000000000003910388Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:16.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67e4cd945f84decb2022-01-11 12:20:16.084root 11241100x80000000000000003910389Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:16.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54e90823d92dfee62022-01-11 12:20:16.084root 11241100x80000000000000003910390Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:16.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d079761aa098cf62022-01-11 12:20:16.084root 11241100x80000000000000003910391Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:16.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1332a5afe7386b0e2022-01-11 12:20:16.084root 11241100x80000000000000003910392Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:16.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72fac86c3da82e132022-01-11 12:20:16.085root 11241100x80000000000000003910393Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:16.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9bc5745c93e69f262022-01-11 12:20:16.085root 11241100x80000000000000003910394Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:16.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.228a5624f4b90b232022-01-11 12:20:16.085root 11241100x80000000000000003910395Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:16.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1901cfdc9b698d212022-01-11 12:20:16.085root 11241100x80000000000000003910396Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:16.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9cc70fae8c306e422022-01-11 12:20:16.085root 11241100x80000000000000003910397Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:16.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6770b48cfff87c992022-01-11 12:20:16.085root 11241100x80000000000000003910398Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:16.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37573eb5828feabb2022-01-11 12:20:16.085root 11241100x80000000000000003910399Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:16.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9209a636613d0abc2022-01-11 12:20:16.086root 11241100x80000000000000003910400Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:16.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e18c445fd376cfca2022-01-11 12:20:16.086root 11241100x80000000000000003910401Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:16.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd0d312d767380212022-01-11 12:20:16.086root 11241100x80000000000000003910402Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:16.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e1102649cb08c0b2022-01-11 12:20:16.086root 11241100x80000000000000003910403Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:16.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3db7f923db50af702022-01-11 12:20:16.086root 11241100x80000000000000003910404Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:16.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e5031bae49be28b2022-01-11 12:20:16.086root 11241100x80000000000000003910405Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:16.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c3dc15d3031056d2022-01-11 12:20:16.086root 11241100x80000000000000003910406Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:16.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2dbf78abca8f9a7c2022-01-11 12:20:16.086root 11241100x80000000000000003910407Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:16.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b802a2e4f3334fe2022-01-11 12:20:16.583root 11241100x80000000000000003910408Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:16.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f5c211bcfc72d03e2022-01-11 12:20:16.584root 11241100x80000000000000003910409Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:16.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f260f06b43d331d52022-01-11 12:20:16.584root 11241100x80000000000000003910410Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:16.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39aec1edc96ec8882022-01-11 12:20:16.584root 11241100x80000000000000003910411Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:16.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25030f6b254a94312022-01-11 12:20:16.585root 11241100x80000000000000003910412Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:16.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a15e03de4409f5962022-01-11 12:20:16.585root 11241100x80000000000000003910413Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:16.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4acf452a0110ca0e2022-01-11 12:20:16.585root 11241100x80000000000000003910414Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:16.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86c876c405dfd4722022-01-11 12:20:16.586root 11241100x80000000000000003910415Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:16.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c99b4b8e1ccad23d2022-01-11 12:20:16.586root 11241100x80000000000000003910416Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:16.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79602a88ff8838e92022-01-11 12:20:16.586root 11241100x80000000000000003910417Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:16.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.13c8a76fb38670712022-01-11 12:20:16.587root 11241100x80000000000000003910418Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:16.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.78263e3fc14bd4772022-01-11 12:20:16.587root 11241100x80000000000000003910419Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:16.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b3c02dfa39488882022-01-11 12:20:16.587root 11241100x80000000000000003910420Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:16.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d31556825d26eeb12022-01-11 12:20:16.587root 11241100x80000000000000003910421Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:16.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38562065034f6d262022-01-11 12:20:16.587root 11241100x80000000000000003910422Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:16.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.927ab001c4924aea2022-01-11 12:20:16.588root 11241100x80000000000000003910423Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:16.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bec65d92bd18c8e02022-01-11 12:20:16.588root 11241100x80000000000000003910424Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:16.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.073f25f5467447322022-01-11 12:20:16.588root 11241100x80000000000000003910425Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:16.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e531190be7eddd5d2022-01-11 12:20:16.588root 11241100x80000000000000003910426Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:16.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec030bd0c79cfe1c2022-01-11 12:20:16.588root 11241100x80000000000000003910427Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95e8b34afb3dab052022-01-11 12:20:17.083root 11241100x80000000000000003910428Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4223d43b897048ac2022-01-11 12:20:17.083root 11241100x80000000000000003910429Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bda9d8c80c2bb4482022-01-11 12:20:17.083root 11241100x80000000000000003910430Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c958beff627066862022-01-11 12:20:17.083root 11241100x80000000000000003910431Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3845635b2e884442022-01-11 12:20:17.084root 11241100x80000000000000003910432Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d52822cd9bd4a862022-01-11 12:20:17.084root 11241100x80000000000000003910433Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5c3a630a02be75e2022-01-11 12:20:17.084root 11241100x80000000000000003910434Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c6c5a79c4cd5ba62022-01-11 12:20:17.084root 11241100x80000000000000003910435Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f395c1cb2f8fd5492022-01-11 12:20:17.084root 11241100x80000000000000003910436Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2fbd5bda96402f542022-01-11 12:20:17.084root 11241100x80000000000000003910437Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.208bdc98bc34223f2022-01-11 12:20:17.084root 11241100x80000000000000003910438Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7daa4ea3580a83252022-01-11 12:20:17.084root 11241100x80000000000000003910439Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d7ccfbdd4da11d62022-01-11 12:20:17.084root 11241100x80000000000000003910440Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac262ac57158f3cc2022-01-11 12:20:17.084root 11241100x80000000000000003910441Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f59e0965d1ef95452022-01-11 12:20:17.085root 11241100x80000000000000003910442Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d45c7a205ada702e2022-01-11 12:20:17.085root 11241100x80000000000000003910443Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72d6ca17d315fac42022-01-11 12:20:17.085root 11241100x80000000000000003910444Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01c531f18f6f11e72022-01-11 12:20:17.085root 11241100x80000000000000003910445Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.78022a680ea333552022-01-11 12:20:17.085root 11241100x80000000000000003910446Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1b4c151318dfe972022-01-11 12:20:17.085root 11241100x80000000000000003910447Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c6f62a481e34c1e2022-01-11 12:20:17.085root 11241100x80000000000000003910448Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.58a1095f64f43d072022-01-11 12:20:17.086root 11241100x80000000000000003910449Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e27a58c978eaabea2022-01-11 12:20:17.086root 11241100x80000000000000003910450Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eea8e4f38f19980d2022-01-11 12:20:17.086root 11241100x80000000000000003910451Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.092{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a7931be1862f07e2022-01-11 12:20:17.092root 11241100x80000000000000003910452Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.093{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.919ba650a5fff7872022-01-11 12:20:17.093root 354300x80000000000000003910453Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.165{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56290-false10.0.1.12-8000- 11241100x80000000000000003910454Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09553df54926935e2022-01-11 12:20:17.583root 11241100x80000000000000003910455Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.608840c4240f94272022-01-11 12:20:17.583root 11241100x80000000000000003910456Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0e28fb8b7ae48a32022-01-11 12:20:17.583root 11241100x80000000000000003910457Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7267561a5704ccd2022-01-11 12:20:17.583root 11241100x80000000000000003910458Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d12469b97ad358b2022-01-11 12:20:17.584root 11241100x80000000000000003910459Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88c9c790c71b25372022-01-11 12:20:17.584root 11241100x80000000000000003910460Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc676a97fc2b891e2022-01-11 12:20:17.584root 11241100x80000000000000003910461Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0f55b5a8bce4ca62022-01-11 12:20:17.584root 11241100x80000000000000003910462Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86d4c29aeaf3194a2022-01-11 12:20:17.584root 11241100x80000000000000003910463Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5662c6b2c03fc8432022-01-11 12:20:17.584root 11241100x80000000000000003910464Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d169b271099aeb9f2022-01-11 12:20:17.584root 11241100x80000000000000003910465Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c18511b329f64f452022-01-11 12:20:17.585root 11241100x80000000000000003910466Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a31603023957f3f72022-01-11 12:20:17.585root 11241100x80000000000000003910467Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a022432a5815da52022-01-11 12:20:17.585root 11241100x80000000000000003910468Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ddfaac15846f529c2022-01-11 12:20:17.585root 11241100x80000000000000003910469Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e125dd26247acdba2022-01-11 12:20:17.585root 11241100x80000000000000003910470Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea6cd2a1d625d9142022-01-11 12:20:17.585root 11241100x80000000000000003910471Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.628ae65747ad27bc2022-01-11 12:20:17.586root 11241100x80000000000000003910472Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6e1fbec1caf5cab2022-01-11 12:20:17.586root 11241100x80000000000000003910473Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.717173051cdbd6902022-01-11 12:20:17.586root 11241100x80000000000000003910474Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5fca2632bfcc1e6d2022-01-11 12:20:17.586root 11241100x80000000000000003910475Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84d0afe49127dc7c2022-01-11 12:20:17.587root 11241100x80000000000000003910476Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84c1d1bebdd2e7fb2022-01-11 12:20:17.587root 11241100x80000000000000003910477Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26be2cde4e9aff932022-01-11 12:20:17.587root 11241100x80000000000000003910478Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d094c2c3dd2fd2e2022-01-11 12:20:17.587root 11241100x80000000000000003910479Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2047f5493646f48a2022-01-11 12:20:17.587root 11241100x80000000000000003910480Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9321df5d42a527542022-01-11 12:20:17.587root 11241100x80000000000000003910481Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.923023cc2317ed0b2022-01-11 12:20:17.588root 11241100x80000000000000003910482Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c16697d0859f0df42022-01-11 12:20:17.588root 11241100x80000000000000003910483Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f38dcd6f24b4c1e62022-01-11 12:20:17.588root 11241100x80000000000000003910484Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7732f8764d23ba962022-01-11 12:20:17.588root 11241100x80000000000000003910485Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.14d38aa9f82fb2222022-01-11 12:20:17.588root 11241100x80000000000000003910486Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d4d32bf238650332022-01-11 12:20:17.588root 11241100x80000000000000003910487Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8ece52bc0e133ba2022-01-11 12:20:17.589root 11241100x80000000000000003910488Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a3a8296a0800dd82022-01-11 12:20:17.589root 11241100x80000000000000003910489Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23d4222d3bd81a5f2022-01-11 12:20:17.589root 11241100x80000000000000003910490Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.baac044db96f59142022-01-11 12:20:17.589root 11241100x80000000000000003910491Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ad30c3e7fd420582022-01-11 12:20:17.589root 11241100x80000000000000003910492Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fea8e1443824cfd22022-01-11 12:20:17.589root 11241100x80000000000000003910493Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.557f478a37265ac12022-01-11 12:20:17.589root 11241100x80000000000000003910494Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.52c384ca5722c4692022-01-11 12:20:17.589root 11241100x80000000000000003910495Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b2d939bfc65f2252022-01-11 12:20:17.589root 11241100x80000000000000003910496Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f266fa2a9e02fb22022-01-11 12:20:17.589root 11241100x80000000000000003910497Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.58b6155c0f700ccf2022-01-11 12:20:17.590root 11241100x80000000000000003910498Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:17.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f85d5314c465ba2e2022-01-11 12:20:17.590root 11241100x80000000000000003910499Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:18.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.012a14129e1156cc2022-01-11 12:20:18.083root 11241100x80000000000000003910500Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:18.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6252336454d41edf2022-01-11 12:20:18.084root 11241100x80000000000000003910501Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:18.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f72b53e2ecedc5da2022-01-11 12:20:18.084root 11241100x80000000000000003910502Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:18.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eeb506145bf19b802022-01-11 12:20:18.084root 11241100x80000000000000003910503Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:18.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.acc0d9c4cc61976f2022-01-11 12:20:18.084root 11241100x80000000000000003910504Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:18.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e413f72d6708295e2022-01-11 12:20:18.085root 11241100x80000000000000003910505Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:18.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a09fd0b6674bef02022-01-11 12:20:18.085root 11241100x80000000000000003910506Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:18.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88325917d3a5c3e32022-01-11 12:20:18.085root 11241100x80000000000000003910507Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:18.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36eb7f24a6c45f4a2022-01-11 12:20:18.085root 11241100x80000000000000003910508Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:18.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0bca19f3cb5e85462022-01-11 12:20:18.085root 11241100x80000000000000003910509Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:18.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.615679df52c37a0a2022-01-11 12:20:18.085root 11241100x80000000000000003910510Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:18.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df0374885f47f4932022-01-11 12:20:18.085root 11241100x80000000000000003910511Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:18.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1407ea904ac2fbd82022-01-11 12:20:18.085root 11241100x80000000000000003910512Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:18.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0ad55bc375b94a22022-01-11 12:20:18.085root 11241100x80000000000000003910513Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:18.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93fe382c73a11a4b2022-01-11 12:20:18.086root 11241100x80000000000000003910514Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:18.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e36d47cb77404b1c2022-01-11 12:20:18.086root 11241100x80000000000000003910515Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:18.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.87cc301fc8faf69c2022-01-11 12:20:18.086root 11241100x80000000000000003910516Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:18.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5905c449f526cf302022-01-11 12:20:18.086root 11241100x80000000000000003910517Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:18.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a351b6d3feb20d2b2022-01-11 12:20:18.086root 11241100x80000000000000003910518Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:18.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb78ebc9a3a439882022-01-11 12:20:18.087root 11241100x80000000000000003910519Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:18.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.929b38cadeb80c2f2022-01-11 12:20:18.584root 11241100x80000000000000003910520Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:18.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72efd409cdaec0c82022-01-11 12:20:18.584root 11241100x80000000000000003910521Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:18.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5927733e33e3739a2022-01-11 12:20:18.584root 11241100x80000000000000003910522Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:18.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c69fff0c2fd68e52022-01-11 12:20:18.584root 11241100x80000000000000003910523Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:18.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41ffdb5dd8dc1bad2022-01-11 12:20:18.584root 11241100x80000000000000003910524Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:18.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5bd49c97b1d4913c2022-01-11 12:20:18.584root 11241100x80000000000000003910525Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:18.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d227979aae3344bf2022-01-11 12:20:18.584root 11241100x80000000000000003910526Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:18.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad4192e5259c9ad42022-01-11 12:20:18.584root 11241100x80000000000000003910527Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:18.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7df9de67f07b26f92022-01-11 12:20:18.584root 11241100x80000000000000003910528Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:18.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12f170db7354011e2022-01-11 12:20:18.584root 11241100x80000000000000003910529Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:18.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f21247345c01d292022-01-11 12:20:18.585root 11241100x80000000000000003910530Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:18.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4861cb3c9c673e7b2022-01-11 12:20:18.585root 11241100x80000000000000003910531Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:18.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7cd6ef45dd232132022-01-11 12:20:18.587root 11241100x80000000000000003910532Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:18.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1fd7f338b344c9682022-01-11 12:20:18.587root 11241100x80000000000000003910533Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:18.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44084368fdaefaba2022-01-11 12:20:18.587root 11241100x80000000000000003910534Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:18.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57f3f08b8613de2f2022-01-11 12:20:18.587root 11241100x80000000000000003910535Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:18.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de852179d3dd1b092022-01-11 12:20:18.587root 11241100x80000000000000003910536Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:18.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.07e5e191d7d4f8bf2022-01-11 12:20:18.587root 11241100x80000000000000003910537Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:18.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76cd1f0b634f31262022-01-11 12:20:18.587root 11241100x80000000000000003910538Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:18.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2bdf318112d513952022-01-11 12:20:18.588root 11241100x80000000000000003910539Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8bac2270134a624a2022-01-11 12:20:19.083root 11241100x80000000000000003910540Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f43993d6c976f7ae2022-01-11 12:20:19.083root 11241100x80000000000000003910541Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb451ec6de8a30aa2022-01-11 12:20:19.083root 11241100x80000000000000003910542Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90c838d1107c6bc62022-01-11 12:20:19.083root 11241100x80000000000000003910543Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f7b488aa795861df2022-01-11 12:20:19.083root 11241100x80000000000000003910544Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e7495d4fd160d212022-01-11 12:20:19.084root 11241100x80000000000000003910545Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ace39c7dff91d682022-01-11 12:20:19.084root 11241100x80000000000000003910546Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f4e3354d68d33a52022-01-11 12:20:19.084root 11241100x80000000000000003910547Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84218b3ce94ded3f2022-01-11 12:20:19.084root 11241100x80000000000000003910548Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1384fe2a9d813542022-01-11 12:20:19.084root 11241100x80000000000000003910549Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1eca963b5262d7d2022-01-11 12:20:19.084root 11241100x80000000000000003910550Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0e0764159530d372022-01-11 12:20:19.084root 11241100x80000000000000003910551Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8578e7f4ba3269f82022-01-11 12:20:19.084root 11241100x80000000000000003910552Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0a16c8613672b5b2022-01-11 12:20:19.084root 11241100x80000000000000003910553Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.612305f64dddc2fa2022-01-11 12:20:19.084root 11241100x80000000000000003910554Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.551cb5b5ec19bb172022-01-11 12:20:19.084root 11241100x80000000000000003910555Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d2eb9e37b01ae7d2022-01-11 12:20:19.084root 11241100x80000000000000003910556Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cbe596d12580dc322022-01-11 12:20:19.085root 11241100x80000000000000003910557Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80dc26e03daf0cc52022-01-11 12:20:19.085root 11241100x80000000000000003910558Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4207376ba458bb82022-01-11 12:20:19.085root 11241100x80000000000000003910559Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.769506e6a924cfe72022-01-11 12:20:19.085root 11241100x80000000000000003910560Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33e67dcd948bf7bf2022-01-11 12:20:19.085root 11241100x80000000000000003910561Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b7829bdf2013f382022-01-11 12:20:19.085root 11241100x80000000000000003910562Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73ad0b60420dd0372022-01-11 12:20:19.085root 11241100x80000000000000003910563Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec4718729d4c5bf32022-01-11 12:20:19.583root 11241100x80000000000000003910564Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88cb82e3ee6835cc2022-01-11 12:20:19.583root 11241100x80000000000000003910565Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.27e64bc02a8634842022-01-11 12:20:19.583root 11241100x80000000000000003910566Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cdd86a0bcd523dda2022-01-11 12:20:19.584root 11241100x80000000000000003910567Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c965f02df824a4992022-01-11 12:20:19.584root 11241100x80000000000000003910568Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e3ba2e48ea222402022-01-11 12:20:19.584root 11241100x80000000000000003910569Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7b08b643d223dbd2022-01-11 12:20:19.584root 11241100x80000000000000003910570Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a143e55edc730f812022-01-11 12:20:19.584root 11241100x80000000000000003910571Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b44e64b1ef1e57762022-01-11 12:20:19.584root 11241100x80000000000000003910572Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b24326eb402209dc2022-01-11 12:20:19.584root 11241100x80000000000000003910573Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9598bf67b674b2942022-01-11 12:20:19.584root 11241100x80000000000000003910574Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a8b6d0a2cdcbe212022-01-11 12:20:19.585root 11241100x80000000000000003910575Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ccbe496cf9fe32782022-01-11 12:20:19.585root 11241100x80000000000000003910576Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d42f2b1786faae7c2022-01-11 12:20:19.585root 11241100x80000000000000003910577Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af8473ea3d25aefa2022-01-11 12:20:19.585root 11241100x80000000000000003910578Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.404c9fd9eb00435e2022-01-11 12:20:19.586root 11241100x80000000000000003910579Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74180298a1d636ad2022-01-11 12:20:19.586root 11241100x80000000000000003910580Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.593{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.894d6ce3320ca5ca2022-01-11 12:20:19.593root 11241100x80000000000000003910581Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.593{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7917228013d6ddb42022-01-11 12:20:19.593root 11241100x80000000000000003910582Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.593{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.368d8617bbda21212022-01-11 12:20:19.593root 11241100x80000000000000003910583Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.594{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e607a7ec8d39a182022-01-11 12:20:19.594root 11241100x80000000000000003910584Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.594{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1d49b4f881aaf362022-01-11 12:20:19.594root 11241100x80000000000000003910585Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.594{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec9274186d8580182022-01-11 12:20:19.594root 11241100x80000000000000003910586Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.594{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b15691f964e7d47e2022-01-11 12:20:19.594root 11241100x80000000000000003910587Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.594{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.008679d85570b78f2022-01-11 12:20:19.594root 11241100x80000000000000003910588Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.594{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.667165951ee4133e2022-01-11 12:20:19.594root 11241100x80000000000000003910589Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.594{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2004d0e5663576ee2022-01-11 12:20:19.594root 11241100x80000000000000003910590Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.594{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ded49f0aede392b22022-01-11 12:20:19.594root 11241100x80000000000000003910591Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:19.594{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.523b61a6c6bb62b22022-01-11 12:20:19.594root 11241100x80000000000000003910592Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:20.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d37dc655a71518b12022-01-11 12:20:20.084root 11241100x80000000000000003910593Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:20.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9db0094130489ce2022-01-11 12:20:20.084root 11241100x80000000000000003910594Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:20.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b35cc01a88e8f6bd2022-01-11 12:20:20.084root 11241100x80000000000000003910595Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:20.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9bb8b4051c403e132022-01-11 12:20:20.084root 11241100x80000000000000003910596Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:20.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef9bf51c5aa1d9412022-01-11 12:20:20.084root 11241100x80000000000000003910597Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:20.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c262322014073512022-01-11 12:20:20.084root 11241100x80000000000000003910598Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:20.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.94975aa89cb1a67f2022-01-11 12:20:20.084root 11241100x80000000000000003910599Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:20.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c554b2fa99d4000c2022-01-11 12:20:20.085root 11241100x80000000000000003910600Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:20.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a55e4bd10481c63a2022-01-11 12:20:20.085root 11241100x80000000000000003910601Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:20.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22ae125bdb4c80052022-01-11 12:20:20.085root 11241100x80000000000000003910602Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:20.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a087845dbab353e92022-01-11 12:20:20.085root 11241100x80000000000000003910603Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:20.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63e2fa5393e1e9602022-01-11 12:20:20.085root 11241100x80000000000000003910604Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:20.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23926856a4d868882022-01-11 12:20:20.085root 11241100x80000000000000003910605Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:20.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f8cddf605291b592022-01-11 12:20:20.085root 11241100x80000000000000003910606Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:20.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25a994c0ab0ad73b2022-01-11 12:20:20.086root 11241100x80000000000000003910607Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:20.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42a138c731919a262022-01-11 12:20:20.086root 11241100x80000000000000003910608Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:20.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f86964ddbadf2182022-01-11 12:20:20.086root 11241100x80000000000000003910609Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:20.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.912807dccd768ba92022-01-11 12:20:20.087root 11241100x80000000000000003910610Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:20.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.128d275baa1377aa2022-01-11 12:20:20.087root 11241100x80000000000000003910611Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:20.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eab8bf8d21956a9d2022-01-11 12:20:20.087root 11241100x80000000000000003910612Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:20.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.824ce2042fa6fe672022-01-11 12:20:20.584root 11241100x80000000000000003910613Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:20.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f22fc25b1025dba12022-01-11 12:20:20.584root 11241100x80000000000000003910614Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:20.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e05fb6f5e44a04ac2022-01-11 12:20:20.584root 11241100x80000000000000003910615Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:20.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fcc9823b691725a62022-01-11 12:20:20.584root 11241100x80000000000000003910616Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:20.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c3c569a6cfa05272022-01-11 12:20:20.584root 11241100x80000000000000003910617Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:20.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.92074fa326784cb62022-01-11 12:20:20.584root 11241100x80000000000000003910618Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:20.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.edaddf016bd74f292022-01-11 12:20:20.585root 11241100x80000000000000003910619Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:20.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.befb8106672dd80b2022-01-11 12:20:20.585root 11241100x80000000000000003910620Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:20.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2c36e2212b81a702022-01-11 12:20:20.586root 11241100x80000000000000003910621Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:20.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a2eb9e838ad54982022-01-11 12:20:20.586root 11241100x80000000000000003910622Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:20.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e096bc0affb9abe82022-01-11 12:20:20.586root 11241100x80000000000000003910623Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:20.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2dd1956af35765672022-01-11 12:20:20.587root 11241100x80000000000000003910624Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:20.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a017d84751549902022-01-11 12:20:20.587root 11241100x80000000000000003910625Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:20.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8fd24e8398e654f12022-01-11 12:20:20.587root 11241100x80000000000000003910626Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:20.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.783967c3f8a5c0752022-01-11 12:20:20.588root 11241100x80000000000000003910627Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:20.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66faf27c7d1f6ac02022-01-11 12:20:20.588root 11241100x80000000000000003910628Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:20.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8da1b745455496542022-01-11 12:20:20.588root 11241100x80000000000000003910629Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:20.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cbccc5f751da8a1e2022-01-11 12:20:20.588root 11241100x80000000000000003910630Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:20.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33b92e743f1b9e532022-01-11 12:20:20.588root 11241100x80000000000000003910631Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:20.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8b891c739a8a2c72022-01-11 12:20:20.588root 11241100x80000000000000003910632Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:21.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d05a759fffc7a6122022-01-11 12:20:21.083root 11241100x80000000000000003910633Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:21.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a6f5a8fd9ab040e2022-01-11 12:20:21.083root 11241100x80000000000000003910634Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:21.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2bfc35d2f23c4162022-01-11 12:20:21.084root 11241100x80000000000000003910635Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:21.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bbd41c456c1ee8962022-01-11 12:20:21.084root 11241100x80000000000000003910636Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:21.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.540fdb40925dac642022-01-11 12:20:21.084root 11241100x80000000000000003910637Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:21.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d49f2b1181033eb2022-01-11 12:20:21.084root 11241100x80000000000000003910638Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:21.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.716b5aa8dd10904f2022-01-11 12:20:21.084root 11241100x80000000000000003910639Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:21.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2c8e7f877299a5d2022-01-11 12:20:21.084root 11241100x80000000000000003910640Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:21.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f153567d6f339fb32022-01-11 12:20:21.084root 11241100x80000000000000003910641Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:21.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4549d80e10ea48a62022-01-11 12:20:21.084root 11241100x80000000000000003910642Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:21.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc5da484cf28855b2022-01-11 12:20:21.085root 11241100x80000000000000003910643Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:21.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91154379cad08e8b2022-01-11 12:20:21.085root 11241100x80000000000000003910644Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:21.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4852945f81029f782022-01-11 12:20:21.085root 11241100x80000000000000003910645Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:21.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db57a6dde97954fa2022-01-11 12:20:21.085root 11241100x80000000000000003910646Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:21.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6dcd1f98683fe832022-01-11 12:20:21.085root 11241100x80000000000000003910647Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:21.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57a8db9ae9e8d0292022-01-11 12:20:21.085root 11241100x80000000000000003910648Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:21.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1010dac08e0447d02022-01-11 12:20:21.085root 11241100x80000000000000003910649Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:21.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91db99735171a4cd2022-01-11 12:20:21.085root 11241100x80000000000000003910650Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:21.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5cca8aa5c04df9d2022-01-11 12:20:21.085root 11241100x80000000000000003910651Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:21.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a56b6aeeba38dbc12022-01-11 12:20:21.086root 11241100x80000000000000003910652Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:21.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.368e1de83ca4e8402022-01-11 12:20:21.583root 11241100x80000000000000003910653Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:21.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a121f411245e26672022-01-11 12:20:21.583root 11241100x80000000000000003910654Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:21.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff2885135f78d2d92022-01-11 12:20:21.583root 11241100x80000000000000003910655Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:21.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.daba04ac458647ae2022-01-11 12:20:21.584root 11241100x80000000000000003910656Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:21.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab23c194cc417b942022-01-11 12:20:21.584root 11241100x80000000000000003910657Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:21.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0898ddd9319f3802022-01-11 12:20:21.584root 11241100x80000000000000003910658Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:21.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ce32754879ad6fa2022-01-11 12:20:21.584root 11241100x80000000000000003910659Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:21.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d80631c4d629c55f2022-01-11 12:20:21.584root 11241100x80000000000000003910660Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:21.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e49f0058e98b1342022-01-11 12:20:21.584root 11241100x80000000000000003910661Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:21.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.312bfcd1312a48cf2022-01-11 12:20:21.584root 11241100x80000000000000003910662Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:21.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a019f68e358668772022-01-11 12:20:21.584root 11241100x80000000000000003910663Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:21.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1eec9083c8b639e2022-01-11 12:20:21.584root 11241100x80000000000000003910664Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:21.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.24e18485dcce2f212022-01-11 12:20:21.584root 11241100x80000000000000003910665Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:21.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd172018570e0a8e2022-01-11 12:20:21.584root 11241100x80000000000000003910666Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:21.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b5128789e41b0e12022-01-11 12:20:21.584root 11241100x80000000000000003910667Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:21.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd105b603b7a6cd82022-01-11 12:20:21.585root 11241100x80000000000000003910668Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:21.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1279ab5ea057a9872022-01-11 12:20:21.585root 11241100x80000000000000003910669Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:21.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b7c08ca1bcc15272022-01-11 12:20:21.585root 11241100x80000000000000003910670Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:21.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be9d2ea3544d31ee2022-01-11 12:20:21.585root 11241100x80000000000000003910671Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:21.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5d051322a7c4c8b2022-01-11 12:20:21.585root 11241100x80000000000000003910672Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:21.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4de6d7bf8fb7b0322022-01-11 12:20:21.585root 11241100x80000000000000003910673Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:21.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd84b31042914ab12022-01-11 12:20:21.585root 11241100x80000000000000003910674Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:21.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.831699bed76d3e032022-01-11 12:20:21.585root 11241100x80000000000000003910675Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:22.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1e7205b741fd3a732022-01-11 12:20:22.084root 11241100x80000000000000003910676Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:22.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1afc30eff39d13c02022-01-11 12:20:22.084root 11241100x80000000000000003910677Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:22.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35a07dcb99f182772022-01-11 12:20:22.084root 11241100x80000000000000003910678Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:22.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d62ee68c3593e56c2022-01-11 12:20:22.084root 11241100x80000000000000003910679Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:22.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40bf57daf5b30bbc2022-01-11 12:20:22.084root 11241100x80000000000000003910680Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:22.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af644e73a6a686692022-01-11 12:20:22.084root 11241100x80000000000000003910681Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:22.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.846a79eb4fa85de62022-01-11 12:20:22.084root 11241100x80000000000000003910682Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:22.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d2bd430892e76bb2022-01-11 12:20:22.084root 11241100x80000000000000003910683Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:22.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67eefa643d7563a52022-01-11 12:20:22.084root 11241100x80000000000000003910684Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:22.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e447cd516246c8b2022-01-11 12:20:22.085root 11241100x80000000000000003910685Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:22.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5557bdfa1445569a2022-01-11 12:20:22.085root 11241100x80000000000000003910686Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:22.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ddbafb8211c33482022-01-11 12:20:22.085root 11241100x80000000000000003910687Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:22.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9380e16a438aa1eb2022-01-11 12:20:22.085root 11241100x80000000000000003910688Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:22.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c5086e22a7da4e72022-01-11 12:20:22.085root 11241100x80000000000000003910689Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:22.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23cd486b0a9bcf252022-01-11 12:20:22.085root 11241100x80000000000000003910690Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:22.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd4d0471401900f72022-01-11 12:20:22.085root 11241100x80000000000000003910691Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:22.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b29c024795932bba2022-01-11 12:20:22.085root 11241100x80000000000000003910692Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:22.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de4b80091dcb4c712022-01-11 12:20:22.085root 11241100x80000000000000003910693Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:22.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1aa3132ecfd9bdf72022-01-11 12:20:22.085root 11241100x80000000000000003910694Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:22.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36997a1292cd21262022-01-11 12:20:22.085root 354300x80000000000000003910695Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:22.188{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56292-false10.0.1.12-8000- 154100x80000000000000003910696Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:22.295{ec2d504d-7606-61dd-d019-e0c494550000}9857/bin/cat-----cat /etc/ssh/sshd_config/home/ubuntuubuntu{ec2d504d-5fc1-61dd-e803-000000000000}100033no level-{ec2d504d-5fc1-61dd-0874-7a9047560000}9580/bin/bash-bashubuntu 534500x80000000000000003910697Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:22.297{ec2d504d-7606-61dd-d019-e0c494550000}9857/bin/catubuntu 11241100x80000000000000003910698Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:22.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1dfc08bc9d020012022-01-11 12:20:22.583root 11241100x80000000000000003910699Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:22.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a7432021f10ce412022-01-11 12:20:22.584root 11241100x80000000000000003910700Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:22.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f7cd4f1d80e6e8d32022-01-11 12:20:22.584root 11241100x80000000000000003910701Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:22.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec70727348f6a9152022-01-11 12:20:22.584root 11241100x80000000000000003910702Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:22.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd08e5bdecd5d69b2022-01-11 12:20:22.584root 11241100x80000000000000003910703Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:22.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.522d61e274f04a772022-01-11 12:20:22.584root 11241100x80000000000000003910704Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:22.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a300fbfe9f16e09d2022-01-11 12:20:22.584root 11241100x80000000000000003910705Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:22.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0a175024699a0512022-01-11 12:20:22.584root 11241100x80000000000000003910706Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:22.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2c8a62e75a612692022-01-11 12:20:22.584root 11241100x80000000000000003910707Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:22.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0625bc94d8c71102022-01-11 12:20:22.584root 11241100x80000000000000003910708Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:22.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4185efa892a5d0012022-01-11 12:20:22.585root 11241100x80000000000000003910709Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:22.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e77935d9815c1342022-01-11 12:20:22.585root 11241100x80000000000000003910710Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:22.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.431451606b4c1fe42022-01-11 12:20:22.585root 11241100x80000000000000003910711Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:22.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ea5e98e8a23546f2022-01-11 12:20:22.585root 11241100x80000000000000003910712Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:22.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e5463d7a798b0402022-01-11 12:20:22.585root 11241100x80000000000000003910713Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:22.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65cf86d3020ebb712022-01-11 12:20:22.585root 11241100x80000000000000003910714Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:22.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.887290b844e8354f2022-01-11 12:20:22.585root 11241100x80000000000000003910715Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:22.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f10faf7d5c05619c2022-01-11 12:20:22.585root 11241100x80000000000000003910716Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:22.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e51bd6dbe19464322022-01-11 12:20:22.585root 11241100x80000000000000003910717Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:22.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4afd6379c6a82d222022-01-11 12:20:22.585root 11241100x80000000000000003910718Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:22.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.710c5c50d055b3302022-01-11 12:20:22.585root 11241100x80000000000000003910719Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:22.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8ffce79de0ac3992022-01-11 12:20:22.585root 11241100x80000000000000003910720Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:22.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.29c716e2d3a64b582022-01-11 12:20:22.586root 11241100x80000000000000003910721Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:23.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f94b202d1abbd29d2022-01-11 12:20:23.084root 11241100x80000000000000003910722Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:23.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b098ab4dd6d67a042022-01-11 12:20:23.084root 11241100x80000000000000003910723Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:23.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ebad2120ece3b122022-01-11 12:20:23.084root 11241100x80000000000000003910724Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:23.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de310ef96434abb92022-01-11 12:20:23.084root 11241100x80000000000000003910725Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:23.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2795f092a41eb21c2022-01-11 12:20:23.085root 11241100x80000000000000003910726Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:23.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db6f0ca453e2fd8c2022-01-11 12:20:23.085root 11241100x80000000000000003910727Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:23.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.924e57a34c183dfa2022-01-11 12:20:23.085root 11241100x80000000000000003910728Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:23.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1489c7b35574efdc2022-01-11 12:20:23.085root 11241100x80000000000000003910729Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:23.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab6226f00158f6182022-01-11 12:20:23.085root 11241100x80000000000000003910730Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:23.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ff0b9b726f435872022-01-11 12:20:23.085root 11241100x80000000000000003910731Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:23.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82acb21b513511462022-01-11 12:20:23.085root 11241100x80000000000000003910732Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:23.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25e56a54b01971422022-01-11 12:20:23.085root 11241100x80000000000000003910733Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:23.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f136fb80b8bd705c2022-01-11 12:20:23.086root 11241100x80000000000000003910734Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:23.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a4e2f1f8b8a0e972022-01-11 12:20:23.086root 11241100x80000000000000003910735Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:23.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6473a8ae34bc91f2022-01-11 12:20:23.086root 11241100x80000000000000003910736Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:23.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9bf5f8d358b0e20f2022-01-11 12:20:23.086root 11241100x80000000000000003910737Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:23.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.492944974622afbd2022-01-11 12:20:23.086root 11241100x80000000000000003910738Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:23.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81d0f1b45fe60eb82022-01-11 12:20:23.086root 11241100x80000000000000003910739Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:23.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ef470f19390f19f2022-01-11 12:20:23.086root 11241100x80000000000000003910740Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:23.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d92dfa1ad36e7512022-01-11 12:20:23.086root 11241100x80000000000000003910741Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:23.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b54aee961c257d392022-01-11 12:20:23.086root 11241100x80000000000000003910742Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:23.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1117656e0e90752c2022-01-11 12:20:23.086root 11241100x80000000000000003910743Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:23.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d121ebb95b5f83f62022-01-11 12:20:23.087root 11241100x80000000000000003910744Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:23.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80c51edc5577c0502022-01-11 12:20:23.583root 11241100x80000000000000003910745Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:23.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0e7e49bc2ed9e932022-01-11 12:20:23.583root 11241100x80000000000000003910746Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:23.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91a1be5e796c8bc82022-01-11 12:20:23.584root 11241100x80000000000000003910747Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:23.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.87f6970e0853a3262022-01-11 12:20:23.584root 11241100x80000000000000003910748Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:23.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f0a121da6679b802022-01-11 12:20:23.584root 11241100x80000000000000003910749Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:23.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2166cae6120d9b232022-01-11 12:20:23.584root 11241100x80000000000000003910750Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:23.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d3f2442a36673bf2022-01-11 12:20:23.584root 11241100x80000000000000003910751Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:23.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ca3be8242f3b6f12022-01-11 12:20:23.584root 11241100x80000000000000003910752Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:23.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9cc28e1e247c42922022-01-11 12:20:23.584root 11241100x80000000000000003910753Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:23.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e6c205ecad5ead92022-01-11 12:20:23.584root 11241100x80000000000000003910754Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:23.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d728f89751c938d02022-01-11 12:20:23.585root 11241100x80000000000000003910755Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:23.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3905d6aa15772a0b2022-01-11 12:20:23.585root 11241100x80000000000000003910756Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:23.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72c24f8a69ce52d22022-01-11 12:20:23.585root 11241100x80000000000000003910757Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:23.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f55ac3f54355546d2022-01-11 12:20:23.585root 11241100x80000000000000003910758Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:23.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51052360207f87e82022-01-11 12:20:23.586root 11241100x80000000000000003910759Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:23.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cdc7ed9189fe49472022-01-11 12:20:23.586root 11241100x80000000000000003910760Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:23.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ddce57861f0aaaf2022-01-11 12:20:23.586root 11241100x80000000000000003910761Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:23.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.770473b2120fbef72022-01-11 12:20:23.586root 11241100x80000000000000003910762Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:23.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db8f19bfbb9409d32022-01-11 12:20:23.586root 11241100x80000000000000003910763Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:23.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a95b106efdfec842022-01-11 12:20:23.586root 11241100x80000000000000003910764Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:23.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c3ce43fd79a854f02022-01-11 12:20:23.586root 11241100x80000000000000003910765Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:23.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b617535922a3601a2022-01-11 12:20:23.586root 11241100x80000000000000003910766Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:23.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.396c345b955551d82022-01-11 12:20:23.586root 11241100x80000000000000003910767Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:23.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9eb01d31b7017c32022-01-11 12:20:23.586root 11241100x80000000000000003910768Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:23.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b187ab07ee4a38e2022-01-11 12:20:23.586root 11241100x80000000000000003910769Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:23.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1e364d4c42d41702022-01-11 12:20:23.586root 11241100x80000000000000003910770Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46e1fdccd0a8598d2022-01-11 12:20:24.083root 11241100x80000000000000003910771Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e0ff69bd04dfccb2022-01-11 12:20:24.084root 11241100x80000000000000003910772Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.adf305a8850ac82a2022-01-11 12:20:24.084root 11241100x80000000000000003910773Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.160e9579785f62552022-01-11 12:20:24.084root 11241100x80000000000000003910774Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c58ee7ccdc7d6a892022-01-11 12:20:24.084root 11241100x80000000000000003910775Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7c8df147c4697122022-01-11 12:20:24.084root 11241100x80000000000000003910776Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8b46e7dd5fccfc82022-01-11 12:20:24.084root 11241100x80000000000000003910777Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.986dc7b81fceb72a2022-01-11 12:20:24.084root 11241100x80000000000000003910778Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b139a15539926ce2022-01-11 12:20:24.084root 11241100x80000000000000003910779Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca1c2ef9ea47b3ff2022-01-11 12:20:24.085root 11241100x80000000000000003910780Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a5e1eaade2a09ae2022-01-11 12:20:24.085root 11241100x80000000000000003910781Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da8c2c0bd08726f62022-01-11 12:20:24.085root 11241100x80000000000000003910782Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00bc85b9afc0df272022-01-11 12:20:24.085root 11241100x80000000000000003910783Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce842cd8c61ae7c22022-01-11 12:20:24.085root 11241100x80000000000000003910784Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.470a488aee9a70602022-01-11 12:20:24.085root 11241100x80000000000000003910785Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2ff9c5fecd992862022-01-11 12:20:24.085root 11241100x80000000000000003910786Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23b7b2c9acbfff532022-01-11 12:20:24.085root 11241100x80000000000000003910787Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.718eb0dca5e454942022-01-11 12:20:24.085root 11241100x80000000000000003910788Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c70c8e2fb5d7fd472022-01-11 12:20:24.086root 11241100x80000000000000003910789Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53f17d794f63749a2022-01-11 12:20:24.086root 11241100x80000000000000003910790Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8dfdf26ba94d91ea2022-01-11 12:20:24.086root 11241100x80000000000000003910791Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c195fa54fbcb1e862022-01-11 12:20:24.086root 11241100x80000000000000003910792Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.174393f8070397e52022-01-11 12:20:24.086root 11241100x80000000000000003910793Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.705e0356501364ea2022-01-11 12:20:24.584root 11241100x80000000000000003910794Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6a9c441fe3ee6422022-01-11 12:20:24.584root 11241100x80000000000000003910795Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c7f429b562e16162022-01-11 12:20:24.584root 11241100x80000000000000003910796Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.afef982ecc4d57722022-01-11 12:20:24.584root 11241100x80000000000000003910797Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed4a0fe069d234dc2022-01-11 12:20:24.584root 11241100x80000000000000003910798Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.679e4b0dd8695a532022-01-11 12:20:24.585root 11241100x80000000000000003910799Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c3668d61c74dd2ac2022-01-11 12:20:24.585root 11241100x80000000000000003910800Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f0eb5362e7ae07e2022-01-11 12:20:24.585root 11241100x80000000000000003910801Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.377c98cf32546d2c2022-01-11 12:20:24.585root 11241100x80000000000000003910802Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6bcb7f2b7bcfe8522022-01-11 12:20:24.585root 11241100x80000000000000003910803Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5cb21de84bdaae0f2022-01-11 12:20:24.585root 11241100x80000000000000003910804Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6975b801e95fd7dd2022-01-11 12:20:24.585root 11241100x80000000000000003910805Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7741decc10651b62022-01-11 12:20:24.585root 11241100x80000000000000003910806Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.794a8490698e53632022-01-11 12:20:24.585root 11241100x80000000000000003910807Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.498a7d39d88cfd742022-01-11 12:20:24.586root 11241100x80000000000000003910808Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cbdbbc717cde49782022-01-11 12:20:24.586root 11241100x80000000000000003910809Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15209bd908a28d352022-01-11 12:20:24.586root 11241100x80000000000000003910810Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7cfd4b80c2b0677e2022-01-11 12:20:24.586root 11241100x80000000000000003910811Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84d22f4a2b13dae42022-01-11 12:20:24.586root 11241100x80000000000000003910812Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17f9b0d33787bbf62022-01-11 12:20:24.586root 11241100x80000000000000003910813Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3402b581fadf9ce62022-01-11 12:20:24.586root 11241100x80000000000000003910814Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1247ec6b69cb3722022-01-11 12:20:24.586root 11241100x80000000000000003910815Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aaba7d7a49d8d6952022-01-11 12:20:24.586root 11241100x80000000000000003910816Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.894{ec2d504d-f0f9-61db-30a8-2a40f5550000}5391/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log2022-01-11 12:20:24.894root 11241100x80000000000000003910817Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.895{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b229b5e461a630982022-01-11 12:20:24.895root 11241100x80000000000000003910818Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.895{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e56d26fe7ce9940c2022-01-11 12:20:24.895root 11241100x80000000000000003910819Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.895{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b890b015629bcc942022-01-11 12:20:24.895root 11241100x80000000000000003910820Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.895{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d0dab1668a0f3a592022-01-11 12:20:24.895root 11241100x80000000000000003910821Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.895{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6177206a4de678f2022-01-11 12:20:24.895root 11241100x80000000000000003910822Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.13c8157de395b4a32022-01-11 12:20:24.896root 11241100x80000000000000003910823Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d38ce19ccddf5dd2022-01-11 12:20:24.896root 11241100x80000000000000003910824Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a049031f6c80bfa2022-01-11 12:20:24.896root 11241100x80000000000000003910825Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2448a1ab7845bc302022-01-11 12:20:24.896root 11241100x80000000000000003910826Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63924f0279907b2a2022-01-11 12:20:24.896root 11241100x80000000000000003910827Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05d8fc8f72d44cfb2022-01-11 12:20:24.896root 11241100x80000000000000003910828Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.074cc7736d84b2d32022-01-11 12:20:24.897root 11241100x80000000000000003910829Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7d795ca7709bdaa2022-01-11 12:20:24.897root 11241100x80000000000000003910830Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f9b6533e0a5e2392022-01-11 12:20:24.897root 11241100x80000000000000003910831Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53db769d7b2463e72022-01-11 12:20:24.897root 11241100x80000000000000003910832Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5e8453a6fa29d3b2022-01-11 12:20:24.897root 11241100x80000000000000003910833Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca2be36d66a078302022-01-11 12:20:24.897root 11241100x80000000000000003910834Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a006fec6adacc192022-01-11 12:20:24.898root 11241100x80000000000000003910835Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b86b58ec3931a3f42022-01-11 12:20:24.898root 11241100x80000000000000003910836Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1678c897a054e8962022-01-11 12:20:24.898root 11241100x80000000000000003910837Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63d0603be3dcce5c2022-01-11 12:20:24.898root 11241100x80000000000000003910838Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7250e0a285f6ca5a2022-01-11 12:20:24.898root 11241100x80000000000000003910839Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.899{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.639ae782632006532022-01-11 12:20:24.899root 11241100x80000000000000003910840Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.899{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a68c369eb1cb09322022-01-11 12:20:24.899root 11241100x80000000000000003910841Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.899{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2952f396c20027312022-01-11 12:20:24.899root 354300x80000000000000003910842Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:24.952{ec2d504d-f0f9-61db-30a8-2a40f5550000}5391/opt/splunkforwarder/bin/splunkdroottcptruefalse10.0.1.25-34226-false10.0.1.12-8089- 11241100x80000000000000003910843Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8174579641788712022-01-11 12:20:25.333root 11241100x80000000000000003910844Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00443eb75c99beb42022-01-11 12:20:25.333root 11241100x80000000000000003910845Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.055a477b03d160972022-01-11 12:20:25.334root 11241100x80000000000000003910846Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd8afaee2761cbc92022-01-11 12:20:25.334root 11241100x80000000000000003910847Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cecf4552f1e16f8c2022-01-11 12:20:25.334root 11241100x80000000000000003910848Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.994bb02931c5b80e2022-01-11 12:20:25.334root 11241100x80000000000000003910849Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dae1e546154d038a2022-01-11 12:20:25.334root 11241100x80000000000000003910850Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c66b0e096ee8e182022-01-11 12:20:25.334root 11241100x80000000000000003910851Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.165eb6ef15b45c872022-01-11 12:20:25.334root 11241100x80000000000000003910852Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd36d3ebd0aa71062022-01-11 12:20:25.334root 11241100x80000000000000003910853Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3801cba837115af92022-01-11 12:20:25.335root 11241100x80000000000000003910854Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e3fba48412330522022-01-11 12:20:25.335root 11241100x80000000000000003910855Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c8093344ac343f12022-01-11 12:20:25.335root 11241100x80000000000000003910856Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e795c188a25fa29a2022-01-11 12:20:25.336root 11241100x80000000000000003910857Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32da4deeb318d3b92022-01-11 12:20:25.336root 11241100x80000000000000003910858Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7e153622e27bee42022-01-11 12:20:25.336root 11241100x80000000000000003910859Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1e2010b6652318eb2022-01-11 12:20:25.336root 11241100x80000000000000003910860Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be9a49f642fa75822022-01-11 12:20:25.336root 11241100x80000000000000003910861Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4995a60d2a83a6aa2022-01-11 12:20:25.336root 11241100x80000000000000003910862Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.70d0fa92d6aca7552022-01-11 12:20:25.337root 11241100x80000000000000003910863Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73818a2eb8bcf6a22022-01-11 12:20:25.337root 11241100x80000000000000003910864Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8412c30a08ea54fb2022-01-11 12:20:25.337root 11241100x80000000000000003910865Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c45b1051a74ef3eb2022-01-11 12:20:25.337root 11241100x80000000000000003910866Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc47cbb362e25e032022-01-11 12:20:25.337root 11241100x80000000000000003910867Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bfb67c4c9d3fd85b2022-01-11 12:20:25.337root 11241100x80000000000000003910868Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.185634ffa8cb07f22022-01-11 12:20:25.834root 11241100x80000000000000003910869Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c725fc97d05b3dc42022-01-11 12:20:25.834root 11241100x80000000000000003910870Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5bcd6e54026390142022-01-11 12:20:25.834root 11241100x80000000000000003910871Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2cb213493c70f942022-01-11 12:20:25.834root 11241100x80000000000000003910872Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de0c2e2cf16a112c2022-01-11 12:20:25.834root 11241100x80000000000000003910873Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.751471f3bc5aceef2022-01-11 12:20:25.835root 11241100x80000000000000003910874Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e95b9011c5a78802022-01-11 12:20:25.835root 11241100x80000000000000003910875Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7e41d8a5d3c164b2022-01-11 12:20:25.835root 11241100x80000000000000003910876Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8349eeaa6ace90562022-01-11 12:20:25.835root 11241100x80000000000000003910877Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a287f91510e564e2022-01-11 12:20:25.835root 11241100x80000000000000003910878Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eeabe5514a9e42212022-01-11 12:20:25.835root 11241100x80000000000000003910879Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.475ec597d5b40c972022-01-11 12:20:25.836root 11241100x80000000000000003910880Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ea19fa111949cc22022-01-11 12:20:25.836root 11241100x80000000000000003910881Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f49f5d630acea942022-01-11 12:20:25.836root 11241100x80000000000000003910882Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.acb6880a4effdb492022-01-11 12:20:25.836root 11241100x80000000000000003910883Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a41540b0618a66382022-01-11 12:20:25.836root 11241100x80000000000000003910884Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da62f280fd680c332022-01-11 12:20:25.836root 11241100x80000000000000003910885Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa0fd735adc614f42022-01-11 12:20:25.836root 11241100x80000000000000003910886Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c711580b77098782022-01-11 12:20:25.836root 11241100x80000000000000003910887Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1e5eca08434cfd712022-01-11 12:20:25.836root 11241100x80000000000000003910888Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cde0ee1b1cccbabd2022-01-11 12:20:25.836root 11241100x80000000000000003910889Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.417ea1234e0ee7a22022-01-11 12:20:25.837root 11241100x80000000000000003910890Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.290ce0571f96a28d2022-01-11 12:20:25.837root 11241100x80000000000000003910891Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d94c6dae857b60cf2022-01-11 12:20:25.837root 11241100x80000000000000003910892Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:25.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1af21d12305753df2022-01-11 12:20:25.837root 11241100x80000000000000003910893Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f469246acf9f6aa72022-01-11 12:20:26.334root 11241100x80000000000000003910894Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8fd15c16e4f2638e2022-01-11 12:20:26.334root 11241100x80000000000000003910895Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.45cdbb06c3ccf86b2022-01-11 12:20:26.334root 11241100x80000000000000003910896Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8bf1f6620ddbfe7a2022-01-11 12:20:26.334root 11241100x80000000000000003910897Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a6d1cb33f93e3272022-01-11 12:20:26.335root 11241100x80000000000000003910898Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0199f745bd9c3b72022-01-11 12:20:26.335root 11241100x80000000000000003910899Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.07369e6cc81c5d962022-01-11 12:20:26.335root 11241100x80000000000000003910900Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33f58ac02a29e16d2022-01-11 12:20:26.335root 11241100x80000000000000003910901Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2df9861b731606c52022-01-11 12:20:26.335root 11241100x80000000000000003910902Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d26a2b128e2bc212022-01-11 12:20:26.336root 11241100x80000000000000003910903Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eacda6188e983b142022-01-11 12:20:26.336root 11241100x80000000000000003910904Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4a4576be7b310b72022-01-11 12:20:26.336root 11241100x80000000000000003910905Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c53c068549175d512022-01-11 12:20:26.337root 11241100x80000000000000003910906Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc27d488f5cb53f72022-01-11 12:20:26.337root 11241100x80000000000000003910907Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7837e1b40601212e2022-01-11 12:20:26.337root 11241100x80000000000000003910908Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf332900e7846c0e2022-01-11 12:20:26.337root 11241100x80000000000000003910909Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d296e63548f59652022-01-11 12:20:26.337root 11241100x80000000000000003910910Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9867eb9bf18725d02022-01-11 12:20:26.337root 11241100x80000000000000003910911Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2bd2815e4590b2e22022-01-11 12:20:26.337root 11241100x80000000000000003910912Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51785108fa70bfd82022-01-11 12:20:26.338root 11241100x80000000000000003910913Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.559bd32891de480e2022-01-11 12:20:26.338root 11241100x80000000000000003910914Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6ea068f89ac350d2022-01-11 12:20:26.338root 11241100x80000000000000003910915Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.217665ec4efebd302022-01-11 12:20:26.339root 11241100x80000000000000003910916Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f9f1aef80c3147572022-01-11 12:20:26.339root 11241100x80000000000000003910917Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.24c17a25161dd26c2022-01-11 12:20:26.339root 11241100x80000000000000003910918Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.14c2076dceb845682022-01-11 12:20:26.834root 11241100x80000000000000003910919Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17294c01e0af37582022-01-11 12:20:26.834root 11241100x80000000000000003910920Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a16678826f8af97c2022-01-11 12:20:26.834root 11241100x80000000000000003910921Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a37da45f68b72b152022-01-11 12:20:26.834root 11241100x80000000000000003910922Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4b31e6bd324a8bd2022-01-11 12:20:26.835root 11241100x80000000000000003910923Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b05bcf28f131c212022-01-11 12:20:26.835root 11241100x80000000000000003910924Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d22d916fefba860c2022-01-11 12:20:26.835root 11241100x80000000000000003910925Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.744f43b7533a66b02022-01-11 12:20:26.835root 11241100x80000000000000003910926Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef38fcbc34b56bc82022-01-11 12:20:26.835root 11241100x80000000000000003910927Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d76c0857a66611b82022-01-11 12:20:26.836root 11241100x80000000000000003910928Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.647616a45a9cc6a42022-01-11 12:20:26.836root 11241100x80000000000000003910929Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.865e839a1f965e7f2022-01-11 12:20:26.836root 11241100x80000000000000003910930Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf7aa6081d2cc4502022-01-11 12:20:26.836root 11241100x80000000000000003910931Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9cdb06d2c5ac08442022-01-11 12:20:26.836root 11241100x80000000000000003910932Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a4392183bbe6e182022-01-11 12:20:26.836root 11241100x80000000000000003910933Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72a394fa07ba5c932022-01-11 12:20:26.836root 11241100x80000000000000003910934Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba5c13a9c883ec482022-01-11 12:20:26.836root 11241100x80000000000000003910935Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dcb3b3623e394cde2022-01-11 12:20:26.837root 11241100x80000000000000003910936Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ffa48c5ecba049c2022-01-11 12:20:26.837root 11241100x80000000000000003910937Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.29b6e4648ba374c32022-01-11 12:20:26.837root 11241100x80000000000000003910938Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b70dd395c50dcdb2022-01-11 12:20:26.838root 11241100x80000000000000003910939Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7d0ab8c7f70bd572022-01-11 12:20:26.838root 11241100x80000000000000003910940Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.58ef3acaed8e88032022-01-11 12:20:26.838root 11241100x80000000000000003910941Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.58634a7cb059e0a32022-01-11 12:20:26.838root 11241100x80000000000000003910942Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:26.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08d76c214c695f372022-01-11 12:20:26.838root 354300x80000000000000003910943Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.231{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56296-false10.0.1.12-8000- 11241100x80000000000000003910944Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.232{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.680dbb21fe5bf8132022-01-11 12:20:27.232root 11241100x80000000000000003910945Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.232{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40fc6490b840a3362022-01-11 12:20:27.232root 11241100x80000000000000003910946Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.232{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed59882315b868892022-01-11 12:20:27.232root 11241100x80000000000000003910947Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.232{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00d3c6d4255656bf2022-01-11 12:20:27.232root 11241100x80000000000000003910948Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.232{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2093f2536439edc62022-01-11 12:20:27.232root 11241100x80000000000000003910949Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.233{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1363aeedeb123282022-01-11 12:20:27.233root 11241100x80000000000000003910950Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.233{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3427649e1bebd7342022-01-11 12:20:27.233root 11241100x80000000000000003910951Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.233{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a26cb0d33dcbc852022-01-11 12:20:27.233root 11241100x80000000000000003910952Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.233{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.837f5c9a7060e8c82022-01-11 12:20:27.233root 11241100x80000000000000003910953Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.233{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.996258dcd48049b12022-01-11 12:20:27.233root 11241100x80000000000000003910954Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.233{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8ad944f6a0ad9452022-01-11 12:20:27.233root 11241100x80000000000000003910955Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.233{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4840ac44b025190e2022-01-11 12:20:27.233root 11241100x80000000000000003910956Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.234{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b2d414b93d791c72022-01-11 12:20:27.234root 11241100x80000000000000003910957Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.234{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.865c7b23a76ddcd52022-01-11 12:20:27.234root 11241100x80000000000000003910958Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.234{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8a266a4bcc2848f2022-01-11 12:20:27.234root 11241100x80000000000000003910959Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.234{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3de72437d54258632022-01-11 12:20:27.234root 11241100x80000000000000003910960Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.235{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16b747001e95b8762022-01-11 12:20:27.235root 11241100x80000000000000003910961Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.235{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9b03e467422a8d42022-01-11 12:20:27.235root 11241100x80000000000000003910962Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.235{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b40fa297b0e11e6f2022-01-11 12:20:27.235root 11241100x80000000000000003910963Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.235{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d9ac696171b446982022-01-11 12:20:27.235root 11241100x80000000000000003910964Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.235{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d1ee3f39c0e3e3e2022-01-11 12:20:27.235root 11241100x80000000000000003910965Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.235{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c929e33e1b74f902022-01-11 12:20:27.235root 11241100x80000000000000003910966Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.235{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.557fbb197b1aa84d2022-01-11 12:20:27.235root 11241100x80000000000000003910967Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.236{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc239bd0b69257b92022-01-11 12:20:27.236root 11241100x80000000000000003910968Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.236{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d9766d794eec2092022-01-11 12:20:27.236root 11241100x80000000000000003910969Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.236{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d445e072d623cc52022-01-11 12:20:27.236root 11241100x80000000000000003910970Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.236{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b652fcb39cc973b12022-01-11 12:20:27.236root 11241100x80000000000000003910971Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.237{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb37e4e020fcf9322022-01-11 12:20:27.237root 11241100x80000000000000003910972Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.237{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.caf05b900b4324872022-01-11 12:20:27.237root 11241100x80000000000000003910973Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.237{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e33168c149ab95032022-01-11 12:20:27.237root 11241100x80000000000000003910974Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.237{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.622ed329a6d86efe2022-01-11 12:20:27.237root 11241100x80000000000000003910975Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.237{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.99489b02930c20e82022-01-11 12:20:27.237root 11241100x80000000000000003910976Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.237{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f05a5a2d4ca9887c2022-01-11 12:20:27.237root 11241100x80000000000000003910977Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9bed0afa8d2aa382022-01-11 12:20:27.583root 11241100x80000000000000003910978Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dcf39161d3482bb32022-01-11 12:20:27.583root 11241100x80000000000000003910979Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0534c4d899c509bc2022-01-11 12:20:27.584root 11241100x80000000000000003910980Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d19cb551568ddfe02022-01-11 12:20:27.584root 11241100x80000000000000003910981Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5642a2621506076d2022-01-11 12:20:27.584root 11241100x80000000000000003910982Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7d18692fe9d85362022-01-11 12:20:27.584root 11241100x80000000000000003910983Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f677354ceb23c4d42022-01-11 12:20:27.584root 11241100x80000000000000003910984Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.281e92def34835692022-01-11 12:20:27.584root 11241100x80000000000000003910985Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.310df83bf1c71bc62022-01-11 12:20:27.584root 11241100x80000000000000003910986Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d6ad341ef1402582022-01-11 12:20:27.584root 11241100x80000000000000003910987Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb8f7d538676d3202022-01-11 12:20:27.584root 11241100x80000000000000003910988Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.482bc845b8ea05f12022-01-11 12:20:27.584root 11241100x80000000000000003910989Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ca25eba10320a7d2022-01-11 12:20:27.584root 11241100x80000000000000003910990Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c30f31464500c0852022-01-11 12:20:27.585root 11241100x80000000000000003910991Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66b4d41724dcfa142022-01-11 12:20:27.585root 11241100x80000000000000003910992Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69c7e424001d304c2022-01-11 12:20:27.585root 11241100x80000000000000003910993Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.984044da32cff2e62022-01-11 12:20:27.585root 11241100x80000000000000003910994Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d800f708def8e3ba2022-01-11 12:20:27.585root 11241100x80000000000000003910995Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.301bb4b1cb631f702022-01-11 12:20:27.585root 11241100x80000000000000003910996Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9129c6483ffc3bde2022-01-11 12:20:27.585root 11241100x80000000000000003910997Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1c9e02a16bf3a2d2022-01-11 12:20:27.586root 11241100x80000000000000003910998Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd502c282ae444422022-01-11 12:20:27.586root 11241100x80000000000000003910999Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8596038d14bb25a2022-01-11 12:20:27.586root 11241100x80000000000000003911000Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad27a38f37a613ff2022-01-11 12:20:27.586root 11241100x80000000000000003911001Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.237610e90843083d2022-01-11 12:20:27.586root 11241100x80000000000000003911002Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7843692d1c0fd5e32022-01-11 12:20:27.586root 23542300x80000000000000003911003Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.895{ec2d504d-f0f9-61db-30a8-2a40f5550000}5391root/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log--- 11241100x80000000000000003911004Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b416f10d84b513f72022-01-11 12:20:27.896root 11241100x80000000000000003911005Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.60494f5431e89f412022-01-11 12:20:27.896root 11241100x80000000000000003911006Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.71880ed6c3992c732022-01-11 12:20:27.896root 11241100x80000000000000003911007Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da274d7cc49509c02022-01-11 12:20:27.896root 11241100x80000000000000003911008Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1e554104c9e9c5b2022-01-11 12:20:27.896root 11241100x80000000000000003911009Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8fba732d5d68befc2022-01-11 12:20:27.897root 11241100x80000000000000003911010Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40ae04a22990799b2022-01-11 12:20:27.897root 11241100x80000000000000003911011Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0418dd6680264f032022-01-11 12:20:27.897root 11241100x80000000000000003911012Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0031b4fb9b404f5c2022-01-11 12:20:27.897root 11241100x80000000000000003911013Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.75a1679c7e3cf4c12022-01-11 12:20:27.897root 11241100x80000000000000003911014Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.213866cd67416e232022-01-11 12:20:27.898root 11241100x80000000000000003911015Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.367f217f3e0e9f682022-01-11 12:20:27.898root 11241100x80000000000000003911016Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.277bf78a6b2f06ba2022-01-11 12:20:27.898root 11241100x80000000000000003911017Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c7886cf4ee2b16b2022-01-11 12:20:27.898root 11241100x80000000000000003911018Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0422a097e72e7ce2022-01-11 12:20:27.898root 11241100x80000000000000003911019Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.899{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec1404db895d92322022-01-11 12:20:27.899root 11241100x80000000000000003911020Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.899{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3af9cb6c61c210092022-01-11 12:20:27.899root 11241100x80000000000000003911021Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.899{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c717819b657996c2022-01-11 12:20:27.899root 11241100x80000000000000003911022Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.900{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55eaa8609cbb512d2022-01-11 12:20:27.900root 11241100x80000000000000003911023Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.900{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7285badc912212332022-01-11 12:20:27.900root 11241100x80000000000000003911024Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.901{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3781d9e851ce80422022-01-11 12:20:27.901root 11241100x80000000000000003911025Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.901{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b5280a3b57e6f4df2022-01-11 12:20:27.901root 11241100x80000000000000003911026Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.901{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a6f813f9e054dd42022-01-11 12:20:27.901root 11241100x80000000000000003911027Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.901{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d7d68dcd4a06b402022-01-11 12:20:27.901root 11241100x80000000000000003911028Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.902{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f4129ca5b1f40012022-01-11 12:20:27.902root 11241100x80000000000000003911029Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.902{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.729187e296dd770f2022-01-11 12:20:27.902root 11241100x80000000000000003911030Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.903{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f48a62159d2c1c62022-01-11 12:20:27.903root 11241100x80000000000000003911031Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.903{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a453dd8e0fbab662022-01-11 12:20:27.903root 11241100x80000000000000003911032Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.903{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a79432cd63d5419c2022-01-11 12:20:27.903root 11241100x80000000000000003911033Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.903{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a4df093a964b0722022-01-11 12:20:27.903root 11241100x80000000000000003911034Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.904{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d8c58fb9f59ba752022-01-11 12:20:27.904root 11241100x80000000000000003911035Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:27.904{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18be0bdde5281bc42022-01-11 12:20:27.904root 11241100x80000000000000003911036Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.495a571b60d7357a2022-01-11 12:20:28.334root 11241100x80000000000000003911037Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f42e787749d3d2e2022-01-11 12:20:28.334root 11241100x80000000000000003911038Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b8c6386f05717d52022-01-11 12:20:28.334root 11241100x80000000000000003911039Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9be35bd2d4febfcc2022-01-11 12:20:28.334root 11241100x80000000000000003911040Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1c51e9e87f0db262022-01-11 12:20:28.334root 11241100x80000000000000003911041Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c66a6550eb674492022-01-11 12:20:28.334root 11241100x80000000000000003911042Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4480cd6a62713db92022-01-11 12:20:28.334root 11241100x80000000000000003911043Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f52e0219917113242022-01-11 12:20:28.334root 11241100x80000000000000003911044Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d32b3584ddda56c2022-01-11 12:20:28.335root 11241100x80000000000000003911045Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f55cafbf1a89c8ed2022-01-11 12:20:28.335root 11241100x80000000000000003911046Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9c29a727f2c94402022-01-11 12:20:28.335root 11241100x80000000000000003911047Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.199502af012554912022-01-11 12:20:28.335root 11241100x80000000000000003911048Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c35b04ea550be2f2022-01-11 12:20:28.335root 11241100x80000000000000003911049Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d1a51d363fad3cc2022-01-11 12:20:28.335root 11241100x80000000000000003911050Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.575f06b48e97df702022-01-11 12:20:28.336root 11241100x80000000000000003911051Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00886df2a99682a72022-01-11 12:20:28.336root 11241100x80000000000000003911052Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3ff65d67738a7362022-01-11 12:20:28.336root 11241100x80000000000000003911053Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.178a3a477aafd8c32022-01-11 12:20:28.336root 11241100x80000000000000003911054Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.653c505a0ca4fd652022-01-11 12:20:28.336root 11241100x80000000000000003911055Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10f22450589aeeb92022-01-11 12:20:28.336root 11241100x80000000000000003911056Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.610d65c3409018842022-01-11 12:20:28.336root 11241100x80000000000000003911057Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b7533a7a372475f2022-01-11 12:20:28.337root 11241100x80000000000000003911058Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9e58a59dbbb780c2022-01-11 12:20:28.337root 11241100x80000000000000003911059Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be8f3714da5bfa412022-01-11 12:20:28.337root 11241100x80000000000000003911060Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7cc89afac19406d2022-01-11 12:20:28.337root 11241100x80000000000000003911061Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.420653c11bc4e7e52022-01-11 12:20:28.337root 11241100x80000000000000003911062Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0740feaff5c93aae2022-01-11 12:20:28.337root 11241100x80000000000000003911063Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c37af735f1554f722022-01-11 12:20:28.337root 11241100x80000000000000003911064Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.470814356fc395e22022-01-11 12:20:28.833root 11241100x80000000000000003911065Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d0efb0c3c4794152022-01-11 12:20:28.833root 11241100x80000000000000003911066Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4cefc1ba551fdadb2022-01-11 12:20:28.833root 11241100x80000000000000003911067Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6753df577ffcd5f62022-01-11 12:20:28.833root 11241100x80000000000000003911068Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb22cd3b0bcb85fa2022-01-11 12:20:28.834root 11241100x80000000000000003911069Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d08f40a1dc019652022-01-11 12:20:28.834root 11241100x80000000000000003911070Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.838be93e0b99b2e62022-01-11 12:20:28.834root 11241100x80000000000000003911071Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e3bfdbf82f268602022-01-11 12:20:28.834root 11241100x80000000000000003911072Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cdb1e55216ca70672022-01-11 12:20:28.834root 11241100x80000000000000003911073Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e9c97a92f12d3782022-01-11 12:20:28.834root 11241100x80000000000000003911074Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e81e01ee4953a5612022-01-11 12:20:28.835root 11241100x80000000000000003911075Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.946b47511b2bde362022-01-11 12:20:28.835root 11241100x80000000000000003911076Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.24cd5862d5c5ade82022-01-11 12:20:28.835root 11241100x80000000000000003911077Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee5e3526dd3057a72022-01-11 12:20:28.835root 11241100x80000000000000003911078Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2a1938e02e4a5f62022-01-11 12:20:28.835root 11241100x80000000000000003911079Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b28508b787d0f522022-01-11 12:20:28.835root 11241100x80000000000000003911080Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2cd58c6b630e57f2022-01-11 12:20:28.835root 11241100x80000000000000003911081Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1787b95d91764ea2022-01-11 12:20:28.835root 11241100x80000000000000003911082Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81abba872d4a228e2022-01-11 12:20:28.835root 11241100x80000000000000003911083Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2b3d02c233b3a0d2022-01-11 12:20:28.836root 11241100x80000000000000003911084Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.897274bc2e781e6a2022-01-11 12:20:28.836root 11241100x80000000000000003911085Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6370b1253336d1902022-01-11 12:20:28.836root 11241100x80000000000000003911086Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d2e8a63e949fdc32022-01-11 12:20:28.836root 11241100x80000000000000003911087Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.287b6b5319b0d6142022-01-11 12:20:28.836root 11241100x80000000000000003911088Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.30a039b6a1efedc92022-01-11 12:20:28.836root 11241100x80000000000000003911089Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d96366fcb9cec3ca2022-01-11 12:20:28.837root 11241100x80000000000000003911090Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b522b99d0c2ed502022-01-11 12:20:28.837root 11241100x80000000000000003911091Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66be184dbf715fe32022-01-11 12:20:28.837root 11241100x80000000000000003911092Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b8abce5d7074ea32022-01-11 12:20:28.837root 11241100x80000000000000003911093Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:28.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc921296fbe30f642022-01-11 12:20:28.837root 11241100x80000000000000003911094Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0a74c3ebf67556e2022-01-11 12:20:29.334root 11241100x80000000000000003911095Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eabdb8c8e4b605f52022-01-11 12:20:29.334root 11241100x80000000000000003911096Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.643eb2c0de9e1d542022-01-11 12:20:29.334root 11241100x80000000000000003911097Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.108b2d4fdbe16aea2022-01-11 12:20:29.334root 11241100x80000000000000003911098Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21daf5dedf2e20692022-01-11 12:20:29.334root 11241100x80000000000000003911099Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b37e1ace5fb0df322022-01-11 12:20:29.334root 11241100x80000000000000003911100Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be3808a248660b9d2022-01-11 12:20:29.334root 11241100x80000000000000003911101Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02fe0c112178bc652022-01-11 12:20:29.335root 11241100x80000000000000003911102Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1479b520a6a1c122022-01-11 12:20:29.335root 11241100x80000000000000003911103Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b5e3904bf10e9c82022-01-11 12:20:29.335root 11241100x80000000000000003911104Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36827ed063fd17fb2022-01-11 12:20:29.335root 11241100x80000000000000003911105Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eac2dff7145fda652022-01-11 12:20:29.335root 11241100x80000000000000003911106Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6c47e72df7e474a2022-01-11 12:20:29.335root 11241100x80000000000000003911107Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.682b75001bc2c4592022-01-11 12:20:29.335root 11241100x80000000000000003911108Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2088773e1e53b6b2022-01-11 12:20:29.335root 11241100x80000000000000003911109Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.190a26b6868231f72022-01-11 12:20:29.335root 11241100x80000000000000003911110Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.afc5e833209fa3312022-01-11 12:20:29.335root 11241100x80000000000000003911111Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad9bb54ee4ed63db2022-01-11 12:20:29.335root 11241100x80000000000000003911112Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9e42267131595282022-01-11 12:20:29.336root 11241100x80000000000000003911113Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b7d42d5bddffb222022-01-11 12:20:29.336root 11241100x80000000000000003911114Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2309071378cc6112022-01-11 12:20:29.336root 11241100x80000000000000003911115Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1612be9578ddb452022-01-11 12:20:29.336root 11241100x80000000000000003911116Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0893b8b3c5b5f0692022-01-11 12:20:29.336root 11241100x80000000000000003911117Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1f74ffa5cb4a44c2022-01-11 12:20:29.336root 11241100x80000000000000003911118Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0d15ccc4acdd5252022-01-11 12:20:29.336root 11241100x80000000000000003911119Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.832f79e8d843cef22022-01-11 12:20:29.336root 11241100x80000000000000003911120Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbe08990ef31dcc22022-01-11 12:20:29.336root 11241100x80000000000000003911121Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.512a75b59e853a252022-01-11 12:20:29.834root 11241100x80000000000000003911122Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5175daa546bfd402022-01-11 12:20:29.834root 11241100x80000000000000003911123Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b8c21fe9522bd0e32022-01-11 12:20:29.834root 11241100x80000000000000003911124Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4727a0282f2900d42022-01-11 12:20:29.834root 11241100x80000000000000003911125Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1d8f54cb8307c5f2022-01-11 12:20:29.835root 11241100x80000000000000003911126Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e03c445609214002022-01-11 12:20:29.835root 11241100x80000000000000003911127Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7014266551d06c02022-01-11 12:20:29.835root 11241100x80000000000000003911128Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1bbf8d84f42f5b92022-01-11 12:20:29.835root 11241100x80000000000000003911129Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.531d6cfae24660832022-01-11 12:20:29.835root 11241100x80000000000000003911130Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8dad4281ffc14a6d2022-01-11 12:20:29.835root 11241100x80000000000000003911131Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.103da85c2108ef9d2022-01-11 12:20:29.836root 11241100x80000000000000003911132Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23924fc63a05e92b2022-01-11 12:20:29.836root 11241100x80000000000000003911133Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c6631f3c158a2b22022-01-11 12:20:29.836root 11241100x80000000000000003911134Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b48bcc3ec258e4c2022-01-11 12:20:29.836root 11241100x80000000000000003911135Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d47e06e9621e7d072022-01-11 12:20:29.836root 11241100x80000000000000003911136Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b99fe5c53935a99b2022-01-11 12:20:29.836root 11241100x80000000000000003911137Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b3c9aca334a18852022-01-11 12:20:29.836root 11241100x80000000000000003911138Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4fced50bbd0b289a2022-01-11 12:20:29.836root 11241100x80000000000000003911139Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2e541ce032ca6b52022-01-11 12:20:29.836root 11241100x80000000000000003911140Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d9d19c5960a63d842022-01-11 12:20:29.836root 11241100x80000000000000003911141Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4df5bc02bcd2984f2022-01-11 12:20:29.837root 11241100x80000000000000003911142Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.98b7053e96a04d542022-01-11 12:20:29.837root 11241100x80000000000000003911143Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e96462071dad9772022-01-11 12:20:29.837root 11241100x80000000000000003911144Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e63a85d89db9d252022-01-11 12:20:29.837root 11241100x80000000000000003911145Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea61c11bc41650ea2022-01-11 12:20:29.837root 11241100x80000000000000003911146Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3538a427ba409f392022-01-11 12:20:29.837root 11241100x80000000000000003911147Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:29.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d2acfe5c1c5c8182022-01-11 12:20:29.837root 11241100x80000000000000003911148Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9dd8c0c1a08e4aed2022-01-11 12:20:30.334root 11241100x80000000000000003911149Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f404c0ab9727b7a22022-01-11 12:20:30.334root 11241100x80000000000000003911150Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.92e67bf30ea36f852022-01-11 12:20:30.334root 11241100x80000000000000003911151Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e591736c1d6dabd42022-01-11 12:20:30.334root 11241100x80000000000000003911152Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb60669b3d5e6c5c2022-01-11 12:20:30.335root 11241100x80000000000000003911153Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20095f86285c495d2022-01-11 12:20:30.335root 11241100x80000000000000003911154Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.71febce901c30a4c2022-01-11 12:20:30.335root 11241100x80000000000000003911155Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.adecc5ff627910d22022-01-11 12:20:30.335root 11241100x80000000000000003911156Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf4fc393731146162022-01-11 12:20:30.335root 11241100x80000000000000003911157Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38a6bee3f9712e982022-01-11 12:20:30.337root 11241100x80000000000000003911158Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cff826bc3b2ec34c2022-01-11 12:20:30.337root 11241100x80000000000000003911159Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67b902a92be978142022-01-11 12:20:30.337root 11241100x80000000000000003911160Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d52e8e4ff8438dc2022-01-11 12:20:30.337root 11241100x80000000000000003911161Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f4acfb7c424fb8552022-01-11 12:20:30.337root 11241100x80000000000000003911162Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb68b7c51c0e124b2022-01-11 12:20:30.337root 11241100x80000000000000003911163Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.539626cbebd4f4922022-01-11 12:20:30.337root 11241100x80000000000000003911164Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80816de1d7f6af3f2022-01-11 12:20:30.338root 11241100x80000000000000003911165Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d0868658360cdc112022-01-11 12:20:30.338root 11241100x80000000000000003911166Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12b47c1f6ad0afdd2022-01-11 12:20:30.338root 11241100x80000000000000003911167Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e87e0ed936c37fbc2022-01-11 12:20:30.338root 11241100x80000000000000003911168Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5689f91acb5007f2022-01-11 12:20:30.338root 11241100x80000000000000003911169Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c556f0abf9dc6ea02022-01-11 12:20:30.338root 11241100x80000000000000003911170Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05406170cec755512022-01-11 12:20:30.338root 11241100x80000000000000003911171Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25dde461cf8425af2022-01-11 12:20:30.338root 11241100x80000000000000003911172Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1fc25a4c10b3f2632022-01-11 12:20:30.338root 11241100x80000000000000003911173Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb382e02ca53a2a72022-01-11 12:20:30.338root 11241100x80000000000000003911174Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.342{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91dd938b4580457c2022-01-11 12:20:30.342root 11241100x80000000000000003911175Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd89bb6731e1c6052022-01-11 12:20:30.834root 11241100x80000000000000003911176Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9f13a4bb2a8edb52022-01-11 12:20:30.834root 11241100x80000000000000003911177Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8072350a181c8132022-01-11 12:20:30.834root 11241100x80000000000000003911178Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.635826ce1a56b6692022-01-11 12:20:30.834root 11241100x80000000000000003911179Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da4dd59109edd87b2022-01-11 12:20:30.835root 11241100x80000000000000003911180Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0e7de02651da3672022-01-11 12:20:30.835root 11241100x80000000000000003911181Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.180ec1aee98a9dd62022-01-11 12:20:30.835root 11241100x80000000000000003911182Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b1d012b33d0c17c2022-01-11 12:20:30.835root 11241100x80000000000000003911183Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6ae5243dc95247e2022-01-11 12:20:30.836root 11241100x80000000000000003911184Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b471f60d80b39a52022-01-11 12:20:30.836root 11241100x80000000000000003911185Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b5cb7a4d1cadd472022-01-11 12:20:30.836root 11241100x80000000000000003911186Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8957d222e68a70ad2022-01-11 12:20:30.836root 11241100x80000000000000003911187Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fba7ddcfb1274a452022-01-11 12:20:30.836root 11241100x80000000000000003911188Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a28b90b774a76ea32022-01-11 12:20:30.836root 11241100x80000000000000003911189Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de750a195ae980702022-01-11 12:20:30.836root 11241100x80000000000000003911190Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.28e3a043781facd02022-01-11 12:20:30.836root 11241100x80000000000000003911191Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca11f1ca1e9c03272022-01-11 12:20:30.837root 11241100x80000000000000003911192Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e5567e38b6f0eba82022-01-11 12:20:30.837root 11241100x80000000000000003911193Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2528184ed0354b72022-01-11 12:20:30.837root 11241100x80000000000000003911194Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9bd8d9dfbfcb16bc2022-01-11 12:20:30.837root 11241100x80000000000000003911195Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d8491ecd7d7d63a2022-01-11 12:20:30.837root 11241100x80000000000000003911196Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.169d82c550726ee42022-01-11 12:20:30.837root 11241100x80000000000000003911197Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f9c0b39ac34abb322022-01-11 12:20:30.837root 11241100x80000000000000003911198Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b32cb1f32d2e42df2022-01-11 12:20:30.837root 11241100x80000000000000003911199Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6df9f986055acb442022-01-11 12:20:30.838root 11241100x80000000000000003911200Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9af013780119a7a72022-01-11 12:20:30.838root 11241100x80000000000000003911201Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:30.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f39f69ecb242fda32022-01-11 12:20:30.838root 11241100x80000000000000003911202Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2661a51ed0287062022-01-11 12:20:31.333root 11241100x80000000000000003911203Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe763cabdaaafe5a2022-01-11 12:20:31.333root 11241100x80000000000000003911204Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bca5e0659af147762022-01-11 12:20:31.334root 11241100x80000000000000003911205Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.674fdb1425c90e252022-01-11 12:20:31.334root 11241100x80000000000000003911206Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.98c85c556e3db9392022-01-11 12:20:31.334root 11241100x80000000000000003911207Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e00d00ef4c0b1f392022-01-11 12:20:31.334root 11241100x80000000000000003911208Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9920622738331a4b2022-01-11 12:20:31.334root 11241100x80000000000000003911209Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0f3b5e4459158cc2022-01-11 12:20:31.334root 11241100x80000000000000003911210Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15cce868c51840212022-01-11 12:20:31.334root 11241100x80000000000000003911211Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca2a67ec58d32f4f2022-01-11 12:20:31.334root 11241100x80000000000000003911212Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d171d6d73d16d412022-01-11 12:20:31.334root 11241100x80000000000000003911213Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8081215e2ec483e92022-01-11 12:20:31.334root 11241100x80000000000000003911214Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5cfbc6f3685108912022-01-11 12:20:31.334root 11241100x80000000000000003911215Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7542e19a030a3b62022-01-11 12:20:31.335root 11241100x80000000000000003911216Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3164593d609c9382022-01-11 12:20:31.335root 11241100x80000000000000003911217Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d92a41567a7440762022-01-11 12:20:31.335root 11241100x80000000000000003911218Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3f75f638232aff82022-01-11 12:20:31.335root 11241100x80000000000000003911219Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17db0fc48f7b92552022-01-11 12:20:31.335root 11241100x80000000000000003911220Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86eb610e7722ac5b2022-01-11 12:20:31.335root 11241100x80000000000000003911221Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c83f1a4208f3e042022-01-11 12:20:31.335root 11241100x80000000000000003911222Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e7ede22b3d316e32022-01-11 12:20:31.335root 11241100x80000000000000003911223Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c42692a948500e22022-01-11 12:20:31.335root 11241100x80000000000000003911224Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e73efd4e683f6a422022-01-11 12:20:31.335root 11241100x80000000000000003911225Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2abb9ee63ec287382022-01-11 12:20:31.336root 11241100x80000000000000003911226Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a56007aa40365572022-01-11 12:20:31.336root 11241100x80000000000000003911227Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.98c432d51abedff62022-01-11 12:20:31.336root 11241100x80000000000000003911228Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2197d34567ff23b62022-01-11 12:20:31.336root 11241100x80000000000000003911229Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d3d5a39b6f5b1592022-01-11 12:20:31.336root 11241100x80000000000000003911230Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.831db5d283b15d282022-01-11 12:20:31.336root 11241100x80000000000000003911231Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a13e694e69a57c82022-01-11 12:20:31.834root 11241100x80000000000000003911232Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c49905ec66036b02022-01-11 12:20:31.834root 11241100x80000000000000003911233Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b13773ecfe501082022-01-11 12:20:31.834root 11241100x80000000000000003911234Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c3ccfe2fbc7a54b2022-01-11 12:20:31.834root 11241100x80000000000000003911235Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8e3babea7e5dd9c2022-01-11 12:20:31.834root 11241100x80000000000000003911236Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ced5504d1bc1d7342022-01-11 12:20:31.834root 11241100x80000000000000003911237Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4340714bafdea4e2022-01-11 12:20:31.834root 11241100x80000000000000003911238Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d88e2b3d95818e22022-01-11 12:20:31.834root 11241100x80000000000000003911239Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.add0e5f9e2a160c22022-01-11 12:20:31.834root 11241100x80000000000000003911240Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d5b350a54c11db92022-01-11 12:20:31.834root 11241100x80000000000000003911241Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d82c124a2345a0c2022-01-11 12:20:31.835root 11241100x80000000000000003911242Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b580d4fdce671b562022-01-11 12:20:31.835root 11241100x80000000000000003911243Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f81ff2ad9e25d0e42022-01-11 12:20:31.835root 11241100x80000000000000003911244Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.858375930190e9a62022-01-11 12:20:31.835root 11241100x80000000000000003911245Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a77db7463b337f1c2022-01-11 12:20:31.835root 11241100x80000000000000003911246Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a25efc72020ba5172022-01-11 12:20:31.835root 11241100x80000000000000003911247Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d99eeb3011da7dc22022-01-11 12:20:31.835root 11241100x80000000000000003911248Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.98ebd1949da649102022-01-11 12:20:31.835root 11241100x80000000000000003911249Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aece9b3db60c90ae2022-01-11 12:20:31.835root 11241100x80000000000000003911250Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f245e3e4daf88b6f2022-01-11 12:20:31.836root 11241100x80000000000000003911251Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb8fcbe4c3925d042022-01-11 12:20:31.836root 11241100x80000000000000003911252Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.28b0393ae54ba96d2022-01-11 12:20:31.836root 11241100x80000000000000003911253Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b03c56e0aed90fd42022-01-11 12:20:31.836root 11241100x80000000000000003911254Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ffeffa5d15774d42022-01-11 12:20:31.838root 11241100x80000000000000003911255Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd32b0dc561cf2bc2022-01-11 12:20:31.838root 11241100x80000000000000003911256Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5bf57f16de728ae72022-01-11 12:20:31.838root 11241100x80000000000000003911257Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16d7561a44cdf5662022-01-11 12:20:31.838root 11241100x80000000000000003911258Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:31.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61bba0c4d2f4e1602022-01-11 12:20:31.838root 11241100x80000000000000003911259Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f9156cd0d5fd62992022-01-11 12:20:32.334root 11241100x80000000000000003911260Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d144d79f293a370a2022-01-11 12:20:32.334root 11241100x80000000000000003911261Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bfa81003fe31fbb42022-01-11 12:20:32.334root 11241100x80000000000000003911262Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a42e3785561145312022-01-11 12:20:32.334root 11241100x80000000000000003911263Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4e63b009c5b4a862022-01-11 12:20:32.334root 11241100x80000000000000003911264Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.75f61bec235205972022-01-11 12:20:32.334root 11241100x80000000000000003911265Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed61e45b5414195c2022-01-11 12:20:32.334root 11241100x80000000000000003911266Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d492e60822eb54242022-01-11 12:20:32.335root 11241100x80000000000000003911267Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff73a370e9dff95a2022-01-11 12:20:32.335root 11241100x80000000000000003911268Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.141495fa688e75e12022-01-11 12:20:32.335root 11241100x80000000000000003911269Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21e70f7af725b73c2022-01-11 12:20:32.335root 11241100x80000000000000003911270Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1bfefaf95d99da2b2022-01-11 12:20:32.335root 11241100x80000000000000003911271Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ad02b0bd5d961da2022-01-11 12:20:32.335root 11241100x80000000000000003911272Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5983d6b53c5d2612022-01-11 12:20:32.335root 11241100x80000000000000003911273Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e784ee3dbdb94cd32022-01-11 12:20:32.335root 11241100x80000000000000003911274Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a8502b97d5713c42022-01-11 12:20:32.335root 11241100x80000000000000003911275Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.661b9cc35d80da542022-01-11 12:20:32.335root 11241100x80000000000000003911276Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be0e12af5fb3e5da2022-01-11 12:20:32.335root 11241100x80000000000000003911277Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c0e94670dc769822022-01-11 12:20:32.335root 11241100x80000000000000003911278Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01cccb9364ef6c742022-01-11 12:20:32.335root 11241100x80000000000000003911279Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7b5e4dd9d610ce72022-01-11 12:20:32.335root 11241100x80000000000000003911280Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38f1bb0bee1786472022-01-11 12:20:32.336root 11241100x80000000000000003911281Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6dfa21ada5a691782022-01-11 12:20:32.336root 11241100x80000000000000003911282Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89a4e003506995b22022-01-11 12:20:32.336root 11241100x80000000000000003911283Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e320313e01e6f14e2022-01-11 12:20:32.336root 11241100x80000000000000003911284Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84a465585906ff2b2022-01-11 12:20:32.336root 11241100x80000000000000003911285Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33b4a21ee1c899d22022-01-11 12:20:32.336root 11241100x80000000000000003911286Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2cca9ba99b50722c2022-01-11 12:20:32.834root 11241100x80000000000000003911287Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ac069b7e9bc50272022-01-11 12:20:32.834root 11241100x80000000000000003911288Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7728a3e316bf8c6a2022-01-11 12:20:32.834root 11241100x80000000000000003911289Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6585c543b5fdde3c2022-01-11 12:20:32.834root 11241100x80000000000000003911290Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7228dc8a21618922022-01-11 12:20:32.834root 11241100x80000000000000003911291Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f77dfd19623791f2022-01-11 12:20:32.834root 11241100x80000000000000003911292Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41ac41cce1eaed2c2022-01-11 12:20:32.834root 11241100x80000000000000003911293Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3371b95a5d231f312022-01-11 12:20:32.834root 11241100x80000000000000003911294Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8cdb7efad0bb12c82022-01-11 12:20:32.834root 11241100x80000000000000003911295Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65bdfb784f5b05462022-01-11 12:20:32.834root 11241100x80000000000000003911296Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ef080ed1acaacf62022-01-11 12:20:32.835root 11241100x80000000000000003911297Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.adc2d5f8a6a5f2fa2022-01-11 12:20:32.835root 11241100x80000000000000003911298Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb51d1b28ebfab402022-01-11 12:20:32.835root 11241100x80000000000000003911299Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63e54903ae01fd102022-01-11 12:20:32.835root 11241100x80000000000000003911300Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54a649f77b13f4b02022-01-11 12:20:32.835root 11241100x80000000000000003911301Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21fad594b897bfa12022-01-11 12:20:32.835root 11241100x80000000000000003911302Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb59e0ad9782a7a02022-01-11 12:20:32.835root 11241100x80000000000000003911303Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a217474cc2d068d2022-01-11 12:20:32.835root 11241100x80000000000000003911304Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83bde2ddd824c7582022-01-11 12:20:32.835root 11241100x80000000000000003911305Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d62ffdf84fbb2932022-01-11 12:20:32.835root 11241100x80000000000000003911306Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.795b889939ea09b62022-01-11 12:20:32.835root 11241100x80000000000000003911307Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.92aa496273eda57a2022-01-11 12:20:32.835root 11241100x80000000000000003911308Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1386be75577b3c882022-01-11 12:20:32.836root 11241100x80000000000000003911309Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06fe496298d9796c2022-01-11 12:20:32.836root 11241100x80000000000000003911310Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e89f842d7cea72b82022-01-11 12:20:32.836root 11241100x80000000000000003911311Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7598acffbe296c012022-01-11 12:20:32.836root 11241100x80000000000000003911312Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42da425c535674902022-01-11 12:20:32.836root 11241100x80000000000000003911313Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:32.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.feb604d4f3d23e822022-01-11 12:20:32.836root 354300x80000000000000003911314Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.014{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56298-false10.0.1.12-8000- 11241100x80000000000000003911315Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab72b087c75fcf232022-01-11 12:20:33.334root 11241100x80000000000000003911316Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fc4e3da868ff2f52022-01-11 12:20:33.334root 11241100x80000000000000003911317Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aee92c4235fbc9802022-01-11 12:20:33.334root 11241100x80000000000000003911318Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f676c8fd73edc1842022-01-11 12:20:33.334root 11241100x80000000000000003911319Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.70dae119e49465d02022-01-11 12:20:33.334root 11241100x80000000000000003911320Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.229ecd2b245604912022-01-11 12:20:33.334root 11241100x80000000000000003911321Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1f8491696cabbb52022-01-11 12:20:33.334root 11241100x80000000000000003911322Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0497885278422d12022-01-11 12:20:33.334root 11241100x80000000000000003911323Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8666261f1fb96af2022-01-11 12:20:33.334root 11241100x80000000000000003911324Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6451bff710be09ec2022-01-11 12:20:33.335root 11241100x80000000000000003911325Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d632a77b99effb352022-01-11 12:20:33.335root 11241100x80000000000000003911326Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50f0996cce3ae8ce2022-01-11 12:20:33.335root 11241100x80000000000000003911327Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ceecab8ba5d0d802022-01-11 12:20:33.335root 11241100x80000000000000003911328Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90945b0b308361182022-01-11 12:20:33.335root 11241100x80000000000000003911329Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9625f1512e25ce372022-01-11 12:20:33.335root 11241100x80000000000000003911330Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.728884b8f60d39f62022-01-11 12:20:33.335root 11241100x80000000000000003911331Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1edb23e66b283e462022-01-11 12:20:33.335root 11241100x80000000000000003911332Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80ae84a7a848db502022-01-11 12:20:33.335root 11241100x80000000000000003911333Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0fef6a2a58079bbc2022-01-11 12:20:33.335root 11241100x80000000000000003911334Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.566b09e5cb8b6b232022-01-11 12:20:33.335root 11241100x80000000000000003911335Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9dda1e62f1953abe2022-01-11 12:20:33.335root 11241100x80000000000000003911336Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6dc621015df5be572022-01-11 12:20:33.335root 11241100x80000000000000003911337Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b8ce825c14e5fa302022-01-11 12:20:33.335root 11241100x80000000000000003911338Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6987a8c1e40b7f0b2022-01-11 12:20:33.336root 11241100x80000000000000003911339Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.abba565f660f0f752022-01-11 12:20:33.336root 11241100x80000000000000003911340Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e7bcf57ff4652972022-01-11 12:20:33.336root 11241100x80000000000000003911341Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ca6a9b9d9058d942022-01-11 12:20:33.336root 11241100x80000000000000003911342Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f6d00dbf81413b72022-01-11 12:20:33.336root 11241100x80000000000000003911343Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7498815eca3317132022-01-11 12:20:33.336root 11241100x80000000000000003911344Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8acfb2b0b15e342f2022-01-11 12:20:33.336root 11241100x80000000000000003911345Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e03b5bd6340f16512022-01-11 12:20:33.336root 11241100x80000000000000003911346Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3d6fd592e8e55d52022-01-11 12:20:33.337root 11241100x80000000000000003911347Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a9649d27ae0104a2022-01-11 12:20:33.834root 11241100x80000000000000003911348Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15166ea37d9deec22022-01-11 12:20:33.834root 11241100x80000000000000003911349Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a632ef0a5b644dea2022-01-11 12:20:33.834root 11241100x80000000000000003911350Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b201dd430318bdf2022-01-11 12:20:33.834root 11241100x80000000000000003911351Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65ee4f4275246c9f2022-01-11 12:20:33.835root 11241100x80000000000000003911352Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b761eacb7be0e33f2022-01-11 12:20:33.835root 11241100x80000000000000003911353Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c7068c5fc352b5b2022-01-11 12:20:33.835root 11241100x80000000000000003911354Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f82c3ef1984516512022-01-11 12:20:33.835root 11241100x80000000000000003911355Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.24ecf79fc2b8c63c2022-01-11 12:20:33.835root 11241100x80000000000000003911356Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd820cc5a0f9ac812022-01-11 12:20:33.835root 11241100x80000000000000003911357Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17de2d99322a3b782022-01-11 12:20:33.835root 11241100x80000000000000003911358Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.45c6edc61e8801862022-01-11 12:20:33.835root 11241100x80000000000000003911359Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ffa176b907e62e6d2022-01-11 12:20:33.835root 11241100x80000000000000003911360Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.07ecc656c285f1502022-01-11 12:20:33.836root 11241100x80000000000000003911361Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.85dd8af7a37b7ba72022-01-11 12:20:33.836root 11241100x80000000000000003911362Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.99d10f6dddb6f3282022-01-11 12:20:33.836root 11241100x80000000000000003911363Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec1ef12fc44e5c472022-01-11 12:20:33.836root 11241100x80000000000000003911364Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2708ef8f0c681072022-01-11 12:20:33.836root 11241100x80000000000000003911365Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43ddb1bc71c0e9952022-01-11 12:20:33.836root 11241100x80000000000000003911366Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b71360be5d2868282022-01-11 12:20:33.836root 11241100x80000000000000003911367Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5bbfc7ee9c1266982022-01-11 12:20:33.836root 11241100x80000000000000003911368Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a764836ba7b155742022-01-11 12:20:33.836root 11241100x80000000000000003911369Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.641b1c554b2f9c9b2022-01-11 12:20:33.837root 11241100x80000000000000003911370Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d337533d0009dbf2022-01-11 12:20:33.837root 11241100x80000000000000003911371Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce160ea6fda3b7022022-01-11 12:20:33.837root 11241100x80000000000000003911372Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac3b9cb59f8c99c92022-01-11 12:20:33.837root 11241100x80000000000000003911373Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d951ace8c88b39d52022-01-11 12:20:33.837root 11241100x80000000000000003911374Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:33.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3153a9e7b2d334762022-01-11 12:20:33.837root 11241100x80000000000000003911375Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.afa200d04feae4f62022-01-11 12:20:34.333root 11241100x80000000000000003911376Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56b64ad7eabeafcd2022-01-11 12:20:34.334root 11241100x80000000000000003911377Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6311b4aa6fed56e2022-01-11 12:20:34.334root 11241100x80000000000000003911378Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e44ecf80192235742022-01-11 12:20:34.334root 11241100x80000000000000003911379Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36be32509794e2d12022-01-11 12:20:34.334root 11241100x80000000000000003911380Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6beea00d64cfd8362022-01-11 12:20:34.334root 11241100x80000000000000003911381Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02815bea82e9cc922022-01-11 12:20:34.335root 11241100x80000000000000003911382Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66cd78b5ae2880882022-01-11 12:20:34.335root 11241100x80000000000000003911383Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3717cdb5f44082f32022-01-11 12:20:34.335root 11241100x80000000000000003911384Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b96111eac5754c82022-01-11 12:20:34.335root 11241100x80000000000000003911385Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ae600658533b5b72022-01-11 12:20:34.335root 11241100x80000000000000003911386Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6088bd7fa3a5ecf72022-01-11 12:20:34.336root 11241100x80000000000000003911387Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97a577686aff5ed92022-01-11 12:20:34.336root 11241100x80000000000000003911388Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bad8a9dd313b696a2022-01-11 12:20:34.336root 11241100x80000000000000003911389Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d44b684fd491e0a2022-01-11 12:20:34.336root 11241100x80000000000000003911390Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d411004fb27f0b5b2022-01-11 12:20:34.336root 11241100x80000000000000003911391Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ddb5eafdea4534f12022-01-11 12:20:34.336root 11241100x80000000000000003911392Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a1edab4507095e62022-01-11 12:20:34.336root 11241100x80000000000000003911393Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72542ebb8af3ae7d2022-01-11 12:20:34.336root 11241100x80000000000000003911394Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.666029540b9463272022-01-11 12:20:34.336root 11241100x80000000000000003911395Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e14b7e9aec954c92022-01-11 12:20:34.336root 11241100x80000000000000003911396Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8727a00e54d4f65c2022-01-11 12:20:34.336root 11241100x80000000000000003911397Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02d06ed41085e18f2022-01-11 12:20:34.336root 11241100x80000000000000003911398Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.acc720bc7d9179ba2022-01-11 12:20:34.336root 11241100x80000000000000003911399Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f307f03375bde41d2022-01-11 12:20:34.337root 11241100x80000000000000003911400Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.410f5307b3df9eb42022-01-11 12:20:34.337root 11241100x80000000000000003911401Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d45870729c5dada2022-01-11 12:20:34.337root 11241100x80000000000000003911402Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f67e3bbe5824e0d2022-01-11 12:20:34.337root 11241100x80000000000000003911403Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6b473f2e3d022742022-01-11 12:20:34.337root 11241100x80000000000000003911404Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68a150d41558562c2022-01-11 12:20:34.337root 11241100x80000000000000003911405Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49500e971872f1ab2022-01-11 12:20:34.337root 11241100x80000000000000003911406Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c619a63abab65522022-01-11 12:20:34.337root 11241100x80000000000000003911407Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de890c38770910712022-01-11 12:20:34.834root 11241100x80000000000000003911408Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd92027bf5e744542022-01-11 12:20:34.834root 11241100x80000000000000003911409Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce05e69c9b36f4062022-01-11 12:20:34.835root 11241100x80000000000000003911410Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3dfeb03f6798b6df2022-01-11 12:20:34.835root 11241100x80000000000000003911411Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f331b2ea721eb2c52022-01-11 12:20:34.835root 11241100x80000000000000003911412Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1eff7fa75a8f6fd2022-01-11 12:20:34.835root 11241100x80000000000000003911413Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e28b3c68f872671f2022-01-11 12:20:34.835root 11241100x80000000000000003911414Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a75147f62e87b132022-01-11 12:20:34.835root 11241100x80000000000000003911415Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.60b53e7ae41f0f292022-01-11 12:20:34.835root 11241100x80000000000000003911416Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.94567ef30297121a2022-01-11 12:20:34.835root 11241100x80000000000000003911417Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8dd2275ec0034742022-01-11 12:20:34.835root 11241100x80000000000000003911418Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d18202e00d2070a2022-01-11 12:20:34.835root 11241100x80000000000000003911419Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7b606de6f16c2462022-01-11 12:20:34.836root 11241100x80000000000000003911420Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62654a1cfe1a72182022-01-11 12:20:34.836root 11241100x80000000000000003911421Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b625b63893d334d2022-01-11 12:20:34.836root 11241100x80000000000000003911422Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a8ff4bcc6e084e82022-01-11 12:20:34.836root 11241100x80000000000000003911423Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6188f9933baf75fc2022-01-11 12:20:34.836root 11241100x80000000000000003911424Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.523dba2253c708372022-01-11 12:20:34.836root 11241100x80000000000000003911425Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.577b737790acb3442022-01-11 12:20:34.836root 11241100x80000000000000003911426Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.13c2f016c8bf09a32022-01-11 12:20:34.836root 11241100x80000000000000003911427Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ef1b0bf4899e9912022-01-11 12:20:34.836root 11241100x80000000000000003911428Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ead9422f56e8904f2022-01-11 12:20:34.836root 11241100x80000000000000003911429Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22918c3093bf49e12022-01-11 12:20:34.836root 11241100x80000000000000003911430Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86ebc7f4c1f1e13c2022-01-11 12:20:34.837root 11241100x80000000000000003911431Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a988a5799c206bca2022-01-11 12:20:34.837root 11241100x80000000000000003911432Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe71890f2e61bd242022-01-11 12:20:34.837root 11241100x80000000000000003911433Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.351ff5dec367fd482022-01-11 12:20:34.837root 11241100x80000000000000003911434Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:34.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.99e859397bd3c0912022-01-11 12:20:34.837root 11241100x80000000000000003911435Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae7dbf38483c2de42022-01-11 12:20:35.334root 11241100x80000000000000003911436Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1e2712c1480395652022-01-11 12:20:35.334root 11241100x80000000000000003911437Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d3bd4a0b3d0e5082022-01-11 12:20:35.334root 11241100x80000000000000003911438Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9faef638efa5ba9d2022-01-11 12:20:35.334root 11241100x80000000000000003911439Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.99a1733f852e44ef2022-01-11 12:20:35.334root 11241100x80000000000000003911440Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2745d26db2aa3f532022-01-11 12:20:35.334root 11241100x80000000000000003911441Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0c00417cd76cde82022-01-11 12:20:35.334root 11241100x80000000000000003911442Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d271351d0c5fd4b42022-01-11 12:20:35.334root 11241100x80000000000000003911443Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ac16559ba1b134f2022-01-11 12:20:35.334root 11241100x80000000000000003911444Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b69364f53387dcc62022-01-11 12:20:35.334root 11241100x80000000000000003911445Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.101df6e5d10c99862022-01-11 12:20:35.334root 11241100x80000000000000003911446Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2fdb2fe86b00cc7c2022-01-11 12:20:35.334root 11241100x80000000000000003911447Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6b0105f1ba1ac062022-01-11 12:20:35.335root 11241100x80000000000000003911448Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09b63d2b0e8b57c72022-01-11 12:20:35.335root 11241100x80000000000000003911449Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c1707c9287ec6772022-01-11 12:20:35.335root 11241100x80000000000000003911450Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c9598757342c4612022-01-11 12:20:35.335root 11241100x80000000000000003911451Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1bf51bb952233b5c2022-01-11 12:20:35.335root 11241100x80000000000000003911452Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.03e5745ec74f88ce2022-01-11 12:20:35.335root 11241100x80000000000000003911453Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f589432f1fa08512022-01-11 12:20:35.335root 11241100x80000000000000003911454Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0c41a607a9b26c62022-01-11 12:20:35.335root 11241100x80000000000000003911455Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dcf80bccbca6bb2f2022-01-11 12:20:35.335root 11241100x80000000000000003911456Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6d522e20daa28b02022-01-11 12:20:35.335root 11241100x80000000000000003911457Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee5ab816614f51fe2022-01-11 12:20:35.335root 11241100x80000000000000003911458Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ba19769677fc1642022-01-11 12:20:35.336root 11241100x80000000000000003911459Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68783eb537cab12e2022-01-11 12:20:35.336root 11241100x80000000000000003911460Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ca5c1cacb441df12022-01-11 12:20:35.336root 11241100x80000000000000003911461Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.258e60ec75b9ca022022-01-11 12:20:35.336root 11241100x80000000000000003911462Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.905f6561e18475862022-01-11 12:20:35.336root 11241100x80000000000000003911463Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c4f0ad30cb1c3c6b2022-01-11 12:20:35.833root 11241100x80000000000000003911464Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0c91a3f1bcf06342022-01-11 12:20:35.833root 11241100x80000000000000003911465Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81328bbef4afc6342022-01-11 12:20:35.833root 11241100x80000000000000003911466Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b8e05d26572d06642022-01-11 12:20:35.833root 11241100x80000000000000003911467Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0e5fb2f3dfe14802022-01-11 12:20:35.834root 11241100x80000000000000003911468Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.490acec89c121a662022-01-11 12:20:35.834root 11241100x80000000000000003911469Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c432db6e6d0439702022-01-11 12:20:35.834root 11241100x80000000000000003911470Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2ec4795dcfffdbd2022-01-11 12:20:35.834root 11241100x80000000000000003911471Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc922974a89a52522022-01-11 12:20:35.834root 11241100x80000000000000003911472Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b661653afaaeefb42022-01-11 12:20:35.834root 11241100x80000000000000003911473Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.859b7aeadc458ae22022-01-11 12:20:35.834root 11241100x80000000000000003911474Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9cf5539f223d90492022-01-11 12:20:35.835root 11241100x80000000000000003911475Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c01f4128e0aa6982022-01-11 12:20:35.835root 11241100x80000000000000003911476Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.687205770367113d2022-01-11 12:20:35.835root 11241100x80000000000000003911477Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c05e934e40ecd8ca2022-01-11 12:20:35.835root 11241100x80000000000000003911478Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb6433609be2eb8f2022-01-11 12:20:35.835root 11241100x80000000000000003911479Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f8a0acdfa9385062022-01-11 12:20:35.835root 11241100x80000000000000003911480Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.58282fc89842afd42022-01-11 12:20:35.835root 11241100x80000000000000003911481Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c051049557d32b872022-01-11 12:20:35.835root 11241100x80000000000000003911482Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4d9bcf0c24be93e82022-01-11 12:20:35.836root 11241100x80000000000000003911483Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.299ae00564feb5cb2022-01-11 12:20:35.836root 11241100x80000000000000003911484Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5df01c6d08ee80522022-01-11 12:20:35.836root 11241100x80000000000000003911485Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be1aad9e51103bc42022-01-11 12:20:35.836root 11241100x80000000000000003911486Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68a5e3729ecfa7b92022-01-11 12:20:35.836root 11241100x80000000000000003911487Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.404e0876fcd334952022-01-11 12:20:35.836root 11241100x80000000000000003911488Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e5232b353b1af2f2022-01-11 12:20:35.836root 11241100x80000000000000003911489Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.157ccf42fb0fe9732022-01-11 12:20:35.836root 11241100x80000000000000003911490Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.071c6f8a4749c7032022-01-11 12:20:35.836root 11241100x80000000000000003911491Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7cdc8644131982f2022-01-11 12:20:35.837root 11241100x80000000000000003911492Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49a77caf63de306d2022-01-11 12:20:35.837root 11241100x80000000000000003911493Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4502f1add1831e622022-01-11 12:20:35.837root 11241100x80000000000000003911494Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:35.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.059bec48ce6fa6002022-01-11 12:20:35.837root 11241100x80000000000000003911495Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46449fb3b0ce43cc2022-01-11 12:20:36.333root 11241100x80000000000000003911496Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21a44c93d58c71f72022-01-11 12:20:36.334root 11241100x80000000000000003911497Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.94018195e5a1ac2a2022-01-11 12:20:36.334root 11241100x80000000000000003911498Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8df87aad18ebe8a52022-01-11 12:20:36.334root 11241100x80000000000000003911499Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90e37a1c340ff59b2022-01-11 12:20:36.334root 11241100x80000000000000003911500Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4e79875622606082022-01-11 12:20:36.335root 11241100x80000000000000003911501Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1287fe2c9affedea2022-01-11 12:20:36.335root 11241100x80000000000000003911502Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.92432763eab3431d2022-01-11 12:20:36.335root 11241100x80000000000000003911503Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc72453a312c458e2022-01-11 12:20:36.335root 11241100x80000000000000003911504Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea537978272479952022-01-11 12:20:36.335root 11241100x80000000000000003911505Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7a6e446a100eca82022-01-11 12:20:36.335root 11241100x80000000000000003911506Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bfd8e9e4d3c43ee52022-01-11 12:20:36.336root 11241100x80000000000000003911507Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f7c641dd0d0479db2022-01-11 12:20:36.336root 11241100x80000000000000003911508Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7e176dcfd7edff62022-01-11 12:20:36.336root 11241100x80000000000000003911509Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b8270814dd9bdee22022-01-11 12:20:36.336root 11241100x80000000000000003911510Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9c7b74d0c4c5a1c2022-01-11 12:20:36.336root 11241100x80000000000000003911511Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.968113b27616b8282022-01-11 12:20:36.336root 11241100x80000000000000003911512Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4f5ac40b22432822022-01-11 12:20:36.337root 11241100x80000000000000003911513Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7f480a5a4cfa4402022-01-11 12:20:36.337root 11241100x80000000000000003911514Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad3e2507b3ec7eb72022-01-11 12:20:36.337root 11241100x80000000000000003911515Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1c52cd27e58d2512022-01-11 12:20:36.337root 11241100x80000000000000003911516Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5127224f70ba9d702022-01-11 12:20:36.337root 11241100x80000000000000003911517Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c06ec0df52a9212d2022-01-11 12:20:36.338root 11241100x80000000000000003911518Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2de0ab3d6ca31db22022-01-11 12:20:36.338root 11241100x80000000000000003911519Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d75d96f5beeb26772022-01-11 12:20:36.338root 11241100x80000000000000003911520Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7cffac5373b20e12022-01-11 12:20:36.338root 11241100x80000000000000003911521Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa342c53077459ac2022-01-11 12:20:36.338root 11241100x80000000000000003911522Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.289bf81c3c87b6d92022-01-11 12:20:36.339root 11241100x80000000000000003911523Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9cf4a6afaf925e152022-01-11 12:20:36.340root 11241100x80000000000000003911524Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4cbef44df0ba5b3a2022-01-11 12:20:36.340root 11241100x80000000000000003911525Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0681183eb451fa092022-01-11 12:20:36.834root 11241100x80000000000000003911526Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5daf672e9ca65bb82022-01-11 12:20:36.834root 11241100x80000000000000003911527Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5cc5d3fcb8004b2e2022-01-11 12:20:36.835root 11241100x80000000000000003911528Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.59d90d6338c559ec2022-01-11 12:20:36.835root 11241100x80000000000000003911529Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1375e51669c9937a2022-01-11 12:20:36.835root 11241100x80000000000000003911530Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a39bfe089648604f2022-01-11 12:20:36.835root 11241100x80000000000000003911531Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1dd023960b6f8d32022-01-11 12:20:36.835root 11241100x80000000000000003911532Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.27c67d69af2ccca02022-01-11 12:20:36.836root 11241100x80000000000000003911533Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f861f1090fb45bd02022-01-11 12:20:36.836root 11241100x80000000000000003911534Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d0392628aee673052022-01-11 12:20:36.836root 11241100x80000000000000003911535Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e6da09a88c30d6a2022-01-11 12:20:36.836root 11241100x80000000000000003911536Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95bb0f7ef93f06ae2022-01-11 12:20:36.836root 11241100x80000000000000003911537Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b30937d52047b58f2022-01-11 12:20:36.836root 11241100x80000000000000003911538Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d573f238ab4a4fa2022-01-11 12:20:36.837root 11241100x80000000000000003911539Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0afb85933d1cafed2022-01-11 12:20:36.837root 11241100x80000000000000003911540Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c9b586c5b6e9d372022-01-11 12:20:36.837root 11241100x80000000000000003911541Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.891c3618fdc05d7d2022-01-11 12:20:36.837root 11241100x80000000000000003911542Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d334e052e29c2f12022-01-11 12:20:36.837root 11241100x80000000000000003911543Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40b62af2bf9eb5ad2022-01-11 12:20:36.838root 11241100x80000000000000003911544Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9796b15e64a2d39c2022-01-11 12:20:36.838root 11241100x80000000000000003911545Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76914241ab8a600d2022-01-11 12:20:36.838root 11241100x80000000000000003911546Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd80e8547b1a02d32022-01-11 12:20:36.838root 11241100x80000000000000003911547Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9b33b41fac822422022-01-11 12:20:36.838root 11241100x80000000000000003911548Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6866b91c8c096d52022-01-11 12:20:36.838root 11241100x80000000000000003911549Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8503ca4d359733172022-01-11 12:20:36.839root 11241100x80000000000000003911550Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b9e0a59888216b12022-01-11 12:20:36.839root 11241100x80000000000000003911551Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ab2473d02a6e6ab2022-01-11 12:20:36.839root 11241100x80000000000000003911552Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:36.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2f2f6f06b05be9f2022-01-11 12:20:36.839root 11241100x80000000000000003911553Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c69e6772f31dfbe2022-01-11 12:20:37.334root 11241100x80000000000000003911554Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cae3005d6c320e442022-01-11 12:20:37.334root 11241100x80000000000000003911555Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f7307bafcb3a19412022-01-11 12:20:37.334root 11241100x80000000000000003911556Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9cccfbb17cd0efb62022-01-11 12:20:37.334root 11241100x80000000000000003911557Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15660a59405311332022-01-11 12:20:37.334root 11241100x80000000000000003911558Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48ea2fac3e51e9722022-01-11 12:20:37.334root 11241100x80000000000000003911559Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b3789a230a9d89a2022-01-11 12:20:37.334root 11241100x80000000000000003911560Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa06b2238a58cafc2022-01-11 12:20:37.335root 11241100x80000000000000003911561Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac627fdab98d4b1a2022-01-11 12:20:37.335root 11241100x80000000000000003911562Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4089282a758cf5352022-01-11 12:20:37.335root 11241100x80000000000000003911563Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5bce8853adb9f12c2022-01-11 12:20:37.335root 11241100x80000000000000003911564Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73e4a7e6c1fc27d12022-01-11 12:20:37.335root 11241100x80000000000000003911565Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.969a45981176acb42022-01-11 12:20:37.335root 11241100x80000000000000003911566Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a6ff457933700352022-01-11 12:20:37.335root 11241100x80000000000000003911567Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1cfd97cd8a4c70b2022-01-11 12:20:37.335root 11241100x80000000000000003911568Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2dd55e1144ac07122022-01-11 12:20:37.335root 11241100x80000000000000003911569Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d72dc8e2470559992022-01-11 12:20:37.336root 11241100x80000000000000003911570Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a94d9f19c7c9bbd2022-01-11 12:20:37.336root 11241100x80000000000000003911571Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.661d1dd5b97df64f2022-01-11 12:20:37.336root 11241100x80000000000000003911572Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3725f7035fdf50852022-01-11 12:20:37.336root 11241100x80000000000000003911573Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2cb00de18bbb57612022-01-11 12:20:37.336root 11241100x80000000000000003911574Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.158bc14fe0c61c392022-01-11 12:20:37.336root 11241100x80000000000000003911575Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f1186a53a96ec8e2022-01-11 12:20:37.336root 11241100x80000000000000003911576Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b5aaa38a12e113e92022-01-11 12:20:37.336root 11241100x80000000000000003911577Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.469b10dfd7466c1b2022-01-11 12:20:37.336root 11241100x80000000000000003911578Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61725e867d2652f32022-01-11 12:20:37.336root 11241100x80000000000000003911579Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2bae5b0e42225a6d2022-01-11 12:20:37.336root 11241100x80000000000000003911580Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34eb258d231a46972022-01-11 12:20:37.336root 11241100x80000000000000003911581Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39cf99e8673e77ee2022-01-11 12:20:37.833root 11241100x80000000000000003911582Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec4de63c175038c42022-01-11 12:20:37.833root 11241100x80000000000000003911583Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.676ecce2559f66a92022-01-11 12:20:37.834root 11241100x80000000000000003911584Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2cb8ef3791a7aff32022-01-11 12:20:37.834root 11241100x80000000000000003911585Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84ca86ada234f85e2022-01-11 12:20:37.834root 11241100x80000000000000003911586Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49db480aec33edd02022-01-11 12:20:37.834root 11241100x80000000000000003911587Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12a202ccf6f628702022-01-11 12:20:37.834root 11241100x80000000000000003911588Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f1405fd56e2e53f2022-01-11 12:20:37.834root 11241100x80000000000000003911589Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0bf81239e50c2e12022-01-11 12:20:37.834root 11241100x80000000000000003911590Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6606ce550bb23b02022-01-11 12:20:37.834root 11241100x80000000000000003911591Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f637c73aa8939ba52022-01-11 12:20:37.834root 11241100x80000000000000003911592Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba6d9112e299157e2022-01-11 12:20:37.835root 11241100x80000000000000003911593Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4985959273b9af502022-01-11 12:20:37.835root 11241100x80000000000000003911594Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e7410a22b9f8fc72022-01-11 12:20:37.835root 11241100x80000000000000003911595Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f02b4dfcd18fd1e42022-01-11 12:20:37.835root 11241100x80000000000000003911596Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.71f91daa1a907d8a2022-01-11 12:20:37.835root 11241100x80000000000000003911597Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.282cdeb7eebcb5252022-01-11 12:20:37.835root 11241100x80000000000000003911598Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ab52a4919161ad22022-01-11 12:20:37.835root 11241100x80000000000000003911599Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.07f034dcd7d9370f2022-01-11 12:20:37.835root 11241100x80000000000000003911600Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c9a6b1fd48e624d2022-01-11 12:20:37.836root 11241100x80000000000000003911601Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.afeb4ec0750a87a42022-01-11 12:20:37.836root 11241100x80000000000000003911602Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dbec7a0646650b6e2022-01-11 12:20:37.836root 11241100x80000000000000003911603Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35bd33b7815aa1d62022-01-11 12:20:37.836root 11241100x80000000000000003911604Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d60e0fae088cf7142022-01-11 12:20:37.836root 11241100x80000000000000003911605Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08aad127fd06dadb2022-01-11 12:20:37.836root 11241100x80000000000000003911606Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e312a943022d0cc2022-01-11 12:20:37.836root 11241100x80000000000000003911607Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c3fa01d01d405dfc2022-01-11 12:20:37.836root 11241100x80000000000000003911608Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c985a24fe844381e2022-01-11 12:20:37.836root 11241100x80000000000000003911609Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aac8c610de40bcf42022-01-11 12:20:37.836root 11241100x80000000000000003911610Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef3365f10a2499fe2022-01-11 12:20:37.836root 11241100x80000000000000003911611Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38fcdd3a63c55a172022-01-11 12:20:37.836root 11241100x80000000000000003911612Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cef37e7da7d993852022-01-11 12:20:37.837root 11241100x80000000000000003911613Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.165f54e40cbab4e22022-01-11 12:20:37.837root 11241100x80000000000000003911614Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3324210a642803212022-01-11 12:20:37.837root 11241100x80000000000000003911615Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.87cc57492b08b22c2022-01-11 12:20:37.837root 11241100x80000000000000003911616Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ea98d4ab68f42c92022-01-11 12:20:37.837root 11241100x80000000000000003911617Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c4c1197903c84902022-01-11 12:20:37.837root 11241100x80000000000000003911618Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.71cae56dd40821002022-01-11 12:20:37.837root 11241100x80000000000000003911619Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a04dd7cee7f311582022-01-11 12:20:37.837root 11241100x80000000000000003911620Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:37.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81b51a1f463c95a22022-01-11 12:20:37.837root 354300x80000000000000003911621Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.095{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56300-false10.0.1.12-8000- 11241100x80000000000000003911622Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.096{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd6dec1e6cbaf2332022-01-11 12:20:38.096root 11241100x80000000000000003911623Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.096{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1cfcd1817afa51282022-01-11 12:20:38.096root 11241100x80000000000000003911624Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.096{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89c37d7c72f39ccb2022-01-11 12:20:38.096root 11241100x80000000000000003911625Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.096{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11111590fbb2cf9d2022-01-11 12:20:38.096root 11241100x80000000000000003911626Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.096{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06084478138a95c22022-01-11 12:20:38.096root 11241100x80000000000000003911627Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.096{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c822ea2c77c8afe22022-01-11 12:20:38.096root 11241100x80000000000000003911628Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.097{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.98ad9e302970bfd92022-01-11 12:20:38.097root 11241100x80000000000000003911629Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.097{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36dd6d6a3bbd2e462022-01-11 12:20:38.097root 11241100x80000000000000003911630Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.097{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c3f6b888b57cc5db2022-01-11 12:20:38.097root 11241100x80000000000000003911631Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.097{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73dbaba0d74ef1762022-01-11 12:20:38.097root 11241100x80000000000000003911632Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.097{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd0f055424fa31122022-01-11 12:20:38.097root 11241100x80000000000000003911633Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.097{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f479cb46249b70a72022-01-11 12:20:38.097root 11241100x80000000000000003911634Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.097{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.975dc76a1f50380d2022-01-11 12:20:38.097root 11241100x80000000000000003911635Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.098{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1e9d69e2bcf2b3e82022-01-11 12:20:38.098root 11241100x80000000000000003911636Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.098{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e71623743101b3c2022-01-11 12:20:38.098root 11241100x80000000000000003911637Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.098{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e84252a258a87f402022-01-11 12:20:38.098root 11241100x80000000000000003911638Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.098{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f121d2e378fad182022-01-11 12:20:38.098root 11241100x80000000000000003911639Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.098{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca5e1cbcb2551b3a2022-01-11 12:20:38.098root 11241100x80000000000000003911640Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.098{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.962aee0aa79097a62022-01-11 12:20:38.098root 11241100x80000000000000003911641Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.099{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73e1978d3fc463a12022-01-11 12:20:38.099root 11241100x80000000000000003911642Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.099{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15e4e4141802e4a82022-01-11 12:20:38.099root 11241100x80000000000000003911643Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.099{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f85a7c2c6f777c72022-01-11 12:20:38.099root 11241100x80000000000000003911644Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.099{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.99f85dd0e95932032022-01-11 12:20:38.099root 11241100x80000000000000003911645Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.099{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ca9404501c2d50c2022-01-11 12:20:38.099root 11241100x80000000000000003911646Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.099{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0499f37e71b22d92022-01-11 12:20:38.099root 11241100x80000000000000003911647Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.099{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb4a49badf2cb03f2022-01-11 12:20:38.099root 11241100x80000000000000003911648Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.100{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69149d693707d7d22022-01-11 12:20:38.100root 11241100x80000000000000003911649Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.100{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.555fd1bc99b2ef142022-01-11 12:20:38.100root 11241100x80000000000000003911650Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.100{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77051e39ddb738022022-01-11 12:20:38.100root 11241100x80000000000000003911651Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.100{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6874d67751e90152022-01-11 12:20:38.100root 11241100x80000000000000003911652Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.100{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8868f8944025cb352022-01-11 12:20:38.100root 11241100x80000000000000003911653Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.100{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4fd94d3b169ffa8c2022-01-11 12:20:38.100root 11241100x80000000000000003911654Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.101{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0e16f117bc244752022-01-11 12:20:38.101root 11241100x80000000000000003911655Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.101{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc8a155484e0b6602022-01-11 12:20:38.101root 11241100x80000000000000003911656Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.101{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8824385c628d823c2022-01-11 12:20:38.101root 11241100x80000000000000003911657Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.101{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00628372fb81ea6e2022-01-11 12:20:38.101root 11241100x80000000000000003911658Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.101{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee573a2d807572412022-01-11 12:20:38.101root 11241100x80000000000000003911659Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.101{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da793f4b293367912022-01-11 12:20:38.101root 11241100x80000000000000003911660Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.101{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.59cf7dda3cd7f1e62022-01-11 12:20:38.101root 11241100x80000000000000003911661Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.878ef37de0dd24012022-01-11 12:20:38.584root 11241100x80000000000000003911662Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e4f66665746825c2022-01-11 12:20:38.584root 11241100x80000000000000003911663Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ec631f70c9d3e3d2022-01-11 12:20:38.584root 11241100x80000000000000003911664Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f040476c217ef432022-01-11 12:20:38.584root 11241100x80000000000000003911665Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2bc2af3e19ece0892022-01-11 12:20:38.584root 11241100x80000000000000003911666Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b16dc9d89c5f29e22022-01-11 12:20:38.584root 11241100x80000000000000003911667Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.397924e9811864322022-01-11 12:20:38.584root 11241100x80000000000000003911668Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f3ce3e70bff31e22022-01-11 12:20:38.584root 11241100x80000000000000003911669Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.78f6aa8172bafe892022-01-11 12:20:38.584root 11241100x80000000000000003911670Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.87d3edc5641f2e092022-01-11 12:20:38.585root 11241100x80000000000000003911671Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eeab58744b07869c2022-01-11 12:20:38.585root 11241100x80000000000000003911672Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5909fa2a25e910d52022-01-11 12:20:38.585root 11241100x80000000000000003911673Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.441ca472323cb34f2022-01-11 12:20:38.585root 11241100x80000000000000003911674Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e5b7aa74024acec22022-01-11 12:20:38.585root 11241100x80000000000000003911675Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3879cddbd67359032022-01-11 12:20:38.585root 11241100x80000000000000003911676Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.442dcae395be3d642022-01-11 12:20:38.586root 11241100x80000000000000003911677Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c55ccb49972516f2022-01-11 12:20:38.586root 11241100x80000000000000003911678Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02ba72dff82966d92022-01-11 12:20:38.586root 11241100x80000000000000003911679Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e457cdf231204f442022-01-11 12:20:38.586root 11241100x80000000000000003911680Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c27090e5e0185a32022-01-11 12:20:38.586root 11241100x80000000000000003911681Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.035e48878ba9692a2022-01-11 12:20:38.586root 11241100x80000000000000003911682Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18cd57ecca0ebf1b2022-01-11 12:20:38.586root 11241100x80000000000000003911683Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.054218f9cc499c682022-01-11 12:20:38.586root 11241100x80000000000000003911684Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aee8a5d3c605f6102022-01-11 12:20:38.587root 11241100x80000000000000003911685Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.efaf8cd0bf97f79a2022-01-11 12:20:38.587root 11241100x80000000000000003911686Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9f451e06547c4cd2022-01-11 12:20:38.587root 11241100x80000000000000003911687Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37ca716ff2488d772022-01-11 12:20:38.587root 11241100x80000000000000003911688Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47091cea2cfb55ae2022-01-11 12:20:38.587root 11241100x80000000000000003911689Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:38.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9db10867af5c461b2022-01-11 12:20:38.587root 11241100x80000000000000003911690Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.456d5f27d9a1e0042022-01-11 12:20:39.083root 11241100x80000000000000003911691Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9951682cf85f91a32022-01-11 12:20:39.083root 11241100x80000000000000003911692Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4d74636d56bcdde62022-01-11 12:20:39.084root 11241100x80000000000000003911693Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1dd69fb2d8e6dd42022-01-11 12:20:39.084root 11241100x80000000000000003911694Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ee1fd187bc0c56d2022-01-11 12:20:39.084root 11241100x80000000000000003911695Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f82bb8b368fe9db2022-01-11 12:20:39.084root 11241100x80000000000000003911696Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97a29de22f1909ad2022-01-11 12:20:39.084root 11241100x80000000000000003911697Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6249e730d2315362022-01-11 12:20:39.084root 11241100x80000000000000003911698Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a60eaf4726a969192022-01-11 12:20:39.084root 11241100x80000000000000003911699Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c03eeddb31a3ec32022-01-11 12:20:39.084root 11241100x80000000000000003911700Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8eedf0d7193179562022-01-11 12:20:39.084root 11241100x80000000000000003911701Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9283e60e0e7c6b352022-01-11 12:20:39.084root 11241100x80000000000000003911702Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6e3009463618d9f2022-01-11 12:20:39.085root 11241100x80000000000000003911703Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dce6143ccf40ba472022-01-11 12:20:39.085root 11241100x80000000000000003911704Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d759375a1c211072022-01-11 12:20:39.085root 11241100x80000000000000003911705Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.acd21d58f818584e2022-01-11 12:20:39.085root 11241100x80000000000000003911706Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66e374134224875e2022-01-11 12:20:39.085root 11241100x80000000000000003911707Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8ccdacdedc5748b2022-01-11 12:20:39.085root 11241100x80000000000000003911708Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c00ec2e210cafb12022-01-11 12:20:39.085root 11241100x80000000000000003911709Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ffcda14588df6db2022-01-11 12:20:39.085root 11241100x80000000000000003911710Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.afcd197790d8c03a2022-01-11 12:20:39.085root 11241100x80000000000000003911711Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.598014991c69dec22022-01-11 12:20:39.085root 11241100x80000000000000003911712Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cdf48fc74845a50f2022-01-11 12:20:39.085root 11241100x80000000000000003911713Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfb8b9259f26af532022-01-11 12:20:39.086root 11241100x80000000000000003911714Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1305e85e70d635f2022-01-11 12:20:39.086root 11241100x80000000000000003911715Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5e598c88ddfe5522022-01-11 12:20:39.086root 11241100x80000000000000003911716Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cca5a1dcedac8c9a2022-01-11 12:20:39.086root 11241100x80000000000000003911717Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.951019f0d3e61ed02022-01-11 12:20:39.086root 11241100x80000000000000003911718Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33bd0382f140e56b2022-01-11 12:20:39.086root 11241100x80000000000000003911719Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c3a7b62e6c069c192022-01-11 12:20:39.584root 11241100x80000000000000003911720Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a3710c422045f8d2022-01-11 12:20:39.584root 11241100x80000000000000003911721Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5935460a43b92bf92022-01-11 12:20:39.584root 11241100x80000000000000003911722Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af927b3637d6b19f2022-01-11 12:20:39.584root 11241100x80000000000000003911723Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fed0d4fd789bf9892022-01-11 12:20:39.585root 11241100x80000000000000003911724Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32eaee9684c855252022-01-11 12:20:39.585root 11241100x80000000000000003911725Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b08985a47d1103dc2022-01-11 12:20:39.585root 11241100x80000000000000003911726Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f891701dc4343db22022-01-11 12:20:39.585root 11241100x80000000000000003911727Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aba8e691c6217ec72022-01-11 12:20:39.585root 11241100x80000000000000003911728Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0fc0c836ee1d9fa2022-01-11 12:20:39.586root 11241100x80000000000000003911729Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e9d970b79a330c32022-01-11 12:20:39.586root 11241100x80000000000000003911730Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6fa214577698f1812022-01-11 12:20:39.586root 11241100x80000000000000003911731Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f8b39f7ea9988192022-01-11 12:20:39.586root 11241100x80000000000000003911732Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83cf132261d3c9d42022-01-11 12:20:39.586root 11241100x80000000000000003911733Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.85f7873ca9014b0c2022-01-11 12:20:39.586root 11241100x80000000000000003911734Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8958fcd987318ac32022-01-11 12:20:39.586root 11241100x80000000000000003911735Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed284635dceda4dd2022-01-11 12:20:39.587root 11241100x80000000000000003911736Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.664a95e1b8d3ad1c2022-01-11 12:20:39.587root 11241100x80000000000000003911737Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1154bdf9110d7b732022-01-11 12:20:39.587root 11241100x80000000000000003911738Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7dc610cbab0007202022-01-11 12:20:39.588root 11241100x80000000000000003911739Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37abb76ada77cb7c2022-01-11 12:20:39.588root 11241100x80000000000000003911740Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd73a24f3ec53dcd2022-01-11 12:20:39.588root 11241100x80000000000000003911741Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b790f0dee545fa22022-01-11 12:20:39.588root 11241100x80000000000000003911742Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b23f6f3907d63202022-01-11 12:20:39.588root 11241100x80000000000000003911743Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76df1f5cb29ddc662022-01-11 12:20:39.588root 11241100x80000000000000003911744Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df89527594d010e82022-01-11 12:20:39.589root 11241100x80000000000000003911745Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d856117dbd974f22022-01-11 12:20:39.589root 11241100x80000000000000003911746Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5cd1bd71af463cff2022-01-11 12:20:39.589root 11241100x80000000000000003911747Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:39.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c1f7b8df198f8312022-01-11 12:20:39.589root 11241100x80000000000000003911748Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d37dfe365ba3cf132022-01-11 12:20:40.084root 11241100x80000000000000003911749Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f64206ddfcb51d02022-01-11 12:20:40.084root 11241100x80000000000000003911750Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a0c60a54229c8b62022-01-11 12:20:40.084root 11241100x80000000000000003911751Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c3866ec5378891e52022-01-11 12:20:40.085root 11241100x80000000000000003911752Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e27108eb8ea848162022-01-11 12:20:40.085root 11241100x80000000000000003911753Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd11cf44b7260b732022-01-11 12:20:40.085root 11241100x80000000000000003911754Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7e95ffde4a051572022-01-11 12:20:40.085root 11241100x80000000000000003911755Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.faa5ed80651d4ead2022-01-11 12:20:40.086root 11241100x80000000000000003911756Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.695df1d6d61f17aa2022-01-11 12:20:40.086root 11241100x80000000000000003911757Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.875bf0d1bb31be2f2022-01-11 12:20:40.086root 11241100x80000000000000003911758Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90966066b86597c42022-01-11 12:20:40.086root 11241100x80000000000000003911759Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17ed97592649a77a2022-01-11 12:20:40.086root 11241100x80000000000000003911760Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c90c1cabc1bac162022-01-11 12:20:40.086root 11241100x80000000000000003911761Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e32030d2c86e1672022-01-11 12:20:40.086root 11241100x80000000000000003911762Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c6f0e7c54c611182022-01-11 12:20:40.086root 11241100x80000000000000003911763Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3e0ff9fcecc64732022-01-11 12:20:40.086root 11241100x80000000000000003911764Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bee5ed1ee41880142022-01-11 12:20:40.086root 11241100x80000000000000003911765Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47ccdcbc382ed4f92022-01-11 12:20:40.087root 11241100x80000000000000003911766Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f649ceb658dd0952022-01-11 12:20:40.087root 11241100x80000000000000003911767Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21314ae603820e602022-01-11 12:20:40.087root 11241100x80000000000000003911768Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe82820d1e1773432022-01-11 12:20:40.087root 11241100x80000000000000003911769Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9783ea11cce8f1bd2022-01-11 12:20:40.087root 11241100x80000000000000003911770Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.223faf86881ff7492022-01-11 12:20:40.087root 11241100x80000000000000003911771Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54af3c197981f1672022-01-11 12:20:40.087root 11241100x80000000000000003911772Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.824ea29a0373b8932022-01-11 12:20:40.087root 11241100x80000000000000003911773Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bcc7cdccdd1ff47d2022-01-11 12:20:40.088root 11241100x80000000000000003911774Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1cd0ec8204369d72022-01-11 12:20:40.088root 11241100x80000000000000003911775Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba33c9e0659ebca12022-01-11 12:20:40.088root 11241100x80000000000000003911776Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe32fd6bbefaac892022-01-11 12:20:40.088root 11241100x80000000000000003911777Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.301e1950adbe6e8a2022-01-11 12:20:40.583root 11241100x80000000000000003911778Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61e5df004ce083f32022-01-11 12:20:40.583root 11241100x80000000000000003911779Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3082a6d64fccb5eb2022-01-11 12:20:40.584root 11241100x80000000000000003911780Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.30c6f7eb7070843e2022-01-11 12:20:40.584root 11241100x80000000000000003911781Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c492966b85cd1f82022-01-11 12:20:40.584root 11241100x80000000000000003911782Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac2efda511c388672022-01-11 12:20:40.584root 11241100x80000000000000003911783Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a382009de1bdc262022-01-11 12:20:40.584root 11241100x80000000000000003911784Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c33c7905debb68872022-01-11 12:20:40.584root 11241100x80000000000000003911785Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a842bfd7eaad68052022-01-11 12:20:40.584root 11241100x80000000000000003911786Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a908eba64cc9dd02022-01-11 12:20:40.584root 11241100x80000000000000003911787Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.27d051e09e1dfae22022-01-11 12:20:40.584root 11241100x80000000000000003911788Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26f19e0d2962ef872022-01-11 12:20:40.585root 11241100x80000000000000003911789Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20f4c8285059796c2022-01-11 12:20:40.588root 11241100x80000000000000003911790Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05e4080504edbd342022-01-11 12:20:40.588root 11241100x80000000000000003911791Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e2becbae7601a682022-01-11 12:20:40.588root 11241100x80000000000000003911792Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f34ef4acb41c095d2022-01-11 12:20:40.588root 11241100x80000000000000003911793Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b005deff0b8ac482022-01-11 12:20:40.588root 11241100x80000000000000003911794Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.87e5da7ab99a1e532022-01-11 12:20:40.588root 11241100x80000000000000003911795Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.938d065110ed83402022-01-11 12:20:40.588root 11241100x80000000000000003911796Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08522abdfe9e89a52022-01-11 12:20:40.588root 11241100x80000000000000003911797Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e78ecb4f3d7589ed2022-01-11 12:20:40.588root 11241100x80000000000000003911798Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f11629c218a5c6612022-01-11 12:20:40.588root 11241100x80000000000000003911799Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0fbe2f4da02a9bbd2022-01-11 12:20:40.588root 11241100x80000000000000003911800Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90a4a689b8368b532022-01-11 12:20:40.589root 11241100x80000000000000003911801Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7aaaa5eedf30fc9b2022-01-11 12:20:40.589root 11241100x80000000000000003911802Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1535c5182b8202512022-01-11 12:20:40.589root 11241100x80000000000000003911803Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6695200a413ae282022-01-11 12:20:40.589root 11241100x80000000000000003911804Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.147a5125e01b5e542022-01-11 12:20:40.589root 11241100x80000000000000003911805Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.953aa0ef9bc8a6a42022-01-11 12:20:40.589root 11241100x80000000000000003911806Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:40.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c11fcdbecdfeca72022-01-11 12:20:40.589root 11241100x80000000000000003911807Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0a84974d0239d642022-01-11 12:20:41.084root 11241100x80000000000000003911808Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.07e606c8d725cc272022-01-11 12:20:41.084root 11241100x80000000000000003911809Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad093b7b472dd3352022-01-11 12:20:41.084root 11241100x80000000000000003911810Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.937e7c1c170301152022-01-11 12:20:41.084root 11241100x80000000000000003911811Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8675500221584c72022-01-11 12:20:41.084root 11241100x80000000000000003911812Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d60bf63e2ed7ba1b2022-01-11 12:20:41.084root 11241100x80000000000000003911813Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e0c6b983d0381e92022-01-11 12:20:41.084root 11241100x80000000000000003911814Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb1d0256f2e6159c2022-01-11 12:20:41.084root 11241100x80000000000000003911815Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61672c422f670bd22022-01-11 12:20:41.084root 11241100x80000000000000003911816Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65d9582b6431a8042022-01-11 12:20:41.085root 11241100x80000000000000003911817Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc1d6d6c7d864b9d2022-01-11 12:20:41.085root 11241100x80000000000000003911818Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d99c3322ff502852022-01-11 12:20:41.085root 11241100x80000000000000003911819Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7e7b5e2a9ddafb02022-01-11 12:20:41.085root 11241100x80000000000000003911820Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8df89fd11e0f85992022-01-11 12:20:41.085root 11241100x80000000000000003911821Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a36a0b0f77b23d3e2022-01-11 12:20:41.085root 11241100x80000000000000003911822Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb192004ded4ae692022-01-11 12:20:41.085root 11241100x80000000000000003911823Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ccab4fef23f0a2f62022-01-11 12:20:41.085root 11241100x80000000000000003911824Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3fd85c845c3c3ad92022-01-11 12:20:41.085root 11241100x80000000000000003911825Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f78de3d2935bfe12022-01-11 12:20:41.085root 11241100x80000000000000003911826Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cee529b67c9eb7ab2022-01-11 12:20:41.086root 11241100x80000000000000003911827Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4fc510dcad80e7ea2022-01-11 12:20:41.086root 11241100x80000000000000003911828Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e9a083bc1829eb12022-01-11 12:20:41.086root 11241100x80000000000000003911829Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac02237c2e36855f2022-01-11 12:20:41.086root 11241100x80000000000000003911830Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb4bb3c1a988e63e2022-01-11 12:20:41.086root 11241100x80000000000000003911831Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1b3d8540b349bad2022-01-11 12:20:41.086root 11241100x80000000000000003911832Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4085af8d21f65f52022-01-11 12:20:41.086root 11241100x80000000000000003911833Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.701f6028f43fcbf42022-01-11 12:20:41.086root 11241100x80000000000000003911834Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc23a54ee47ccd842022-01-11 12:20:41.086root 11241100x80000000000000003911835Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd4965e80789c19d2022-01-11 12:20:41.086root 11241100x80000000000000003911836Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.508bfd26cf7213022022-01-11 12:20:41.086root 11241100x80000000000000003911837Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8069d0cb8f00114b2022-01-11 12:20:41.583root 11241100x80000000000000003911838Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49a41ec752fe9c742022-01-11 12:20:41.583root 11241100x80000000000000003911839Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5db153b63b5836592022-01-11 12:20:41.583root 11241100x80000000000000003911840Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0ec577b18a885792022-01-11 12:20:41.583root 11241100x80000000000000003911841Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1831dd7a42eb6c622022-01-11 12:20:41.584root 11241100x80000000000000003911842Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23906c4724403aad2022-01-11 12:20:41.584root 11241100x80000000000000003911843Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eaa9737ea13a3a8e2022-01-11 12:20:41.584root 11241100x80000000000000003911844Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f77cd5f9a92520f2022-01-11 12:20:41.584root 11241100x80000000000000003911845Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0bfb90b05ff262222022-01-11 12:20:41.584root 11241100x80000000000000003911846Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3385a26cc9dce2792022-01-11 12:20:41.584root 11241100x80000000000000003911847Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.786c42abb93198242022-01-11 12:20:41.584root 11241100x80000000000000003911848Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.99f179923783c80b2022-01-11 12:20:41.584root 11241100x80000000000000003911849Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c4949b095c41cfa62022-01-11 12:20:41.585root 11241100x80000000000000003911850Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bfcdf427a6df15f22022-01-11 12:20:41.585root 11241100x80000000000000003911851Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e3e4e958c26225d2022-01-11 12:20:41.585root 11241100x80000000000000003911852Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b4e735397e356a12022-01-11 12:20:41.585root 11241100x80000000000000003911853Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fed2bd852f232e62022-01-11 12:20:41.585root 11241100x80000000000000003911854Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0604c99a9c3d8ecd2022-01-11 12:20:41.585root 11241100x80000000000000003911855Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ecc9dbda8e44c1602022-01-11 12:20:41.585root 11241100x80000000000000003911856Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c89c04e87efba8142022-01-11 12:20:41.585root 11241100x80000000000000003911857Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5fc1d72e179b1bd2022-01-11 12:20:41.585root 11241100x80000000000000003911858Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e96dbdc580d2ff42022-01-11 12:20:41.586root 11241100x80000000000000003911859Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19a0fcf06ada43072022-01-11 12:20:41.586root 11241100x80000000000000003911860Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2091dc2b1cb494c42022-01-11 12:20:41.586root 11241100x80000000000000003911861Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.600b6319fdf010022022-01-11 12:20:41.586root 11241100x80000000000000003911862Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0e515f73b1ef53a2022-01-11 12:20:41.586root 11241100x80000000000000003911863Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39088d4e7c96ab932022-01-11 12:20:41.586root 11241100x80000000000000003911864Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9a2784c4477b2dd2022-01-11 12:20:41.586root 11241100x80000000000000003911865Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ade03dcc741635f32022-01-11 12:20:41.587root 11241100x80000000000000003911866Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab72be0b6cd7f7b62022-01-11 12:20:41.587root 11241100x80000000000000003911867Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67e3a841c7a880a52022-01-11 12:20:41.587root 11241100x80000000000000003911868Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.28e5ffcee1786dd62022-01-11 12:20:41.587root 11241100x80000000000000003911869Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2235a1e5612bdbd2022-01-11 12:20:41.587root 11241100x80000000000000003911870Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.94d45de420b8fcd92022-01-11 12:20:41.587root 11241100x80000000000000003911871Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5164b0fb730e55122022-01-11 12:20:41.587root 11241100x80000000000000003911872Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b1b79036be481fe2022-01-11 12:20:41.587root 11241100x80000000000000003911873Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43348a75a4f6d1632022-01-11 12:20:41.588root 11241100x80000000000000003911874Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a2557787eb06dee2022-01-11 12:20:41.588root 11241100x80000000000000003911875Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6469009050c2e1792022-01-11 12:20:41.588root 11241100x80000000000000003911876Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3441e564ef9a39f42022-01-11 12:20:41.588root 11241100x80000000000000003911877Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:41.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7dd184e44f645fe2022-01-11 12:20:41.588root 11241100x80000000000000003911878Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd2f021beb028cd02022-01-11 12:20:42.084root 11241100x80000000000000003911879Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36e350de43017c002022-01-11 12:20:42.084root 11241100x80000000000000003911880Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2222fc3bfe4807272022-01-11 12:20:42.084root 11241100x80000000000000003911881Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82558e59969925f92022-01-11 12:20:42.084root 11241100x80000000000000003911882Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0159b9c02cd76192022-01-11 12:20:42.084root 11241100x80000000000000003911883Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4281ae3705dc3c22022-01-11 12:20:42.085root 11241100x80000000000000003911884Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9bb4acdc7d241be12022-01-11 12:20:42.085root 11241100x80000000000000003911885Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5953cabe09dd63632022-01-11 12:20:42.085root 11241100x80000000000000003911886Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.001c2f4a8e71e04b2022-01-11 12:20:42.085root 11241100x80000000000000003911887Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7041c85c51c058482022-01-11 12:20:42.085root 11241100x80000000000000003911888Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f96f062c5f84b5a62022-01-11 12:20:42.085root 11241100x80000000000000003911889Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba57e4b1204aa2962022-01-11 12:20:42.085root 11241100x80000000000000003911890Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f09adc6c8450ef782022-01-11 12:20:42.085root 11241100x80000000000000003911891Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ddb3a8a2e19b38dc2022-01-11 12:20:42.085root 11241100x80000000000000003911892Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a7eb54de1b5d2d92022-01-11 12:20:42.085root 11241100x80000000000000003911893Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.59f6fe1a12c7467d2022-01-11 12:20:42.085root 11241100x80000000000000003911894Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ffd9be0c1f7dda42022-01-11 12:20:42.085root 11241100x80000000000000003911895Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66ceb2f01021d0632022-01-11 12:20:42.085root 11241100x80000000000000003911896Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c06f5e527c3bf6772022-01-11 12:20:42.085root 11241100x80000000000000003911897Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9055b4e778e068642022-01-11 12:20:42.086root 11241100x80000000000000003911898Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de7ae7f7e7c385d92022-01-11 12:20:42.086root 11241100x80000000000000003911899Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6141bfbe24ee845f2022-01-11 12:20:42.086root 11241100x80000000000000003911900Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a137acd75b24b5912022-01-11 12:20:42.086root 11241100x80000000000000003911901Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aeb2311775612f302022-01-11 12:20:42.086root 11241100x80000000000000003911902Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.704399fd6437d20f2022-01-11 12:20:42.086root 11241100x80000000000000003911903Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33b396ad15c6a4732022-01-11 12:20:42.086root 11241100x80000000000000003911904Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f9332a4675d9a582022-01-11 12:20:42.086root 11241100x80000000000000003911905Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.efd65f1a7ecb4d282022-01-11 12:20:42.086root 11241100x80000000000000003911906Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65da867c603189472022-01-11 12:20:42.086root 154100x80000000000000003911907Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.477{ec2d504d-761a-61dd-68d4-7ac381550000}9858/bin/ps-----ps -e -o pid,ppid,state,command/var/snap/amazon-ssm-agent/4046root{ec2d504d-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}2402--- 11241100x80000000000000003911908Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.479{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2482a968540867dc2022-01-11 12:20:42.479root 11241100x80000000000000003911909Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.479{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1768125738c6c862022-01-11 12:20:42.479root 11241100x80000000000000003911910Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.480{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.675a8003812c83c82022-01-11 12:20:42.480root 11241100x80000000000000003911911Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.480{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8f8678bd090090c2022-01-11 12:20:42.480root 11241100x80000000000000003911912Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.480{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15f36e6d45e4168e2022-01-11 12:20:42.480root 11241100x80000000000000003911913Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.480{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d6670ffa43e04dc2022-01-11 12:20:42.480root 11241100x80000000000000003911914Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.480{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aee37db4b409105a2022-01-11 12:20:42.480root 11241100x80000000000000003911915Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.480{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f85b21e663a4841e2022-01-11 12:20:42.480root 11241100x80000000000000003911916Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.480{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9efdaead89e92a442022-01-11 12:20:42.480root 11241100x80000000000000003911917Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.480{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9d61e66c4187ad42022-01-11 12:20:42.480root 11241100x80000000000000003911918Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.480{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eba6cb651c6024a92022-01-11 12:20:42.480root 11241100x80000000000000003911919Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.480{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0334c8052a2ad25d2022-01-11 12:20:42.480root 11241100x80000000000000003911920Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.481{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb0897abc28f53112022-01-11 12:20:42.481root 11241100x80000000000000003911921Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.481{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8525a90407f06e732022-01-11 12:20:42.481root 11241100x80000000000000003911922Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.481{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79c1b5be560049c62022-01-11 12:20:42.481root 11241100x80000000000000003911923Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.481{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e5b2609f9034e4b32022-01-11 12:20:42.481root 11241100x80000000000000003911924Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.481{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c886f90552e60f192022-01-11 12:20:42.481root 11241100x80000000000000003911925Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.481{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.def8f76a1f08db972022-01-11 12:20:42.481root 11241100x80000000000000003911926Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.481{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63302278124b0fe02022-01-11 12:20:42.481root 11241100x80000000000000003911927Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.482{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.24b19e4a787541b42022-01-11 12:20:42.482root 11241100x80000000000000003911928Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.482{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd535c0ad7fd2cbc2022-01-11 12:20:42.482root 11241100x80000000000000003911929Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.482{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4fadef6ea63256332022-01-11 12:20:42.482root 11241100x80000000000000003911930Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.482{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0516aca09aa2609b2022-01-11 12:20:42.482root 11241100x80000000000000003911931Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.482{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.031bd0de66a3ea1f2022-01-11 12:20:42.482root 11241100x80000000000000003911932Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.483{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bcb611e96aa40b172022-01-11 12:20:42.483root 11241100x80000000000000003911933Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.483{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1001945de847c0732022-01-11 12:20:42.483root 11241100x80000000000000003911934Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.483{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c477c0a5e616c7f2022-01-11 12:20:42.483root 11241100x80000000000000003911935Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.483{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da2c1e1b1f4618fb2022-01-11 12:20:42.483root 11241100x80000000000000003911936Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.483{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2bc1495750021f492022-01-11 12:20:42.483root 11241100x80000000000000003911937Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.483{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a9737a90b94526c2022-01-11 12:20:42.483root 534500x80000000000000003911938Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.491{ec2d504d-761a-61dd-68d4-7ac381550000}9858/bin/psroot 11241100x80000000000000003911939Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b961896349b4e842022-01-11 12:20:42.834root 11241100x80000000000000003911940Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd325b9b69d7e2ac2022-01-11 12:20:42.834root 11241100x80000000000000003911941Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9865247fea7e71a62022-01-11 12:20:42.834root 11241100x80000000000000003911942Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20143d61f80124fd2022-01-11 12:20:42.834root 11241100x80000000000000003911943Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17b0c03f785b1bbb2022-01-11 12:20:42.834root 11241100x80000000000000003911944Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cbe828160fc754652022-01-11 12:20:42.834root 11241100x80000000000000003911945Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1cc9a2541162c9f2022-01-11 12:20:42.834root 11241100x80000000000000003911946Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cabd92e788deab062022-01-11 12:20:42.834root 11241100x80000000000000003911947Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e11248388c9d6da42022-01-11 12:20:42.834root 11241100x80000000000000003911948Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b58b619ec58e575f2022-01-11 12:20:42.835root 11241100x80000000000000003911949Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.782568026870d9272022-01-11 12:20:42.835root 11241100x80000000000000003911950Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17616f471e79aea12022-01-11 12:20:42.835root 11241100x80000000000000003911951Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7e3d72662165d372022-01-11 12:20:42.835root 11241100x80000000000000003911952Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e18091b7c3d56b352022-01-11 12:20:42.835root 11241100x80000000000000003911953Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7f1b1c6851678d82022-01-11 12:20:42.835root 11241100x80000000000000003911954Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7de9c20d37decf892022-01-11 12:20:42.835root 11241100x80000000000000003911955Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db86086ae53d87ca2022-01-11 12:20:42.835root 11241100x80000000000000003911956Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.958d07ef7c50bb732022-01-11 12:20:42.835root 11241100x80000000000000003911957Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d99cb375f89d5eb42022-01-11 12:20:42.836root 11241100x80000000000000003911958Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93cb01410479b3a22022-01-11 12:20:42.836root 11241100x80000000000000003911959Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8e3b67f38c6ebde2022-01-11 12:20:42.836root 11241100x80000000000000003911960Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f165682670a268932022-01-11 12:20:42.836root 11241100x80000000000000003911961Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8bf7405b0f71dd9a2022-01-11 12:20:42.836root 11241100x80000000000000003911962Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32e1a7bf94ce9a192022-01-11 12:20:42.836root 11241100x80000000000000003911963Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7704351f933882512022-01-11 12:20:42.836root 11241100x80000000000000003911964Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.796b2080b483d6622022-01-11 12:20:42.836root 11241100x80000000000000003911965Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c4b3c832cbfc3e62022-01-11 12:20:42.836root 11241100x80000000000000003911966Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce30fcb4b4be75662022-01-11 12:20:42.836root 11241100x80000000000000003911967Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f86335e52d229c0d2022-01-11 12:20:42.837root 11241100x80000000000000003911968Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.31dc814da9a85e452022-01-11 12:20:42.837root 11241100x80000000000000003911969Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4042c578495260d02022-01-11 12:20:42.837root 11241100x80000000000000003911970Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34d4239eff4f9db42022-01-11 12:20:42.837root 11241100x80000000000000003911971Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11669486a3f0b0ee2022-01-11 12:20:42.837root 11241100x80000000000000003911972Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e40a36d854aa6d1a2022-01-11 12:20:42.837root 11241100x80000000000000003911973Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3ed2c2d933f0b812022-01-11 12:20:42.837root 11241100x80000000000000003911974Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b5ebb9fe2dc1506b2022-01-11 12:20:42.837root 11241100x80000000000000003911975Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0fecdfec88adfdf32022-01-11 12:20:42.837root 11241100x80000000000000003911976Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eca25eb5e251fe212022-01-11 12:20:42.837root 11241100x80000000000000003911977Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.586792d96ba2370e2022-01-11 12:20:42.837root 11241100x80000000000000003911978Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6bfb588e6f20f1ed2022-01-11 12:20:42.837root 11241100x80000000000000003911979Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0514196a0d8eb67e2022-01-11 12:20:42.837root 11241100x80000000000000003911980Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.167bf72fd8e56b3d2022-01-11 12:20:42.837root 11241100x80000000000000003911981Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ede0399e31e8ca42022-01-11 12:20:42.838root 11241100x80000000000000003911982Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d92bfb9c2b2002252022-01-11 12:20:42.838root 11241100x80000000000000003911983Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.513be90bf03408042022-01-11 12:20:42.838root 11241100x80000000000000003911984Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c68c5c45c62bd5632022-01-11 12:20:42.838root 11241100x80000000000000003911985Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dcfc5f74ac2b00de2022-01-11 12:20:42.838root 11241100x80000000000000003911986Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.416c8d7fc10baf612022-01-11 12:20:42.838root 11241100x80000000000000003911987Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8256614c671d183c2022-01-11 12:20:42.839root 11241100x80000000000000003911988Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a12193a48c4ac152022-01-11 12:20:42.839root 11241100x80000000000000003911989Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.64167f88d48f51a62022-01-11 12:20:42.840root 11241100x80000000000000003911990Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.60e7d5faa5888dc62022-01-11 12:20:42.840root 11241100x80000000000000003911991Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e9a18c9913a98662022-01-11 12:20:42.840root 11241100x80000000000000003911992Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.425998b89a7f8dac2022-01-11 12:20:42.840root 11241100x80000000000000003911993Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ded749f64ad8f1c72022-01-11 12:20:42.840root 11241100x80000000000000003911994Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0b60176df4d8b3d2022-01-11 12:20:42.840root 11241100x80000000000000003911995Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54ecc29af5d3c5a52022-01-11 12:20:42.840root 11241100x80000000000000003911996Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f48e2e2f020f8f1f2022-01-11 12:20:42.840root 11241100x80000000000000003911997Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.841{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9ed039d02fc7ea42022-01-11 12:20:42.841root 11241100x80000000000000003911998Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:42.841{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.555288abe87bcf782022-01-11 12:20:42.841root 354300x80000000000000003911999Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.199{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56302-false10.0.1.12-8000- 11241100x80000000000000003912000Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.200{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f30e791f9d05deab2022-01-11 12:20:43.200root 11241100x80000000000000003912001Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.201{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de32661e4e7fdfca2022-01-11 12:20:43.201root 11241100x80000000000000003912002Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.201{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a467c99689daff62022-01-11 12:20:43.201root 11241100x80000000000000003912003Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.201{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc9eca774030d54d2022-01-11 12:20:43.201root 11241100x80000000000000003912004Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.201{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b87cb1f41a8cca02022-01-11 12:20:43.201root 11241100x80000000000000003912005Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.201{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.367f5be35ebcf4fb2022-01-11 12:20:43.201root 11241100x80000000000000003912006Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.201{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46f9d36a14be904f2022-01-11 12:20:43.201root 11241100x80000000000000003912007Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.201{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7fb410dddb15b6b52022-01-11 12:20:43.201root 11241100x80000000000000003912008Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.201{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc2fcb1583c67f912022-01-11 12:20:43.201root 11241100x80000000000000003912009Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.202{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2fbc2c20907c01df2022-01-11 12:20:43.202root 11241100x80000000000000003912010Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.202{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d31c466e0d6605582022-01-11 12:20:43.202root 11241100x80000000000000003912011Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.202{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e6e4875335f8a842022-01-11 12:20:43.202root 11241100x80000000000000003912012Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.202{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.971ec1e0625502552022-01-11 12:20:43.202root 11241100x80000000000000003912013Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.202{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0efe9d9050656972022-01-11 12:20:43.202root 11241100x80000000000000003912014Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.202{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.072f217a72da6f072022-01-11 12:20:43.202root 11241100x80000000000000003912015Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.202{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.003f5a1ca66916092022-01-11 12:20:43.202root 11241100x80000000000000003912016Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.202{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf185cd758d532812022-01-11 12:20:43.202root 11241100x80000000000000003912017Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.202{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c911c96ab853fbd2022-01-11 12:20:43.202root 11241100x80000000000000003912018Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.202{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a562adcd5f65c9942022-01-11 12:20:43.202root 11241100x80000000000000003912019Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.202{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ebc3d84039d4f6cc2022-01-11 12:20:43.202root 11241100x80000000000000003912020Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.203{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d04c01b79c81d3bc2022-01-11 12:20:43.203root 11241100x80000000000000003912021Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.203{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.367795fd46e70a7e2022-01-11 12:20:43.203root 11241100x80000000000000003912022Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.203{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.efae37f3d61ee9132022-01-11 12:20:43.203root 11241100x80000000000000003912023Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.203{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0cede48b6c471a7b2022-01-11 12:20:43.203root 11241100x80000000000000003912024Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.203{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.596e965bec04bf4a2022-01-11 12:20:43.203root 11241100x80000000000000003912025Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.204{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e43090fbe9ce26c2022-01-11 12:20:43.204root 11241100x80000000000000003912026Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.204{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16e083b511c5d1342022-01-11 12:20:43.204root 11241100x80000000000000003912027Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.204{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fdd759709e0df4c72022-01-11 12:20:43.204root 11241100x80000000000000003912028Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.204{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.124cdbf2f5b204662022-01-11 12:20:43.204root 11241100x80000000000000003912029Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.204{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f064ba2657fbac52022-01-11 12:20:43.204root 11241100x80000000000000003912030Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.204{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.140c5203ff8cc23b2022-01-11 12:20:43.204root 11241100x80000000000000003912031Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.204{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c726b61bddb306ac2022-01-11 12:20:43.204root 11241100x80000000000000003912032Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.205{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea3d6fef955b7d0e2022-01-11 12:20:43.205root 11241100x80000000000000003912033Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.205{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b52a6c66a39a7372022-01-11 12:20:43.205root 11241100x80000000000000003912034Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.205{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b70e358d43a09202022-01-11 12:20:43.205root 11241100x80000000000000003912035Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.205{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f04c71fae9185ee2022-01-11 12:20:43.205root 11241100x80000000000000003912036Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.205{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17d44ff44ca444992022-01-11 12:20:43.205root 11241100x80000000000000003912037Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.205{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.422511b6c957b41f2022-01-11 12:20:43.205root 11241100x80000000000000003912038Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.205{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7fe8d8fd5286a9f22022-01-11 12:20:43.205root 11241100x80000000000000003912039Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.205{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37e2cf60c21d83372022-01-11 12:20:43.205root 11241100x80000000000000003912040Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0dc11b5ac6b539892022-01-11 12:20:43.584root 11241100x80000000000000003912041Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89442e71c03a66102022-01-11 12:20:43.584root 11241100x80000000000000003912042Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db11b6cfb9b081e82022-01-11 12:20:43.584root 11241100x80000000000000003912043Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34e52270f88394422022-01-11 12:20:43.584root 11241100x80000000000000003912044Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e124f85ac38a0c12022-01-11 12:20:43.584root 11241100x80000000000000003912045Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.27b6963bf1e778b32022-01-11 12:20:43.584root 11241100x80000000000000003912046Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1570aabb2f54e7602022-01-11 12:20:43.584root 11241100x80000000000000003912047Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20ecaed0360cc3232022-01-11 12:20:43.585root 11241100x80000000000000003912048Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3fc5d98547ab330b2022-01-11 12:20:43.585root 11241100x80000000000000003912049Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df31b4dde31fed162022-01-11 12:20:43.585root 11241100x80000000000000003912050Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.742f71441e5a600b2022-01-11 12:20:43.585root 11241100x80000000000000003912051Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54ab45ba554f11a72022-01-11 12:20:43.585root 11241100x80000000000000003912052Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8544b24441d6b4ae2022-01-11 12:20:43.585root 11241100x80000000000000003912053Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.416f94647efd44642022-01-11 12:20:43.585root 11241100x80000000000000003912054Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e4436924b9b7b772022-01-11 12:20:43.585root 11241100x80000000000000003912055Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.45847d110c7c9b332022-01-11 12:20:43.585root 11241100x80000000000000003912056Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a385f26297762e762022-01-11 12:20:43.585root 11241100x80000000000000003912057Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a6b0b86f4b22bb42022-01-11 12:20:43.585root 11241100x80000000000000003912058Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00f00dca61f563722022-01-11 12:20:43.586root 11241100x80000000000000003912059Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0efa1d3157e60c6c2022-01-11 12:20:43.586root 11241100x80000000000000003912060Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa3ec81f286513fb2022-01-11 12:20:43.586root 11241100x80000000000000003912061Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.376fd13d4bea17fe2022-01-11 12:20:43.586root 11241100x80000000000000003912062Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.725defb589f30c9c2022-01-11 12:20:43.586root 11241100x80000000000000003912063Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b01e9a0c9bc807b2022-01-11 12:20:43.586root 11241100x80000000000000003912064Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f532dd1a7007d352022-01-11 12:20:43.586root 11241100x80000000000000003912065Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.585429d97fb41cac2022-01-11 12:20:43.586root 11241100x80000000000000003912066Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08f5a5ec5cee326e2022-01-11 12:20:43.586root 11241100x80000000000000003912067Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed88499f8583dfb62022-01-11 12:20:43.586root 11241100x80000000000000003912068Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.deb4e0a485a096182022-01-11 12:20:43.587root 11241100x80000000000000003912069Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2a6de8601204bdc2022-01-11 12:20:43.587root 11241100x80000000000000003912070Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7591995c22f85cad2022-01-11 12:20:43.587root 11241100x80000000000000003912071Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:43.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.226ed693195d6d112022-01-11 12:20:43.587root 11241100x80000000000000003912072Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3cec1c41282a9a712022-01-11 12:20:44.084root 11241100x80000000000000003912073Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0821a386240fbe82022-01-11 12:20:44.084root 11241100x80000000000000003912074Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5c8ceb73b71c05a2022-01-11 12:20:44.084root 11241100x80000000000000003912075Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.889ecdf1e16156802022-01-11 12:20:44.084root 11241100x80000000000000003912076Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88203f30fac187d92022-01-11 12:20:44.084root 11241100x80000000000000003912077Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3fe00b0ecd81bff22022-01-11 12:20:44.084root 11241100x80000000000000003912078Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e00c2c9066112d5a2022-01-11 12:20:44.084root 11241100x80000000000000003912079Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3554fee14e6b026b2022-01-11 12:20:44.084root 11241100x80000000000000003912080Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d59994cc4182ba72022-01-11 12:20:44.085root 11241100x80000000000000003912081Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68695e3f20870c032022-01-11 12:20:44.085root 11241100x80000000000000003912082Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40a6618d75aa67ff2022-01-11 12:20:44.085root 11241100x80000000000000003912083Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0cdee26824507552022-01-11 12:20:44.085root 11241100x80000000000000003912084Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d5cc04fb68901b12022-01-11 12:20:44.085root 11241100x80000000000000003912085Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f38a29c241879eb2022-01-11 12:20:44.085root 11241100x80000000000000003912086Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.752f89746b5245b22022-01-11 12:20:44.085root 11241100x80000000000000003912087Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9177880c1d92424f2022-01-11 12:20:44.085root 11241100x80000000000000003912088Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8671f4e6804325032022-01-11 12:20:44.085root 11241100x80000000000000003912089Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d92e56770b6a1ad02022-01-11 12:20:44.085root 11241100x80000000000000003912090Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8164e0129a4347b72022-01-11 12:20:44.086root 11241100x80000000000000003912091Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e126b85e31dfd3d02022-01-11 12:20:44.086root 11241100x80000000000000003912092Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac6bbb865212a69a2022-01-11 12:20:44.086root 11241100x80000000000000003912093Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67fc6e68d465f7192022-01-11 12:20:44.086root 11241100x80000000000000003912094Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.14267d25129d35142022-01-11 12:20:44.086root 11241100x80000000000000003912095Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d78259a1a04a60d2022-01-11 12:20:44.086root 11241100x80000000000000003912096Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6dbb772a33023e152022-01-11 12:20:44.086root 11241100x80000000000000003912097Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd8ec68aa4764edd2022-01-11 12:20:44.086root 11241100x80000000000000003912098Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4238eb65ecf823cd2022-01-11 12:20:44.086root 11241100x80000000000000003912099Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ee01005d7eccdaa2022-01-11 12:20:44.086root 11241100x80000000000000003912100Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.946f222a35c3a31a2022-01-11 12:20:44.087root 11241100x80000000000000003912101Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6156437ac881e2d42022-01-11 12:20:44.087root 11241100x80000000000000003912102Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e87cefb4d811a1be2022-01-11 12:20:44.087root 11241100x80000000000000003912103Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d9c8d97f5f4512e42022-01-11 12:20:44.087root 11241100x80000000000000003912104Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5ca1cb9319575d72022-01-11 12:20:44.087root 11241100x80000000000000003912105Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57d6aa712dd5c3d82022-01-11 12:20:44.087root 11241100x80000000000000003912106Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4ca1432686933512022-01-11 12:20:44.087root 11241100x80000000000000003912107Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.993964d87a76aa842022-01-11 12:20:44.087root 11241100x80000000000000003912108Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.caf43ba9fd95c3e02022-01-11 12:20:44.087root 11241100x80000000000000003912109Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1afc209b4d7b58652022-01-11 12:20:44.087root 11241100x80000000000000003912110Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c13c93e41a6f91e52022-01-11 12:20:44.087root 11241100x80000000000000003912111Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e67b29330464208a2022-01-11 12:20:44.088root 11241100x80000000000000003912112Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00bf7f5141a970ba2022-01-11 12:20:44.088root 11241100x80000000000000003912113Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15313d659daf14ca2022-01-11 12:20:44.088root 11241100x80000000000000003912114Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eaaf1204a83b12132022-01-11 12:20:44.088root 11241100x80000000000000003912115Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4d042385010ab65a2022-01-11 12:20:44.088root 11241100x80000000000000003912116Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4850791cb31ba122022-01-11 12:20:44.583root 11241100x80000000000000003912117Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26aa2aa391fbd1222022-01-11 12:20:44.584root 11241100x80000000000000003912118Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a0deb4ab39c485a2022-01-11 12:20:44.584root 11241100x80000000000000003912119Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7bd1b2edb83949752022-01-11 12:20:44.584root 11241100x80000000000000003912120Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.535122b6878c34ff2022-01-11 12:20:44.584root 11241100x80000000000000003912121Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.931a578ddaa607632022-01-11 12:20:44.584root 11241100x80000000000000003912122Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b3741d6980520152022-01-11 12:20:44.584root 11241100x80000000000000003912123Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fca375a4b77781c72022-01-11 12:20:44.584root 11241100x80000000000000003912124Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8887af8a31b6f5512022-01-11 12:20:44.584root 11241100x80000000000000003912125Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f1d42c422ae068d2022-01-11 12:20:44.584root 11241100x80000000000000003912126Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.27af3115c8b54ead2022-01-11 12:20:44.584root 11241100x80000000000000003912127Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.943b22a2dfe80b6d2022-01-11 12:20:44.584root 11241100x80000000000000003912128Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f3a7e23bdcf1be82022-01-11 12:20:44.585root 11241100x80000000000000003912129Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.772b350ec0e6a9ff2022-01-11 12:20:44.585root 11241100x80000000000000003912130Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0549c37b4c65abd72022-01-11 12:20:44.585root 11241100x80000000000000003912131Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0a2c992c55372112022-01-11 12:20:44.585root 11241100x80000000000000003912132Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b738fd7e25ec2db2022-01-11 12:20:44.585root 11241100x80000000000000003912133Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c568a8415c342eb02022-01-11 12:20:44.585root 11241100x80000000000000003912134Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.45d16dd8978dd2b62022-01-11 12:20:44.585root 11241100x80000000000000003912135Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25dba4a1af8453ce2022-01-11 12:20:44.585root 11241100x80000000000000003912136Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80f5b75635628abf2022-01-11 12:20:44.585root 11241100x80000000000000003912137Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0a77998d9881e162022-01-11 12:20:44.585root 11241100x80000000000000003912138Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c3969e532929a5aa2022-01-11 12:20:44.586root 11241100x80000000000000003912139Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.70cacf8af16e69e22022-01-11 12:20:44.586root 11241100x80000000000000003912140Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.693f8a5c34d11d2b2022-01-11 12:20:44.586root 11241100x80000000000000003912141Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae367fc0031c323a2022-01-11 12:20:44.586root 11241100x80000000000000003912142Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fba04f81ec57a6842022-01-11 12:20:44.586root 11241100x80000000000000003912143Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e5d83b752e6a13c2022-01-11 12:20:44.586root 11241100x80000000000000003912144Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d64cb617d81e0dad2022-01-11 12:20:44.587root 11241100x80000000000000003912145Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b43645eef69198d72022-01-11 12:20:44.587root 11241100x80000000000000003912146Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ad947e39ae87ba82022-01-11 12:20:44.587root 11241100x80000000000000003912147Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b265a25dff36f5b52022-01-11 12:20:44.587root 11241100x80000000000000003912148Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f4bb249a770b82d92022-01-11 12:20:44.587root 11241100x80000000000000003912149Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00288ec7f365d0de2022-01-11 12:20:44.588root 11241100x80000000000000003912150Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.727b218f4988d3552022-01-11 12:20:44.588root 11241100x80000000000000003912151Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f31d6118f7b66d792022-01-11 12:20:44.588root 11241100x80000000000000003912152Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.214cd92a93246d972022-01-11 12:20:44.588root 11241100x80000000000000003912153Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f5a472a894a926b32022-01-11 12:20:44.588root 11241100x80000000000000003912154Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c31344ce0c22f5f32022-01-11 12:20:44.588root 11241100x80000000000000003912155Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.24147b167c4584de2022-01-11 12:20:44.588root 11241100x80000000000000003912156Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7124bc7adb75fe202022-01-11 12:20:44.588root 11241100x80000000000000003912157Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23bda70bb874624b2022-01-11 12:20:44.589root 11241100x80000000000000003912158Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.70d10c418e3e56192022-01-11 12:20:44.589root 11241100x80000000000000003912159Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ede920356c298d52022-01-11 12:20:44.589root 11241100x80000000000000003912160Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3cbf3abb4112b2242022-01-11 12:20:44.589root 11241100x80000000000000003912161Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1e006700c5fd5682022-01-11 12:20:44.589root 11241100x80000000000000003912162Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.848fd0086a1cba8d2022-01-11 12:20:44.589root 11241100x80000000000000003912163Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7abaab42123f67d52022-01-11 12:20:44.589root 11241100x80000000000000003912164Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1bf00312e38efe5f2022-01-11 12:20:44.589root 11241100x80000000000000003912165Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06a53a667bb47a022022-01-11 12:20:44.589root 11241100x80000000000000003912166Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43be7f73268e913f2022-01-11 12:20:44.589root 11241100x80000000000000003912167Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d32717a3bce933962022-01-11 12:20:44.590root 11241100x80000000000000003912168Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5dafb82a18c2ecbb2022-01-11 12:20:44.590root 11241100x80000000000000003912169Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a0235bb195f6d532022-01-11 12:20:44.590root 11241100x80000000000000003912170Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b672e5228558e7e22022-01-11 12:20:44.590root 11241100x80000000000000003912171Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d9b3c9f8fe8991032022-01-11 12:20:44.590root 11241100x80000000000000003912172Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da2c5747073bb4352022-01-11 12:20:44.591root 11241100x80000000000000003912173Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2838481f6692406a2022-01-11 12:20:44.591root 11241100x80000000000000003912174Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:44.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5141421edb0b4c72022-01-11 12:20:44.591root 11241100x80000000000000003912175Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6de0e9130e382f322022-01-11 12:20:45.084root 11241100x80000000000000003912176Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1e19a4000e8084e32022-01-11 12:20:45.084root 11241100x80000000000000003912177Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e698a523b6f0cec2022-01-11 12:20:45.084root 11241100x80000000000000003912178Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a70d3a90d46a15f92022-01-11 12:20:45.084root 11241100x80000000000000003912179Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee980498ffbb98ef2022-01-11 12:20:45.084root 11241100x80000000000000003912180Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.769774f2f41088b12022-01-11 12:20:45.085root 11241100x80000000000000003912181Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e614b3d7958f7d72022-01-11 12:20:45.085root 11241100x80000000000000003912182Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e703e121f5c79bc12022-01-11 12:20:45.085root 11241100x80000000000000003912183Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7bae181472fcca72022-01-11 12:20:45.085root 11241100x80000000000000003912184Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d757c18075f767d2022-01-11 12:20:45.085root 11241100x80000000000000003912185Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c8b2405016893b62022-01-11 12:20:45.085root 11241100x80000000000000003912186Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d2b0811bad1b55e2022-01-11 12:20:45.085root 11241100x80000000000000003912187Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1472c7baa2419c6c2022-01-11 12:20:45.086root 11241100x80000000000000003912188Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ecf267400261bd92022-01-11 12:20:45.086root 11241100x80000000000000003912189Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.adda8d2e81fc1e7d2022-01-11 12:20:45.086root 11241100x80000000000000003912190Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a99f304a4c3f28742022-01-11 12:20:45.086root 11241100x80000000000000003912191Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9dd41c1666a8a59c2022-01-11 12:20:45.086root 11241100x80000000000000003912192Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a86d73bf4f69ca682022-01-11 12:20:45.087root 11241100x80000000000000003912193Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.78e80028a0e730ee2022-01-11 12:20:45.087root 11241100x80000000000000003912194Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4e1353ea3fb0f752022-01-11 12:20:45.087root 11241100x80000000000000003912195Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ad3c1d3ad1dbb302022-01-11 12:20:45.087root 11241100x80000000000000003912196Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fdfbc1ff0a5e29042022-01-11 12:20:45.088root 11241100x80000000000000003912197Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1cdf2e774ff2afff2022-01-11 12:20:45.088root 11241100x80000000000000003912198Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0eb45814c0d58e942022-01-11 12:20:45.088root 11241100x80000000000000003912199Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05860f03dad845fe2022-01-11 12:20:45.088root 11241100x80000000000000003912200Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfa634b869ec51e62022-01-11 12:20:45.088root 11241100x80000000000000003912201Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84d56022526c10ab2022-01-11 12:20:45.088root 11241100x80000000000000003912202Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af7881a010cf64452022-01-11 12:20:45.089root 11241100x80000000000000003912203Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f620138a408a7b002022-01-11 12:20:45.089root 11241100x80000000000000003912204Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.221d9563a3afa23a2022-01-11 12:20:45.089root 11241100x80000000000000003912205Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8cca7785ba7828a2022-01-11 12:20:45.089root 11241100x80000000000000003912206Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7f629e5bbe0a59c2022-01-11 12:20:45.089root 11241100x80000000000000003912207Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.009cf88284d51e032022-01-11 12:20:45.583root 11241100x80000000000000003912208Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.885156af0b451fee2022-01-11 12:20:45.583root 11241100x80000000000000003912209Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d088578f329837e2022-01-11 12:20:45.583root 11241100x80000000000000003912210Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b71257abd0de552c2022-01-11 12:20:45.583root 11241100x80000000000000003912211Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4293a3005f14e1a42022-01-11 12:20:45.583root 11241100x80000000000000003912212Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a8497d60766b18f2022-01-11 12:20:45.583root 11241100x80000000000000003912213Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba54bc42e7b8ca222022-01-11 12:20:45.584root 11241100x80000000000000003912214Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f857cb9ab0710dc2022-01-11 12:20:45.584root 11241100x80000000000000003912215Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d77eb2a3793bf402022-01-11 12:20:45.584root 11241100x80000000000000003912216Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc0db777f2f149bf2022-01-11 12:20:45.584root 11241100x80000000000000003912217Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.613c57499af297532022-01-11 12:20:45.584root 11241100x80000000000000003912218Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1febf5e3214971442022-01-11 12:20:45.584root 11241100x80000000000000003912219Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.506cf490458ca4e22022-01-11 12:20:45.584root 11241100x80000000000000003912220Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.254d91f2ac09ec122022-01-11 12:20:45.584root 11241100x80000000000000003912221Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.87585c975bfab0132022-01-11 12:20:45.584root 11241100x80000000000000003912222Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15ca305dcdaeedb52022-01-11 12:20:45.584root 11241100x80000000000000003912223Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.913709a530614c7d2022-01-11 12:20:45.584root 11241100x80000000000000003912224Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.741a113a6fe873622022-01-11 12:20:45.584root 11241100x80000000000000003912225Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.58d59999b92bf7d42022-01-11 12:20:45.584root 11241100x80000000000000003912226Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.811f731e293397f22022-01-11 12:20:45.584root 11241100x80000000000000003912227Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41a7f6d5448b8a5c2022-01-11 12:20:45.584root 11241100x80000000000000003912228Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b77da6e1f1cb174b2022-01-11 12:20:45.584root 11241100x80000000000000003912229Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d9ff73d069973b342022-01-11 12:20:45.585root 11241100x80000000000000003912230Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d9230e90d9501172022-01-11 12:20:45.585root 11241100x80000000000000003912231Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46d73a4e0826ac7a2022-01-11 12:20:45.585root 11241100x80000000000000003912232Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18b0ba2161fe48a92022-01-11 12:20:45.585root 11241100x80000000000000003912233Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f49118d7327d2502022-01-11 12:20:45.585root 11241100x80000000000000003912234Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66ddf2ce7ba91d3e2022-01-11 12:20:45.585root 11241100x80000000000000003912235Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e59d34481d37c782022-01-11 12:20:45.585root 11241100x80000000000000003912236Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05667877fa0c454d2022-01-11 12:20:45.585root 11241100x80000000000000003912237Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e2d2a7ad2c2b25c2022-01-11 12:20:45.585root 11241100x80000000000000003912238Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a645ac10b03a7d12022-01-11 12:20:45.585root 11241100x80000000000000003912239Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.788775953d13219e2022-01-11 12:20:45.585root 11241100x80000000000000003912240Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3423339018f83e3f2022-01-11 12:20:45.585root 11241100x80000000000000003912241Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c98a2cc57cae7fe42022-01-11 12:20:45.585root 11241100x80000000000000003912242Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39d920c530140e1f2022-01-11 12:20:45.585root 11241100x80000000000000003912243Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41a6fe6dc82ae9742022-01-11 12:20:45.586root 11241100x80000000000000003912244Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48da59c14fd4dc912022-01-11 12:20:45.586root 11241100x80000000000000003912245Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.59661c37d9f7dcd02022-01-11 12:20:45.586root 11241100x80000000000000003912246Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.093293a83b3554de2022-01-11 12:20:45.586root 11241100x80000000000000003912247Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6bbf335df749c062022-01-11 12:20:45.586root 11241100x80000000000000003912248Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e77809f7a789354e2022-01-11 12:20:45.586root 11241100x80000000000000003912249Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b06f770b3349c822022-01-11 12:20:45.586root 11241100x80000000000000003912250Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b953c6aaa59dda02022-01-11 12:20:45.586root 11241100x80000000000000003912251Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d43306ffa4519ab92022-01-11 12:20:45.586root 11241100x80000000000000003912252Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:45.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.916150f3495d13b22022-01-11 12:20:45.586root 11241100x80000000000000003912253Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f4614f1d1d413412022-01-11 12:20:46.083root 11241100x80000000000000003912254Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1255bf209fbba1432022-01-11 12:20:46.083root 11241100x80000000000000003912255Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b65a39da2cc3d7592022-01-11 12:20:46.083root 11241100x80000000000000003912256Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6070d07c3dfafb0e2022-01-11 12:20:46.083root 11241100x80000000000000003912257Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37c9ecd3404f12032022-01-11 12:20:46.083root 11241100x80000000000000003912258Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd3304f00222ec242022-01-11 12:20:46.084root 11241100x80000000000000003912259Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.31734e642a2e55662022-01-11 12:20:46.084root 11241100x80000000000000003912260Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47c1d610ba3c69282022-01-11 12:20:46.084root 11241100x80000000000000003912261Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c30008a166170b12022-01-11 12:20:46.084root 11241100x80000000000000003912262Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.30ca710698cce4e42022-01-11 12:20:46.084root 11241100x80000000000000003912263Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e69a7c28ae9f71d22022-01-11 12:20:46.084root 11241100x80000000000000003912264Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f32228e282b5bbc22022-01-11 12:20:46.084root 11241100x80000000000000003912265Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.688358101f5af9d42022-01-11 12:20:46.084root 11241100x80000000000000003912266Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d971b9b5ab719c982022-01-11 12:20:46.084root 11241100x80000000000000003912267Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.173ab1f153d847422022-01-11 12:20:46.084root 11241100x80000000000000003912268Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74b634ded2b4455f2022-01-11 12:20:46.085root 11241100x80000000000000003912269Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.99dd1ce913fab4e12022-01-11 12:20:46.085root 11241100x80000000000000003912270Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3e3af261155e1662022-01-11 12:20:46.085root 11241100x80000000000000003912271Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5097f89b2fc4bdb2022-01-11 12:20:46.085root 11241100x80000000000000003912272Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e4cdd6f04de857d2022-01-11 12:20:46.085root 11241100x80000000000000003912273Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33ce323ee29133ec2022-01-11 12:20:46.085root 11241100x80000000000000003912274Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5146af27ac9da8f02022-01-11 12:20:46.085root 11241100x80000000000000003912275Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1857e7ead08e08a92022-01-11 12:20:46.085root 11241100x80000000000000003912276Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88f1bd91d4beb5582022-01-11 12:20:46.085root 11241100x80000000000000003912277Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f6f3187edc431282022-01-11 12:20:46.085root 11241100x80000000000000003912278Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.578e0eac32c8ab842022-01-11 12:20:46.086root 11241100x80000000000000003912279Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0628277eb15a2b7e2022-01-11 12:20:46.086root 11241100x80000000000000003912280Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3878cb9e4bd1fff2022-01-11 12:20:46.086root 11241100x80000000000000003912281Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d56774217401c8042022-01-11 12:20:46.086root 11241100x80000000000000003912282Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a825c5551ddcf1d42022-01-11 12:20:46.086root 11241100x80000000000000003912283Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.746cc9b1cd7824e52022-01-11 12:20:46.086root 11241100x80000000000000003912284Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de61f178dd9a12052022-01-11 12:20:46.086root 11241100x80000000000000003912285Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b6a99492620d7fb2022-01-11 12:20:46.086root 11241100x80000000000000003912286Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f175d1cb579e49d2022-01-11 12:20:46.086root 11241100x80000000000000003912287Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bdf3ae8e45b2785f2022-01-11 12:20:46.087root 11241100x80000000000000003912288Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c4afb79de28f8f02022-01-11 12:20:46.087root 11241100x80000000000000003912289Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.78a8b84168c8d49c2022-01-11 12:20:46.087root 11241100x80000000000000003912290Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.78baaf1bf468b5332022-01-11 12:20:46.087root 11241100x80000000000000003912291Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.526a3728650644ee2022-01-11 12:20:46.087root 11241100x80000000000000003912292Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e25716464133f8d92022-01-11 12:20:46.087root 11241100x80000000000000003912293Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ee1b52a6f1650a02022-01-11 12:20:46.087root 11241100x80000000000000003912294Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b5f2faba3b3a7a9c2022-01-11 12:20:46.087root 11241100x80000000000000003912295Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93c50b1e28e957af2022-01-11 12:20:46.088root 11241100x80000000000000003912296Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ba3797e847a2d4e2022-01-11 12:20:46.088root 11241100x80000000000000003912297Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2cdbb32331473cd52022-01-11 12:20:46.088root 11241100x80000000000000003912298Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40e1d3df91b0a80f2022-01-11 12:20:46.088root 11241100x80000000000000003912299Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca85007d8148da942022-01-11 12:20:46.088root 11241100x80000000000000003912300Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0efcc8f239741abc2022-01-11 12:20:46.088root 11241100x80000000000000003912301Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e494f9e57c39696b2022-01-11 12:20:46.088root 11241100x80000000000000003912302Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d81300d6f5b6e542022-01-11 12:20:46.088root 11241100x80000000000000003912303Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32e3d11831e1b0422022-01-11 12:20:46.088root 11241100x80000000000000003912304Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06d79a3ccf2018d02022-01-11 12:20:46.088root 11241100x80000000000000003912305Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.afaa3a5cbaed1af72022-01-11 12:20:46.088root 11241100x80000000000000003912306Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c81327b7cc8130a2022-01-11 12:20:46.089root 11241100x80000000000000003912307Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b62f5caba2b433462022-01-11 12:20:46.089root 11241100x80000000000000003912308Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.769b37d52dbd0f872022-01-11 12:20:46.089root 11241100x80000000000000003912309Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be0a7f9910cb02042022-01-11 12:20:46.089root 11241100x80000000000000003912310Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c364d1781169a1d42022-01-11 12:20:46.089root 11241100x80000000000000003912311Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbf28585b17a2c6e2022-01-11 12:20:46.089root 11241100x80000000000000003912312Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0018fb357a69ed3f2022-01-11 12:20:46.089root 11241100x80000000000000003912313Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e022efc1642952f2022-01-11 12:20:46.089root 11241100x80000000000000003912314Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19a34b3d678ca6252022-01-11 12:20:46.089root 11241100x80000000000000003912315Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e45b9869263216522022-01-11 12:20:46.089root 11241100x80000000000000003912316Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2fe8de7c9cd30862022-01-11 12:20:46.089root 11241100x80000000000000003912317Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a56c0bea76d775c32022-01-11 12:20:46.089root 11241100x80000000000000003912318Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae0ed57f2991a4cd2022-01-11 12:20:46.089root 11241100x80000000000000003912319Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.98c89922da49472e2022-01-11 12:20:46.089root 11241100x80000000000000003912320Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd6c46a42e389fb12022-01-11 12:20:46.090root 11241100x80000000000000003912321Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.253aea50f3060a9f2022-01-11 12:20:46.090root 11241100x80000000000000003912322Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.672c78da09973c9f2022-01-11 12:20:46.090root 11241100x80000000000000003912323Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1a192e9a6b25d252022-01-11 12:20:46.090root 11241100x80000000000000003912324Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00e9d21e539ccbc32022-01-11 12:20:46.090root 11241100x80000000000000003912325Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53a1505ce97e82c12022-01-11 12:20:46.090root 11241100x80000000000000003912326Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f089e68811236d42022-01-11 12:20:46.090root 11241100x80000000000000003912327Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dee88778593300d62022-01-11 12:20:46.090root 11241100x80000000000000003912328Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2457728d7295d572022-01-11 12:20:46.090root 11241100x80000000000000003912329Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0032e3e65f4beef22022-01-11 12:20:46.090root 11241100x80000000000000003912330Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25b85ef72429ce7f2022-01-11 12:20:46.090root 11241100x80000000000000003912331Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c4f5c9c963770222022-01-11 12:20:46.090root 11241100x80000000000000003912332Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2159dfaf6d2376f92022-01-11 12:20:46.090root 11241100x80000000000000003912333Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3f07346674b7c552022-01-11 12:20:46.090root 11241100x80000000000000003912334Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f5a2d43f94005aa2022-01-11 12:20:46.090root 11241100x80000000000000003912335Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f263a900e811961f2022-01-11 12:20:46.090root 11241100x80000000000000003912336Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca3f72791a0fe6622022-01-11 12:20:46.091root 11241100x80000000000000003912337Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5269fdfab05c428a2022-01-11 12:20:46.091root 11241100x80000000000000003912338Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c68222f2185dfeb2022-01-11 12:20:46.091root 11241100x80000000000000003912339Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cefeec8c088b49be2022-01-11 12:20:46.583root 11241100x80000000000000003912340Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef45e517d4498b522022-01-11 12:20:46.583root 11241100x80000000000000003912341Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f769c99b3bbcc9502022-01-11 12:20:46.583root 11241100x80000000000000003912342Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ceedfea307bda9e2022-01-11 12:20:46.583root 11241100x80000000000000003912343Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51989090d2f669522022-01-11 12:20:46.584root 11241100x80000000000000003912344Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ffa8420709bcf682022-01-11 12:20:46.584root 11241100x80000000000000003912345Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d38096bdaec1aadc2022-01-11 12:20:46.584root 11241100x80000000000000003912346Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fad689c38721a12b2022-01-11 12:20:46.584root 11241100x80000000000000003912347Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0fdfdf003f161822022-01-11 12:20:46.584root 11241100x80000000000000003912348Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f15b23891926fae52022-01-11 12:20:46.584root 11241100x80000000000000003912349Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20558eddf0c54f0e2022-01-11 12:20:46.584root 11241100x80000000000000003912350Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c1efc2d67863d5e2022-01-11 12:20:46.584root 11241100x80000000000000003912351Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fec8ed3fe3ecb9782022-01-11 12:20:46.585root 11241100x80000000000000003912352Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6473b435da0db702022-01-11 12:20:46.585root 11241100x80000000000000003912353Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c8c49b227582ffa2022-01-11 12:20:46.585root 11241100x80000000000000003912354Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0c6e5a9378675142022-01-11 12:20:46.585root 11241100x80000000000000003912355Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6e50ffde4ebf2ab2022-01-11 12:20:46.585root 11241100x80000000000000003912356Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97301436cf2fe76c2022-01-11 12:20:46.585root 11241100x80000000000000003912357Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.360c8347c54355a62022-01-11 12:20:46.586root 11241100x80000000000000003912358Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01a76a45517056732022-01-11 12:20:46.586root 11241100x80000000000000003912359Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.124e61ff4d2662572022-01-11 12:20:46.586root 11241100x80000000000000003912360Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54cf28920099e9752022-01-11 12:20:46.586root 11241100x80000000000000003912361Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf4a7ca95dea56b32022-01-11 12:20:46.586root 11241100x80000000000000003912362Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6998f28906b6e7162022-01-11 12:20:46.586root 11241100x80000000000000003912363Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a247c8780b5837c32022-01-11 12:20:46.586root 11241100x80000000000000003912364Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eec3a86b690e80b62022-01-11 12:20:46.586root 11241100x80000000000000003912365Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35573b3b222a318c2022-01-11 12:20:46.586root 11241100x80000000000000003912366Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.014a61de723e16c72022-01-11 12:20:46.587root 11241100x80000000000000003912367Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.387512fe323693c02022-01-11 12:20:46.587root 11241100x80000000000000003912368Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e794c0643db0f1fa2022-01-11 12:20:46.587root 11241100x80000000000000003912369Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84358ac7e1a087482022-01-11 12:20:46.587root 11241100x80000000000000003912370Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.99943eb9d73fcb252022-01-11 12:20:46.587root 11241100x80000000000000003912371Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bccdbad1c5161ac12022-01-11 12:20:46.587root 11241100x80000000000000003912372Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6698d95d8c62049c2022-01-11 12:20:46.587root 11241100x80000000000000003912373Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1a8e605e8f340b42022-01-11 12:20:46.587root 11241100x80000000000000003912374Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b7ae1a86d9742462022-01-11 12:20:46.587root 11241100x80000000000000003912375Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56b2f9cf1e1dee432022-01-11 12:20:46.588root 11241100x80000000000000003912376Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5771c55edfa895d42022-01-11 12:20:46.588root 11241100x80000000000000003912377Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.301c756f2f6a1d172022-01-11 12:20:46.588root 11241100x80000000000000003912378Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1bf8331f09aa32422022-01-11 12:20:46.588root 11241100x80000000000000003912379Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f77bbfcc31c33232022-01-11 12:20:46.588root 11241100x80000000000000003912380Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38b5e09c661140502022-01-11 12:20:46.588root 11241100x80000000000000003912381Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.78fe1d6b6c863f4b2022-01-11 12:20:46.588root 11241100x80000000000000003912382Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.acf0536ff98ed50d2022-01-11 12:20:46.588root 11241100x80000000000000003912383Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8b1e6ec7c93f3052022-01-11 12:20:46.588root 11241100x80000000000000003912384Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab9a19a17cbee83e2022-01-11 12:20:46.588root 11241100x80000000000000003912385Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f3c5a36a721de31c2022-01-11 12:20:46.588root 11241100x80000000000000003912386Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca282a25c9c21d282022-01-11 12:20:46.588root 11241100x80000000000000003912387Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb7ca70eeaaa7faf2022-01-11 12:20:46.588root 11241100x80000000000000003912388Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50bc8c20572d74392022-01-11 12:20:46.588root 11241100x80000000000000003912389Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77033a99748a243c2022-01-11 12:20:46.589root 11241100x80000000000000003912390Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f452516aaad78872022-01-11 12:20:46.589root 11241100x80000000000000003912391Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c44b55dc20131fe2022-01-11 12:20:46.589root 11241100x80000000000000003912392Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10ee98392638eb272022-01-11 12:20:46.589root 11241100x80000000000000003912393Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a3b0e10d609c1522022-01-11 12:20:46.589root 11241100x80000000000000003912394Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0597e6bc79979512022-01-11 12:20:46.589root 11241100x80000000000000003912395Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a95ef1ae703327af2022-01-11 12:20:46.589root 11241100x80000000000000003912396Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e7ca68b401c6db02022-01-11 12:20:46.589root 11241100x80000000000000003912397Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da528cc4c36599b92022-01-11 12:20:46.589root 11241100x80000000000000003912398Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.60f60ca9007030052022-01-11 12:20:46.589root 11241100x80000000000000003912399Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.388c19defc2b20d02022-01-11 12:20:46.590root 11241100x80000000000000003912400Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a5904896dde7fc12022-01-11 12:20:46.590root 11241100x80000000000000003912401Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15954fb4f675d5eb2022-01-11 12:20:46.590root 11241100x80000000000000003912402Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6549c4b54ece3e12022-01-11 12:20:46.590root 11241100x80000000000000003912403Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8645d8bc430d4892022-01-11 12:20:46.590root 11241100x80000000000000003912404Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.646efabf50979c5a2022-01-11 12:20:46.590root 11241100x80000000000000003912405Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:46.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ccdb36deba86a4572022-01-11 12:20:46.590root 11241100x80000000000000003912406Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5b0d5c6716613972022-01-11 12:20:47.083root 11241100x80000000000000003912407Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5354df48466711b82022-01-11 12:20:47.083root 11241100x80000000000000003912408Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38eab96df97c08782022-01-11 12:20:47.083root 11241100x80000000000000003912409Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.969bb0a970b716962022-01-11 12:20:47.083root 11241100x80000000000000003912410Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0e04471a6e25ac32022-01-11 12:20:47.083root 11241100x80000000000000003912411Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.03cb48e0e9fbaecd2022-01-11 12:20:47.084root 11241100x80000000000000003912412Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db9dd9015e9c11d42022-01-11 12:20:47.084root 11241100x80000000000000003912413Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be93903ad6dfa2612022-01-11 12:20:47.084root 11241100x80000000000000003912414Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.479f1a822bcaa12c2022-01-11 12:20:47.084root 11241100x80000000000000003912415Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8657f60c6e2c5792022-01-11 12:20:47.084root 11241100x80000000000000003912416Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9655ef5e139796e12022-01-11 12:20:47.084root 11241100x80000000000000003912417Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.31cec122e070ae9e2022-01-11 12:20:47.084root 11241100x80000000000000003912418Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.64b53318679b387d2022-01-11 12:20:47.084root 11241100x80000000000000003912419Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e2cb436c329ea972022-01-11 12:20:47.084root 11241100x80000000000000003912420Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.210ec9c4747b70292022-01-11 12:20:47.084root 11241100x80000000000000003912421Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eee46c7903a031d32022-01-11 12:20:47.085root 11241100x80000000000000003912422Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3054fea0f24955082022-01-11 12:20:47.085root 11241100x80000000000000003912423Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7642d2451e454852022-01-11 12:20:47.085root 11241100x80000000000000003912424Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.860e2899938edd9f2022-01-11 12:20:47.085root 11241100x80000000000000003912425Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2e4ecdd5fa694692022-01-11 12:20:47.085root 11241100x80000000000000003912426Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9aad71fb731e16192022-01-11 12:20:47.085root 11241100x80000000000000003912427Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91710816b697e2612022-01-11 12:20:47.085root 11241100x80000000000000003912428Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e43d1bd15dee616c2022-01-11 12:20:47.085root 11241100x80000000000000003912429Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4d68c6acd2f7f4bc2022-01-11 12:20:47.085root 11241100x80000000000000003912430Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.188d71f65c0665792022-01-11 12:20:47.085root 11241100x80000000000000003912431Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8bb1be595efd386b2022-01-11 12:20:47.085root 11241100x80000000000000003912432Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0c27768bdad954a2022-01-11 12:20:47.085root 11241100x80000000000000003912433Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f4c87619d27249e82022-01-11 12:20:47.085root 11241100x80000000000000003912434Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0bad1e1156d5c6f72022-01-11 12:20:47.085root 11241100x80000000000000003912435Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.748fa66cb77e537f2022-01-11 12:20:47.085root 11241100x80000000000000003912436Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.990cceba80689adf2022-01-11 12:20:47.086root 11241100x80000000000000003912437Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9bc22302ce797f322022-01-11 12:20:47.086root 11241100x80000000000000003912438Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.502ea5f3b1e7249c2022-01-11 12:20:47.086root 11241100x80000000000000003912439Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4aa01039dd382ed62022-01-11 12:20:47.086root 11241100x80000000000000003912440Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02e4c9566a43e3552022-01-11 12:20:47.086root 11241100x80000000000000003912441Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.27f2cb2f30a2db472022-01-11 12:20:47.086root 11241100x80000000000000003912442Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8bf0ced2f13f856c2022-01-11 12:20:47.086root 11241100x80000000000000003912443Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d6989bd559c27bd2022-01-11 12:20:47.086root 11241100x80000000000000003912444Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa537ad1a4f5ed002022-01-11 12:20:47.086root 11241100x80000000000000003912445Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae07f799f789751e2022-01-11 12:20:47.086root 11241100x80000000000000003912446Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce4cba88c71699522022-01-11 12:20:47.086root 11241100x80000000000000003912447Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7613feb5bec01d812022-01-11 12:20:47.086root 11241100x80000000000000003912448Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d87552f44b71ad92022-01-11 12:20:47.086root 11241100x80000000000000003912449Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35da08dfedde3e0c2022-01-11 12:20:47.086root 11241100x80000000000000003912450Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d0d6c19680b877942022-01-11 12:20:47.087root 11241100x80000000000000003912451Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6aafab20f5d350d2022-01-11 12:20:47.087root 11241100x80000000000000003912452Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d409186ec4c9defa2022-01-11 12:20:47.087root 11241100x80000000000000003912453Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a52b108e48e380e2022-01-11 12:20:47.087root 11241100x80000000000000003912454Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83e663697b64f10b2022-01-11 12:20:47.087root 11241100x80000000000000003912455Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4295c16333792e02022-01-11 12:20:47.087root 11241100x80000000000000003912456Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.626b4bef65726bab2022-01-11 12:20:47.087root 11241100x80000000000000003912457Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.871d7127c3fa87222022-01-11 12:20:47.087root 11241100x80000000000000003912458Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6189878310d9af0e2022-01-11 12:20:47.087root 11241100x80000000000000003912459Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82353a86a3c85d402022-01-11 12:20:47.087root 11241100x80000000000000003912460Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84fd427a4e8b2b0b2022-01-11 12:20:47.087root 11241100x80000000000000003912461Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.352b3a2bdc4611162022-01-11 12:20:47.088root 11241100x80000000000000003912462Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cce0f4d1d7dbb8f52022-01-11 12:20:47.088root 11241100x80000000000000003912463Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54276946f68750652022-01-11 12:20:47.088root 11241100x80000000000000003912464Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f2c60c38705cb682022-01-11 12:20:47.088root 11241100x80000000000000003912465Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.708283c666a68a862022-01-11 12:20:47.088root 11241100x80000000000000003912466Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c79ef1490400d87d2022-01-11 12:20:47.088root 11241100x80000000000000003912467Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eeb5416f0b1c02cf2022-01-11 12:20:47.088root 11241100x80000000000000003912468Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9edcd7815a8e78e62022-01-11 12:20:47.088root 11241100x80000000000000003912469Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de6a08e01f396dac2022-01-11 12:20:47.088root 11241100x80000000000000003912470Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73bbe5449c977b482022-01-11 12:20:47.088root 11241100x80000000000000003912471Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.524b177605f8fcf02022-01-11 12:20:47.089root 11241100x80000000000000003912472Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b8331b421f61a0f92022-01-11 12:20:47.089root 11241100x80000000000000003912473Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.888fab295b9bdabb2022-01-11 12:20:47.089root 11241100x80000000000000003912474Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.675540d0fbb5041d2022-01-11 12:20:47.089root 11241100x80000000000000003912475Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2b8bd3e63b7f04c2022-01-11 12:20:47.089root 11241100x80000000000000003912476Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1508864de4a899c92022-01-11 12:20:47.089root 11241100x80000000000000003912477Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cbd2cec088ed872e2022-01-11 12:20:47.090root 11241100x80000000000000003912478Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.469a3182c7cb5dfd2022-01-11 12:20:47.090root 11241100x80000000000000003912479Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8028610ab2eac4322022-01-11 12:20:47.091root 11241100x80000000000000003912480Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1aebda19f90955ef2022-01-11 12:20:47.091root 11241100x80000000000000003912481Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.092{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ebb2804b3ce932982022-01-11 12:20:47.092root 11241100x80000000000000003912482Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.092{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86638d0a97bccab62022-01-11 12:20:47.092root 11241100x80000000000000003912483Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.092{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83e1d1cd3be8bea82022-01-11 12:20:47.092root 11241100x80000000000000003912484Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.092{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa1dfa0a09c007012022-01-11 12:20:47.092root 11241100x80000000000000003912485Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.092{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cbf41e62c53178d22022-01-11 12:20:47.092root 11241100x80000000000000003912486Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.092{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb3d23456c0475db2022-01-11 12:20:47.092root 11241100x80000000000000003912487Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.092{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bcca4ed7b74450522022-01-11 12:20:47.092root 11241100x80000000000000003912488Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.092{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6f1c59f877daafe2022-01-11 12:20:47.092root 11241100x80000000000000003912489Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e17c12c19d963492022-01-11 12:20:47.583root 11241100x80000000000000003912490Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f553e59ce64be822022-01-11 12:20:47.584root 11241100x80000000000000003912491Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.afb590035b7d850f2022-01-11 12:20:47.584root 11241100x80000000000000003912492Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5498870373d0b642022-01-11 12:20:47.584root 11241100x80000000000000003912493Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0913b78dd8828c3c2022-01-11 12:20:47.584root 11241100x80000000000000003912494Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3a6d574bcbef8542022-01-11 12:20:47.584root 11241100x80000000000000003912495Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47931597b74128e02022-01-11 12:20:47.585root 11241100x80000000000000003912496Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.284d4fb41e2d380f2022-01-11 12:20:47.585root 11241100x80000000000000003912497Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0683f4e41caeb7da2022-01-11 12:20:47.585root 11241100x80000000000000003912498Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.588397ea65c1c71b2022-01-11 12:20:47.585root 11241100x80000000000000003912499Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cbf8f6135cc71f9d2022-01-11 12:20:47.585root 11241100x80000000000000003912500Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e7faf0b1cc29ecd2022-01-11 12:20:47.585root 11241100x80000000000000003912501Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e16b0ed68ffcedda2022-01-11 12:20:47.585root 11241100x80000000000000003912502Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dbe6b029e0652b8a2022-01-11 12:20:47.586root 11241100x80000000000000003912503Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b10d4fc2b793e54c2022-01-11 12:20:47.586root 11241100x80000000000000003912504Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6292f16a54ef5252022-01-11 12:20:47.586root 11241100x80000000000000003912505Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e3aa04a0bed308b2022-01-11 12:20:47.586root 11241100x80000000000000003912506Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ecf5a3d10e8f242e2022-01-11 12:20:47.586root 11241100x80000000000000003912507Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.103e0cfe629d957e2022-01-11 12:20:47.586root 11241100x80000000000000003912508Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8852a0390f274aca2022-01-11 12:20:47.586root 11241100x80000000000000003912509Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22819a35dc3a83092022-01-11 12:20:47.586root 11241100x80000000000000003912510Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d59322f9159e737f2022-01-11 12:20:47.586root 11241100x80000000000000003912511Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.653839b545558d3c2022-01-11 12:20:47.587root 11241100x80000000000000003912512Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d84dbc9e6d97fe72022-01-11 12:20:47.587root 11241100x80000000000000003912513Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83012e5a56667a962022-01-11 12:20:47.587root 11241100x80000000000000003912514Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.afa7395234bfb4f62022-01-11 12:20:47.587root 11241100x80000000000000003912515Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c133ef45019ce2162022-01-11 12:20:47.587root 11241100x80000000000000003912516Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f2d613a5008be8a2022-01-11 12:20:47.587root 11241100x80000000000000003912517Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7c8ee3bd91d6f5b2022-01-11 12:20:47.587root 11241100x80000000000000003912518Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ceb76a7551ec96aa2022-01-11 12:20:47.588root 11241100x80000000000000003912519Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d7173d0a38b310a2022-01-11 12:20:47.588root 11241100x80000000000000003912520Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c10236e528048902022-01-11 12:20:47.588root 11241100x80000000000000003912521Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.074cba0f703269802022-01-11 12:20:47.588root 11241100x80000000000000003912522Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.772e9927dde491ef2022-01-11 12:20:47.588root 11241100x80000000000000003912523Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aef9cd4244d90db72022-01-11 12:20:47.589root 11241100x80000000000000003912524Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e67f26b89ff74912022-01-11 12:20:47.589root 11241100x80000000000000003912525Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad76b828036a82242022-01-11 12:20:47.589root 11241100x80000000000000003912526Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.244a21865a1c97492022-01-11 12:20:47.589root 11241100x80000000000000003912527Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff70b07a8720a9f42022-01-11 12:20:47.589root 11241100x80000000000000003912528Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5166a357246d21382022-01-11 12:20:47.589root 11241100x80000000000000003912529Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09a4adc08a635fc22022-01-11 12:20:47.590root 11241100x80000000000000003912530Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a51c7c4a9e2bdc8c2022-01-11 12:20:47.590root 11241100x80000000000000003912531Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.969e4d863025dec42022-01-11 12:20:47.590root 11241100x80000000000000003912532Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f14f395b6f61b4182022-01-11 12:20:47.591root 11241100x80000000000000003912533Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4cdba6bad53d52cb2022-01-11 12:20:47.591root 11241100x80000000000000003912534Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0e1b910bc181bd52022-01-11 12:20:47.591root 11241100x80000000000000003912535Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e16d9f96ed5c91d62022-01-11 12:20:47.591root 11241100x80000000000000003912536Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d709699070bec4132022-01-11 12:20:47.591root 11241100x80000000000000003912537Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.87071071949b93212022-01-11 12:20:47.591root 11241100x80000000000000003912538Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:47.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c591c30a6cadbb42022-01-11 12:20:47.591root 11241100x80000000000000003912539Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d34a54b43da261112022-01-11 12:20:48.084root 11241100x80000000000000003912540Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d9ce8276efae4972022-01-11 12:20:48.084root 11241100x80000000000000003912541Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96b99d3dd71ea7a42022-01-11 12:20:48.084root 11241100x80000000000000003912542Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.85bce850944e19292022-01-11 12:20:48.084root 11241100x80000000000000003912543Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ece1e544e3fc422a2022-01-11 12:20:48.084root 11241100x80000000000000003912544Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fce3a83890922c1f2022-01-11 12:20:48.085root 11241100x80000000000000003912545Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.048299769a6a018c2022-01-11 12:20:48.085root 11241100x80000000000000003912546Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.978c4eb632f6174e2022-01-11 12:20:48.085root 11241100x80000000000000003912547Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79d22bad86bae4b22022-01-11 12:20:48.085root 11241100x80000000000000003912548Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55000fbc1728cc432022-01-11 12:20:48.085root 11241100x80000000000000003912549Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6a5df5cc92f408a2022-01-11 12:20:48.085root 11241100x80000000000000003912550Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5edf6bc46c5683572022-01-11 12:20:48.085root 11241100x80000000000000003912551Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8869b31e4f1a883a2022-01-11 12:20:48.085root 11241100x80000000000000003912552Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d97b0521000f7ee02022-01-11 12:20:48.085root 11241100x80000000000000003912553Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd75b762907630022022-01-11 12:20:48.086root 11241100x80000000000000003912554Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.efb44de656ab22ed2022-01-11 12:20:48.086root 11241100x80000000000000003912555Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d87c1cdab9f685492022-01-11 12:20:48.086root 11241100x80000000000000003912556Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.831a2e997abf6bd22022-01-11 12:20:48.086root 11241100x80000000000000003912557Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c34b8708b37db122022-01-11 12:20:48.086root 11241100x80000000000000003912558Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04c7038242fc1a2d2022-01-11 12:20:48.086root 11241100x80000000000000003912559Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2add7f885989e5012022-01-11 12:20:48.086root 11241100x80000000000000003912560Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fda72117e3f524e32022-01-11 12:20:48.086root 11241100x80000000000000003912561Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c0a3d9ece1604702022-01-11 12:20:48.086root 11241100x80000000000000003912562Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8cb52665dd8125012022-01-11 12:20:48.086root 11241100x80000000000000003912563Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f23f077686552a82022-01-11 12:20:48.086root 11241100x80000000000000003912564Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc549dc6285f47512022-01-11 12:20:48.087root 11241100x80000000000000003912565Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d907f1a3f01204c2022-01-11 12:20:48.087root 11241100x80000000000000003912566Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.085e7fe1243359cc2022-01-11 12:20:48.087root 11241100x80000000000000003912567Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ebccd1699a06b7912022-01-11 12:20:48.087root 11241100x80000000000000003912568Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9642146ac9e29f6f2022-01-11 12:20:48.087root 11241100x80000000000000003912569Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.923f4df27449c4142022-01-11 12:20:48.087root 11241100x80000000000000003912570Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3680f6ab53e2417c2022-01-11 12:20:48.087root 11241100x80000000000000003912571Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba00df4ee74732db2022-01-11 12:20:48.584root 11241100x80000000000000003912572Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c957c845e3d9a442022-01-11 12:20:48.584root 11241100x80000000000000003912573Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1547ad3b4c8045b32022-01-11 12:20:48.584root 11241100x80000000000000003912574Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.64f877fd1641339b2022-01-11 12:20:48.585root 11241100x80000000000000003912575Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c9a8fe8d24884bb2022-01-11 12:20:48.585root 11241100x80000000000000003912576Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93dfbb2e0b671cb32022-01-11 12:20:48.585root 11241100x80000000000000003912577Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1c3fa14e253924d2022-01-11 12:20:48.585root 11241100x80000000000000003912578Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.602f2a11993980622022-01-11 12:20:48.585root 11241100x80000000000000003912579Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dcc1f282575850f72022-01-11 12:20:48.585root 11241100x80000000000000003912580Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.99041fe6f96573192022-01-11 12:20:48.585root 11241100x80000000000000003912581Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21979e10ccc933a12022-01-11 12:20:48.585root 11241100x80000000000000003912582Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01c1237242a22bf42022-01-11 12:20:48.585root 11241100x80000000000000003912583Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ccbbd3df0c8c2842022-01-11 12:20:48.585root 11241100x80000000000000003912584Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4eb649c681fc6cf22022-01-11 12:20:48.585root 11241100x80000000000000003912585Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef8f0eaffb3607b02022-01-11 12:20:48.586root 11241100x80000000000000003912586Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f299457cef176ea2022-01-11 12:20:48.586root 11241100x80000000000000003912587Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f45a9c5c976bd7722022-01-11 12:20:48.586root 11241100x80000000000000003912588Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86e666f263d4efc72022-01-11 12:20:48.586root 11241100x80000000000000003912589Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea77025ba9d24a972022-01-11 12:20:48.586root 11241100x80000000000000003912590Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aeb61409a565d4632022-01-11 12:20:48.586root 11241100x80000000000000003912591Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f32038afb2b69d952022-01-11 12:20:48.586root 11241100x80000000000000003912592Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e9bfa8ca11fa5cc2022-01-11 12:20:48.586root 11241100x80000000000000003912593Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57af410ca6ad91072022-01-11 12:20:48.587root 11241100x80000000000000003912594Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08d03b25143de2ea2022-01-11 12:20:48.587root 11241100x80000000000000003912595Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca1a1e3e43a8a0332022-01-11 12:20:48.587root 11241100x80000000000000003912596Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88303629bef7c4f72022-01-11 12:20:48.588root 11241100x80000000000000003912597Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d274db60a758a692022-01-11 12:20:48.588root 11241100x80000000000000003912598Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82117675e568b7c92022-01-11 12:20:48.589root 11241100x80000000000000003912599Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.771cc8e17553771c2022-01-11 12:20:48.589root 11241100x80000000000000003912600Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8b52b2d131394172022-01-11 12:20:48.589root 11241100x80000000000000003912601Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0a45d9a54a0c1902022-01-11 12:20:48.589root 11241100x80000000000000003912602Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:48.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da20f4654eb229312022-01-11 12:20:48.589root 354300x80000000000000003912603Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.063{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56304-false10.0.1.12-8000- 11241100x80000000000000003912604Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.064{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8bcd81720731990b2022-01-11 12:20:49.064root 11241100x80000000000000003912605Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.064{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee20cf2bd7b214422022-01-11 12:20:49.064root 11241100x80000000000000003912606Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.064{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36bd3dafe7ca60f72022-01-11 12:20:49.064root 11241100x80000000000000003912607Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.064{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a818b7e98326fbc2022-01-11 12:20:49.064root 11241100x80000000000000003912608Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.065{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4d04502e9adfa9f82022-01-11 12:20:49.065root 11241100x80000000000000003912609Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.065{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee5857d9e8730da62022-01-11 12:20:49.065root 11241100x80000000000000003912610Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.065{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33929746249d99fa2022-01-11 12:20:49.065root 11241100x80000000000000003912611Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.065{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10d17c129cf048842022-01-11 12:20:49.065root 11241100x80000000000000003912612Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.066{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d87f4fc64438eaf2022-01-11 12:20:49.066root 11241100x80000000000000003912613Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.066{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42a49655873b44762022-01-11 12:20:49.066root 11241100x80000000000000003912614Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.066{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e20f52e4083bf4812022-01-11 12:20:49.066root 11241100x80000000000000003912615Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.066{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fca3f4d17359a0a52022-01-11 12:20:49.066root 11241100x80000000000000003912616Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.066{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ce5a83fb0a152972022-01-11 12:20:49.066root 11241100x80000000000000003912617Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.066{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd651896d9b065f32022-01-11 12:20:49.066root 11241100x80000000000000003912618Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.067{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.731772456c0bf8b72022-01-11 12:20:49.067root 11241100x80000000000000003912619Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.067{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef3b30405c1cb4592022-01-11 12:20:49.067root 11241100x80000000000000003912620Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.067{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09d6f392ed1ad3522022-01-11 12:20:49.067root 11241100x80000000000000003912621Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.069{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b4befbfd43d21ab2022-01-11 12:20:49.069root 11241100x80000000000000003912622Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.069{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3fad27450376ec5a2022-01-11 12:20:49.069root 11241100x80000000000000003912623Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.069{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a183da6f4e200c5f2022-01-11 12:20:49.069root 11241100x80000000000000003912624Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.069{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d938f12aff073302022-01-11 12:20:49.069root 11241100x80000000000000003912625Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.069{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6e80015c7f230c62022-01-11 12:20:49.069root 11241100x80000000000000003912626Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.069{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32a4b91d90a76f3c2022-01-11 12:20:49.069root 11241100x80000000000000003912627Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.070{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd9f2312ca26ce6a2022-01-11 12:20:49.070root 11241100x80000000000000003912628Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.070{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21b3e5f00ae2b0992022-01-11 12:20:49.070root 11241100x80000000000000003912629Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.070{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.94e846b190bb143a2022-01-11 12:20:49.070root 11241100x80000000000000003912630Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.070{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9428e292cab065b42022-01-11 12:20:49.070root 11241100x80000000000000003912631Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.070{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ec163a9f33452a62022-01-11 12:20:49.070root 11241100x80000000000000003912632Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.070{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5769ece87b40c3ac2022-01-11 12:20:49.070root 11241100x80000000000000003912633Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.070{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0271a3a72a713982022-01-11 12:20:49.070root 11241100x80000000000000003912634Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.070{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.58ce47f4acaf785e2022-01-11 12:20:49.070root 11241100x80000000000000003912635Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.070{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b5bd69431f2ffdca2022-01-11 12:20:49.070root 11241100x80000000000000003912636Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.070{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1610aea1eb8f3202022-01-11 12:20:49.070root 11241100x80000000000000003912637Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.070{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd7e2da9910cd1172022-01-11 12:20:49.070root 11241100x80000000000000003912638Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.070{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.902260876ad0c8242022-01-11 12:20:49.070root 11241100x80000000000000003912639Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.070{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d1ae2a133c7e5912022-01-11 12:20:49.070root 11241100x80000000000000003912640Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.070{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00d8de79a81351a62022-01-11 12:20:49.070root 11241100x80000000000000003912641Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.070{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.068ce7c4c18b765a2022-01-11 12:20:49.070root 11241100x80000000000000003912642Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.071{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3b488ba3d1c53d62022-01-11 12:20:49.071root 11241100x80000000000000003912643Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.071{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b71bf8841d0b75862022-01-11 12:20:49.071root 11241100x80000000000000003912644Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.071{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3efdfa8744eed4e52022-01-11 12:20:49.071root 11241100x80000000000000003912645Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.071{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2cf918ee84994162022-01-11 12:20:49.071root 11241100x80000000000000003912646Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.071{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32527278ae55ba872022-01-11 12:20:49.071root 11241100x80000000000000003912647Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.071{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eae4c8cd5680de2f2022-01-11 12:20:49.071root 11241100x80000000000000003912648Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.071{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe502e1950ebc90d2022-01-11 12:20:49.071root 11241100x80000000000000003912649Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.071{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf6c7fc6a0fb5ed72022-01-11 12:20:49.071root 11241100x80000000000000003912650Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.071{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c3b4f366e7ca63da2022-01-11 12:20:49.071root 11241100x80000000000000003912651Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.071{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.030a849cf249be4a2022-01-11 12:20:49.071root 11241100x80000000000000003912652Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.071{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55f03565e08fd6b32022-01-11 12:20:49.071root 11241100x80000000000000003912653Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.071{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f271804b1b5da74b2022-01-11 12:20:49.071root 11241100x80000000000000003912654Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.071{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21684c79841d8c002022-01-11 12:20:49.071root 11241100x80000000000000003912655Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.071{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a2ffc4c1d5418212022-01-11 12:20:49.071root 11241100x80000000000000003912656Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c67c9ca2686252bf2022-01-11 12:20:49.333root 11241100x80000000000000003912657Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8efedac92b6f8e622022-01-11 12:20:49.333root 11241100x80000000000000003912658Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac9d7fee9390b3702022-01-11 12:20:49.333root 11241100x80000000000000003912659Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e90b0ec75cbb41a2022-01-11 12:20:49.333root 11241100x80000000000000003912660Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aee3f985797973272022-01-11 12:20:49.334root 11241100x80000000000000003912661Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3fd3058ac5042e112022-01-11 12:20:49.334root 11241100x80000000000000003912662Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da995dfed3d7ee1d2022-01-11 12:20:49.334root 11241100x80000000000000003912663Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.550e593205c69b522022-01-11 12:20:49.334root 11241100x80000000000000003912664Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.537c02efd98f03462022-01-11 12:20:49.334root 11241100x80000000000000003912665Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.479550a8637532082022-01-11 12:20:49.334root 11241100x80000000000000003912666Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68b112ef3ff14fa32022-01-11 12:20:49.334root 11241100x80000000000000003912667Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d566d988c7c81122022-01-11 12:20:49.334root 11241100x80000000000000003912668Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.622404c609e738672022-01-11 12:20:49.334root 11241100x80000000000000003912669Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7daa59e684ecf132022-01-11 12:20:49.334root 11241100x80000000000000003912670Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9900b58fe28308be2022-01-11 12:20:49.335root 11241100x80000000000000003912671Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69f643182fd3f0682022-01-11 12:20:49.335root 11241100x80000000000000003912672Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.60a64bc2fbcc55132022-01-11 12:20:49.335root 11241100x80000000000000003912673Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ead7a04a181639b2022-01-11 12:20:49.335root 11241100x80000000000000003912674Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34638e73d72b736d2022-01-11 12:20:49.335root 11241100x80000000000000003912675Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd122953a94338392022-01-11 12:20:49.335root 11241100x80000000000000003912676Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.079ae2264cf4731c2022-01-11 12:20:49.335root 11241100x80000000000000003912677Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a61ecfc039dd40a32022-01-11 12:20:49.335root 11241100x80000000000000003912678Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3410346a14c396ee2022-01-11 12:20:49.335root 11241100x80000000000000003912679Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec4f333b738066312022-01-11 12:20:49.336root 11241100x80000000000000003912680Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6da534255708b8c02022-01-11 12:20:49.336root 11241100x80000000000000003912681Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a77ce00b6625543b2022-01-11 12:20:49.336root 11241100x80000000000000003912682Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d8ffe33e6b2836e2022-01-11 12:20:49.336root 11241100x80000000000000003912683Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.07bdc6cd370942b22022-01-11 12:20:49.336root 11241100x80000000000000003912684Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ca91549049c49eb2022-01-11 12:20:49.336root 11241100x80000000000000003912685Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb322a5fde3db2fc2022-01-11 12:20:49.336root 11241100x80000000000000003912686Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1eb45ebc5dfa79392022-01-11 12:20:49.336root 11241100x80000000000000003912687Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.341d9cbc2018333b2022-01-11 12:20:49.336root 11241100x80000000000000003912688Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b5b01a4dea7ab87f2022-01-11 12:20:49.337root 11241100x80000000000000003912689Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a386232907a384792022-01-11 12:20:49.337root 11241100x80000000000000003912690Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44952560fc48a5b12022-01-11 12:20:49.337root 11241100x80000000000000003912691Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eff18eb3320203472022-01-11 12:20:49.337root 11241100x80000000000000003912692Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6862bcc22ef9acf2022-01-11 12:20:49.337root 11241100x80000000000000003912693Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a368b91f8cd30f8c2022-01-11 12:20:49.337root 11241100x80000000000000003912694Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f75578f956c64b22022-01-11 12:20:49.337root 11241100x80000000000000003912695Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.031784a501a004342022-01-11 12:20:49.337root 11241100x80000000000000003912696Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba1b8828de3430e22022-01-11 12:20:49.337root 11241100x80000000000000003912697Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23dccae9b433a2e92022-01-11 12:20:49.337root 11241100x80000000000000003912698Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.678d754396b1ce742022-01-11 12:20:49.337root 11241100x80000000000000003912699Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a60c7088c7ab3f32022-01-11 12:20:49.338root 11241100x80000000000000003912700Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c6e258ed12c0cf32022-01-11 12:20:49.338root 11241100x80000000000000003912701Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc15d6139942754c2022-01-11 12:20:49.338root 11241100x80000000000000003912702Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0bf7631329fa3832022-01-11 12:20:49.338root 11241100x80000000000000003912703Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b52a21145996b64a2022-01-11 12:20:49.338root 11241100x80000000000000003912704Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dea6fb0e29641c202022-01-11 12:20:49.338root 11241100x80000000000000003912705Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab2eb95265332a472022-01-11 12:20:49.338root 11241100x80000000000000003912706Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67fa99f4d81a057b2022-01-11 12:20:49.338root 11241100x80000000000000003912707Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a46b3d8d78660dd2022-01-11 12:20:49.338root 11241100x80000000000000003912708Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed7bab5d63998a202022-01-11 12:20:49.338root 11241100x80000000000000003912709Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1b0a4e8f36027132022-01-11 12:20:49.338root 11241100x80000000000000003912710Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.abe7e45792add09d2022-01-11 12:20:49.339root 11241100x80000000000000003912711Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae9cd6a583b1b40f2022-01-11 12:20:49.339root 11241100x80000000000000003912712Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a0eaafcd78e2b392022-01-11 12:20:49.339root 11241100x80000000000000003912713Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9f9375c1c5448ec2022-01-11 12:20:49.339root 11241100x80000000000000003912714Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.341{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.58a2785b72852b612022-01-11 12:20:49.341root 154100x80000000000000003912715Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.796{ec2d504d-7621-61dd-90e5-77cfea550000}9859/usr/bin/ssh-keygen-----ssh-keygen/home/ubuntuubuntu{ec2d504d-5fc1-61dd-e803-000000000000}100033no level-{ec2d504d-5fc1-61dd-0874-7a9047560000}9580/bin/bash-bashubuntu 11241100x80000000000000003912716Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.798{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a01cf0a83c9ae0e2022-01-11 12:20:49.798root 11241100x80000000000000003912717Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.798{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6fd8fe6a43d89162022-01-11 12:20:49.798root 11241100x80000000000000003912718Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.799{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.952335570f71846b2022-01-11 12:20:49.799root 11241100x80000000000000003912719Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.799{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.506d084c8035e26c2022-01-11 12:20:49.799root 11241100x80000000000000003912720Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.799{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48c62b281d1dc85b2022-01-11 12:20:49.799root 11241100x80000000000000003912721Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.799{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae030ea0e90866602022-01-11 12:20:49.799root 11241100x80000000000000003912722Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.800{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4d0fdb8fa72c37a42022-01-11 12:20:49.800root 11241100x80000000000000003912723Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.800{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ff65f49c0f01ca62022-01-11 12:20:49.800root 11241100x80000000000000003912724Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.800{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.629ceb996237e0b02022-01-11 12:20:49.800root 11241100x80000000000000003912725Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.800{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1db2f8375130aca82022-01-11 12:20:49.800root 11241100x80000000000000003912726Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.800{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e36f35761d41f042022-01-11 12:20:49.800root 11241100x80000000000000003912727Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.801{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40d9431ec9f3aa022022-01-11 12:20:49.801root 11241100x80000000000000003912728Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.801{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b42ad5950c130b6c2022-01-11 12:20:49.801root 11241100x80000000000000003912729Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.801{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dfe39befa426385a2022-01-11 12:20:49.801root 11241100x80000000000000003912730Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.801{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4f5ccfc4b3a0f1d2022-01-11 12:20:49.801root 11241100x80000000000000003912731Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.801{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.497b1122d1608f512022-01-11 12:20:49.801root 11241100x80000000000000003912732Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.801{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad1094cd578b0e7b2022-01-11 12:20:49.801root 11241100x80000000000000003912733Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.802{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d2344ef10eebd6d2022-01-11 12:20:49.802root 11241100x80000000000000003912734Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.802{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d4e0a78dce9204c2022-01-11 12:20:49.802root 11241100x80000000000000003912735Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.802{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.795118e6c299adc52022-01-11 12:20:49.802root 11241100x80000000000000003912736Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.802{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9cc87e01c45815ba2022-01-11 12:20:49.802root 11241100x80000000000000003912737Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.802{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.99dad16a7154c0352022-01-11 12:20:49.802root 11241100x80000000000000003912738Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.803{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1700b5e8356e2272022-01-11 12:20:49.803root 11241100x80000000000000003912739Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.803{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6490d405d7b16c682022-01-11 12:20:49.803root 11241100x80000000000000003912740Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.803{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db5ba5732f6530f52022-01-11 12:20:49.803root 11241100x80000000000000003912741Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.803{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec86aa519173b9302022-01-11 12:20:49.803root 11241100x80000000000000003912742Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.803{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.096e200c4444b0702022-01-11 12:20:49.803root 11241100x80000000000000003912743Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.803{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c89ed87f0c62c7fd2022-01-11 12:20:49.803root 11241100x80000000000000003912744Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.803{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aaf3c72d452f20c22022-01-11 12:20:49.803root 11241100x80000000000000003912745Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.803{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc04c20f8b5f49942022-01-11 12:20:49.803root 11241100x80000000000000003912746Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.804{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c621613d30735bc2022-01-11 12:20:49.804root 11241100x80000000000000003912747Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.804{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1fb7b46800e816ce2022-01-11 12:20:49.804root 11241100x80000000000000003912748Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.804{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2908705c3b2369cd2022-01-11 12:20:49.804root 11241100x80000000000000003912749Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.804{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00fd5345981cf06e2022-01-11 12:20:49.804root 11241100x80000000000000003912750Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.804{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.203314a8223125962022-01-11 12:20:49.804root 11241100x80000000000000003912751Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:49.804{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c3d6e6893212fca2022-01-11 12:20:49.804root 11241100x80000000000000003912752Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e037b81860f93f7b2022-01-11 12:20:50.083root 11241100x80000000000000003912753Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.29b4cf4bc6d1a34d2022-01-11 12:20:50.084root 11241100x80000000000000003912754Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c77a0cace70be2fd2022-01-11 12:20:50.084root 11241100x80000000000000003912755Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b07eda098843c0772022-01-11 12:20:50.085root 11241100x80000000000000003912756Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d940fb8e969319692022-01-11 12:20:50.085root 11241100x80000000000000003912757Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01a721b5d9722d2e2022-01-11 12:20:50.085root 11241100x80000000000000003912758Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b9cc25fbae12d6c2022-01-11 12:20:50.085root 11241100x80000000000000003912759Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.511d0c08e649cd7a2022-01-11 12:20:50.086root 11241100x80000000000000003912760Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf52ad622f9c49ce2022-01-11 12:20:50.086root 11241100x80000000000000003912761Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed58a3b8d63e90f22022-01-11 12:20:50.086root 11241100x80000000000000003912762Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a140f58a2dca64772022-01-11 12:20:50.086root 11241100x80000000000000003912763Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c0416b766bf80042022-01-11 12:20:50.086root 11241100x80000000000000003912764Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e442d57a885843c2022-01-11 12:20:50.087root 11241100x80000000000000003912765Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7f534661a3298e12022-01-11 12:20:50.087root 11241100x80000000000000003912766Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f645b4c7836654e02022-01-11 12:20:50.087root 11241100x80000000000000003912767Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77452c12c7c28e8c2022-01-11 12:20:50.087root 11241100x80000000000000003912768Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4f04eb92312ed3b2022-01-11 12:20:50.088root 11241100x80000000000000003912769Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06f30a7fac93b2232022-01-11 12:20:50.088root 11241100x80000000000000003912770Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.049549622478ed6b2022-01-11 12:20:50.088root 11241100x80000000000000003912771Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86dd8352c5aa071a2022-01-11 12:20:50.088root 11241100x80000000000000003912772Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c7141b2bcbac3902022-01-11 12:20:50.088root 11241100x80000000000000003912773Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18b904973651665d2022-01-11 12:20:50.089root 11241100x80000000000000003912774Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43013701861a41d52022-01-11 12:20:50.089root 11241100x80000000000000003912775Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a04ed072c30f13022022-01-11 12:20:50.089root 11241100x80000000000000003912776Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.790971008324fd392022-01-11 12:20:50.089root 11241100x80000000000000003912777Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8e2338f902750452022-01-11 12:20:50.090root 11241100x80000000000000003912778Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.94d12421f0d088c02022-01-11 12:20:50.090root 11241100x80000000000000003912779Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a3747b8352ad1cd2022-01-11 12:20:50.090root 11241100x80000000000000003912780Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1cccdba6df86ad412022-01-11 12:20:50.090root 11241100x80000000000000003912781Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5a1dfcc811a754a2022-01-11 12:20:50.090root 11241100x80000000000000003912782Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c89a57f3b27de39d2022-01-11 12:20:50.091root 11241100x80000000000000003912783Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c36d05f6b48152c52022-01-11 12:20:50.091root 11241100x80000000000000003912784Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86b2b8e6e11f9c912022-01-11 12:20:50.091root 11241100x80000000000000003912785Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c98995d3d365433c2022-01-11 12:20:50.091root 11241100x80000000000000003912786Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.849f205e40e62ff72022-01-11 12:20:50.091root 11241100x80000000000000003912787Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aaff859a3a31a7a42022-01-11 12:20:50.091root 11241100x80000000000000003912788Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.092{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2037dcbbc514a2de2022-01-11 12:20:50.092root 11241100x80000000000000003912789Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c45944b8aa0f43a92022-01-11 12:20:50.584root 11241100x80000000000000003912790Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7506be516a6acbbe2022-01-11 12:20:50.584root 11241100x80000000000000003912791Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4381374d678160bc2022-01-11 12:20:50.584root 11241100x80000000000000003912792Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5203d758e95131fc2022-01-11 12:20:50.584root 11241100x80000000000000003912793Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d9a41fec29302af2022-01-11 12:20:50.585root 11241100x80000000000000003912794Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f67e05b815776fc12022-01-11 12:20:50.585root 11241100x80000000000000003912795Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ff0f4fa6cc5ea3f2022-01-11 12:20:50.585root 11241100x80000000000000003912796Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.baf0a09f8dd73ab92022-01-11 12:20:50.585root 11241100x80000000000000003912797Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.326480ded633f8b42022-01-11 12:20:50.585root 11241100x80000000000000003912798Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0cb9e5551fdc4c92022-01-11 12:20:50.585root 11241100x80000000000000003912799Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d948abc4f1a63b172022-01-11 12:20:50.585root 11241100x80000000000000003912800Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7bafaf14615ea67c2022-01-11 12:20:50.585root 11241100x80000000000000003912801Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef45788ae43b52d62022-01-11 12:20:50.585root 11241100x80000000000000003912802Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.860c947e34055fb02022-01-11 12:20:50.585root 11241100x80000000000000003912803Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93e8d05f4692104d2022-01-11 12:20:50.586root 11241100x80000000000000003912804Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15abbcc6822370652022-01-11 12:20:50.586root 11241100x80000000000000003912805Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.961409c7667534a42022-01-11 12:20:50.586root 11241100x80000000000000003912806Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.724e57038953c7882022-01-11 12:20:50.586root 11241100x80000000000000003912807Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22ed8527154082402022-01-11 12:20:50.586root 11241100x80000000000000003912808Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f772f87c7a9c4d32022-01-11 12:20:50.586root 11241100x80000000000000003912809Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12f619fb1e3bab2a2022-01-11 12:20:50.586root 11241100x80000000000000003912810Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06091a156cef27c62022-01-11 12:20:50.586root 11241100x80000000000000003912811Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02cc4639039dff972022-01-11 12:20:50.586root 11241100x80000000000000003912812Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44566f89795426f12022-01-11 12:20:50.586root 11241100x80000000000000003912813Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0780fd5f9edc21d2022-01-11 12:20:50.587root 11241100x80000000000000003912814Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b75df6f997494fc12022-01-11 12:20:50.587root 11241100x80000000000000003912815Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f225a9bd8af2d1532022-01-11 12:20:50.587root 11241100x80000000000000003912816Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb62d92859f036342022-01-11 12:20:50.587root 11241100x80000000000000003912817Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f3ed7e855ac89ffd2022-01-11 12:20:50.587root 11241100x80000000000000003912818Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d57769bc02674a3a2022-01-11 12:20:50.587root 11241100x80000000000000003912819Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d28a6e8cc5368742022-01-11 12:20:50.587root 11241100x80000000000000003912820Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc3f4c414bb0dea32022-01-11 12:20:50.588root 11241100x80000000000000003912821Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff4fda9862331b3e2022-01-11 12:20:50.588root 11241100x80000000000000003912822Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:50.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8127840d66d08f3f2022-01-11 12:20:50.588root 11241100x80000000000000003912823Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.512493732c684e382022-01-11 12:20:51.084root 11241100x80000000000000003912824Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c36e83c13c496b212022-01-11 12:20:51.084root 11241100x80000000000000003912825Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a94fd2d2319cb8272022-01-11 12:20:51.084root 11241100x80000000000000003912826Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6842945afe85f1432022-01-11 12:20:51.084root 11241100x80000000000000003912827Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f67ee411cf44291a2022-01-11 12:20:51.085root 11241100x80000000000000003912828Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c96c4f42ab9d7c002022-01-11 12:20:51.085root 11241100x80000000000000003912829Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b8c1253e6080bf7c2022-01-11 12:20:51.085root 11241100x80000000000000003912830Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ff5baadb01ffab52022-01-11 12:20:51.085root 11241100x80000000000000003912831Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d91342819b5d9852022-01-11 12:20:51.085root 11241100x80000000000000003912832Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1caf5f92b87e0daa2022-01-11 12:20:51.085root 11241100x80000000000000003912833Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c9170a9211507512022-01-11 12:20:51.085root 11241100x80000000000000003912834Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e11e36513d1d28672022-01-11 12:20:51.085root 11241100x80000000000000003912835Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b5f9a9dec99b5fb2022-01-11 12:20:51.085root 11241100x80000000000000003912836Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c13b7ed66995c612022-01-11 12:20:51.086root 11241100x80000000000000003912837Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.221b7459097517ab2022-01-11 12:20:51.086root 11241100x80000000000000003912838Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f1663c5fdd564c02022-01-11 12:20:51.086root 11241100x80000000000000003912839Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.27d7a2214988ff5b2022-01-11 12:20:51.086root 11241100x80000000000000003912840Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61cbfab5fc58bdef2022-01-11 12:20:51.086root 11241100x80000000000000003912841Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3d8989b4539e80c2022-01-11 12:20:51.086root 11241100x80000000000000003912842Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a92b7b718c0303c2022-01-11 12:20:51.086root 11241100x80000000000000003912843Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dbf0a5b7969453e72022-01-11 12:20:51.086root 11241100x80000000000000003912844Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7497536bbd677952022-01-11 12:20:51.086root 11241100x80000000000000003912845Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c0defbcc93e02ba2022-01-11 12:20:51.087root 11241100x80000000000000003912846Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1afb63a8b171b23b2022-01-11 12:20:51.088root 11241100x80000000000000003912847Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d4e4e888c16f4572022-01-11 12:20:51.088root 11241100x80000000000000003912848Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6b071ff8cc84ab62022-01-11 12:20:51.088root 11241100x80000000000000003912849Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8e115407b530cd72022-01-11 12:20:51.088root 11241100x80000000000000003912850Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cee5829192b687292022-01-11 12:20:51.088root 11241100x80000000000000003912851Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.110915281b3dc0612022-01-11 12:20:51.088root 11241100x80000000000000003912852Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1caa41cd90b199c2022-01-11 12:20:51.088root 11241100x80000000000000003912853Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20ce1ac187e515b12022-01-11 12:20:51.088root 11241100x80000000000000003912854Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.264bbcc661b8ef272022-01-11 12:20:51.088root 11241100x80000000000000003912855Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04209f377b2160672022-01-11 12:20:51.089root 11241100x80000000000000003912856Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b731c385ad650b62022-01-11 12:20:51.089root 11241100x80000000000000003912857Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23756b2554d5a01a2022-01-11 12:20:51.583root 11241100x80000000000000003912858Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f90621219a7c678f2022-01-11 12:20:51.584root 11241100x80000000000000003912859Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f564a06fe4ca7852022-01-11 12:20:51.584root 11241100x80000000000000003912860Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.58a0cbfe55eab0b02022-01-11 12:20:51.584root 11241100x80000000000000003912861Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.213a3331b5feced02022-01-11 12:20:51.584root 11241100x80000000000000003912862Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09269dbf9345b15f2022-01-11 12:20:51.584root 11241100x80000000000000003912863Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.365fa41905538b242022-01-11 12:20:51.584root 11241100x80000000000000003912864Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d60e7308982a380d2022-01-11 12:20:51.584root 11241100x80000000000000003912865Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6e750787db49edb2022-01-11 12:20:51.584root 11241100x80000000000000003912866Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56f3b0d793dbea0f2022-01-11 12:20:51.585root 11241100x80000000000000003912867Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b687d37630b8c17d2022-01-11 12:20:51.585root 11241100x80000000000000003912868Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.026b9f0dc00222ed2022-01-11 12:20:51.585root 11241100x80000000000000003912869Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6d39316c572d3802022-01-11 12:20:51.585root 11241100x80000000000000003912870Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1dc2eef913b69a5c2022-01-11 12:20:51.585root 11241100x80000000000000003912871Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3d2ce443f93237f2022-01-11 12:20:51.585root 11241100x80000000000000003912872Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.366df924bf3869ea2022-01-11 12:20:51.585root 11241100x80000000000000003912873Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6197caa17e737412022-01-11 12:20:51.585root 11241100x80000000000000003912874Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36576492c39f48812022-01-11 12:20:51.585root 11241100x80000000000000003912875Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.380551f36f75dc1e2022-01-11 12:20:51.585root 11241100x80000000000000003912876Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7047289579cb89e42022-01-11 12:20:51.585root 11241100x80000000000000003912877Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d1caf72f4fec66f2022-01-11 12:20:51.586root 11241100x80000000000000003912878Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1146209df5ae85382022-01-11 12:20:51.586root 11241100x80000000000000003912879Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a50bb0c60ce1dbc2022-01-11 12:20:51.586root 11241100x80000000000000003912880Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8396c276b7f2d5db2022-01-11 12:20:51.586root 11241100x80000000000000003912881Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86a1b469e85083d42022-01-11 12:20:51.586root 11241100x80000000000000003912882Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c3f5d75eeb5b4e332022-01-11 12:20:51.586root 11241100x80000000000000003912883Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af06847a79dd72c42022-01-11 12:20:51.586root 11241100x80000000000000003912884Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a87682c266078322022-01-11 12:20:51.586root 11241100x80000000000000003912885Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d61590ce035816712022-01-11 12:20:51.586root 11241100x80000000000000003912886Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6bdb956c4d0be8cc2022-01-11 12:20:51.586root 11241100x80000000000000003912887Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f8107c9c96ebfb22022-01-11 12:20:51.586root 11241100x80000000000000003912888Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67cd5bcdb0f787292022-01-11 12:20:51.587root 11241100x80000000000000003912889Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15468f9b0d8bb6552022-01-11 12:20:51.587root 11241100x80000000000000003912890Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53cc278c4d9dc9a82022-01-11 12:20:51.587root 11241100x80000000000000003912891Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5cd744a8e80f19212022-01-11 12:20:51.587root 11241100x80000000000000003912892Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b7e457bf823c9842022-01-11 12:20:51.587root 11241100x80000000000000003912893Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ae3f17cd5fa75452022-01-11 12:20:51.587root 11241100x80000000000000003912894Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2654ebdf7bdd7a132022-01-11 12:20:51.587root 11241100x80000000000000003912895Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a221a847440b1cf72022-01-11 12:20:51.588root 11241100x80000000000000003912896Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:51.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35aaedfe9d13b0332022-01-11 12:20:51.588root 11241100x80000000000000003912897Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a848861d573892f12022-01-11 12:20:52.084root 11241100x80000000000000003912898Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.656c84ff285cdf9c2022-01-11 12:20:52.084root 11241100x80000000000000003912899Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c512734513902f42022-01-11 12:20:52.084root 11241100x80000000000000003912900Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fbbac72edb307e42022-01-11 12:20:52.084root 11241100x80000000000000003912901Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0aee682791fcd8812022-01-11 12:20:52.084root 11241100x80000000000000003912902Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c60cf843600248d2022-01-11 12:20:52.084root 11241100x80000000000000003912903Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a22f0b5d4315de1a2022-01-11 12:20:52.084root 11241100x80000000000000003912904Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50205a0b30d060a12022-01-11 12:20:52.085root 11241100x80000000000000003912905Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.52276b6c884947402022-01-11 12:20:52.085root 11241100x80000000000000003912906Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9dca604007a04b422022-01-11 12:20:52.085root 11241100x80000000000000003912907Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d1909a9cb2d06702022-01-11 12:20:52.085root 11241100x80000000000000003912908Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea1eb40210c033992022-01-11 12:20:52.085root 11241100x80000000000000003912909Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05d1e5186c2db3f02022-01-11 12:20:52.085root 11241100x80000000000000003912910Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.411d17ad9907042b2022-01-11 12:20:52.085root 11241100x80000000000000003912911Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d360445735fb99df2022-01-11 12:20:52.085root 11241100x80000000000000003912912Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40ae605ddc91a4112022-01-11 12:20:52.085root 11241100x80000000000000003912913Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6fffcb0be24e2e842022-01-11 12:20:52.086root 11241100x80000000000000003912914Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54124310ea2b86292022-01-11 12:20:52.086root 11241100x80000000000000003912915Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51b3b99394024c1c2022-01-11 12:20:52.086root 11241100x80000000000000003912916Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b85dc07fa30813cf2022-01-11 12:20:52.086root 11241100x80000000000000003912917Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43263a6d736dc9502022-01-11 12:20:52.086root 11241100x80000000000000003912918Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c173a8f3095079bd2022-01-11 12:20:52.086root 11241100x80000000000000003912919Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.949045804d5b0fc02022-01-11 12:20:52.086root 11241100x80000000000000003912920Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf5a98ce3e3ab7d82022-01-11 12:20:52.086root 11241100x80000000000000003912921Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de50f03c943b269b2022-01-11 12:20:52.086root 11241100x80000000000000003912922Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3423103bd1f0a9fa2022-01-11 12:20:52.086root 11241100x80000000000000003912923Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b964f5e0544fecd52022-01-11 12:20:52.086root 11241100x80000000000000003912924Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b593faa32812a9d62022-01-11 12:20:52.087root 11241100x80000000000000003912925Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3191260acca25082022-01-11 12:20:52.087root 11241100x80000000000000003912926Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8919af5553d1f55a2022-01-11 12:20:52.087root 11241100x80000000000000003912927Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9bb646810d0d4e762022-01-11 12:20:52.087root 11241100x80000000000000003912928Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c106b41eb03786912022-01-11 12:20:52.087root 11241100x80000000000000003912929Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff4e1d5756d396c22022-01-11 12:20:52.087root 11241100x80000000000000003912930Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.27b490de553ca15e2022-01-11 12:20:52.087root 11241100x80000000000000003912931Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.07fef2ea556052742022-01-11 12:20:52.087root 11241100x80000000000000003912932Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4407cea89b441572022-01-11 12:20:52.087root 11241100x80000000000000003912933Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02a1b9f518b44cc82022-01-11 12:20:52.583root 11241100x80000000000000003912934Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d99142c63d222ba2022-01-11 12:20:52.583root 11241100x80000000000000003912935Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32f5181944a4bd9c2022-01-11 12:20:52.583root 11241100x80000000000000003912936Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.974dc81d2d18c12b2022-01-11 12:20:52.583root 11241100x80000000000000003912937Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54843b4e2905de1d2022-01-11 12:20:52.584root 11241100x80000000000000003912938Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe9a4faa14bd76132022-01-11 12:20:52.584root 11241100x80000000000000003912939Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ff2eb79eeb811cd2022-01-11 12:20:52.584root 11241100x80000000000000003912940Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d10882564e88a5732022-01-11 12:20:52.584root 11241100x80000000000000003912941Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.991cb748b8bb18df2022-01-11 12:20:52.584root 11241100x80000000000000003912942Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec0a6c581c7ce5912022-01-11 12:20:52.584root 11241100x80000000000000003912943Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6fe64f45af7a23f2022-01-11 12:20:52.584root 11241100x80000000000000003912944Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e136a53aff3bc012022-01-11 12:20:52.585root 11241100x80000000000000003912945Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5681e281a220c4ad2022-01-11 12:20:52.585root 11241100x80000000000000003912946Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35f85525836372a92022-01-11 12:20:52.585root 11241100x80000000000000003912947Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b87dcae3295e57e2022-01-11 12:20:52.585root 11241100x80000000000000003912948Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.94b1f219fa868a702022-01-11 12:20:52.585root 11241100x80000000000000003912949Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.574bb298081fe8442022-01-11 12:20:52.585root 11241100x80000000000000003912950Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.52268a16d92b9d792022-01-11 12:20:52.585root 11241100x80000000000000003912951Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bee96c0dd29c5f342022-01-11 12:20:52.585root 11241100x80000000000000003912952Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1afd71fcb06011382022-01-11 12:20:52.586root 11241100x80000000000000003912953Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bea18cff9ba7c0432022-01-11 12:20:52.586root 11241100x80000000000000003912954Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.352f7be0683bdf2b2022-01-11 12:20:52.586root 11241100x80000000000000003912955Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb911070e836b5a02022-01-11 12:20:52.586root 11241100x80000000000000003912956Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a88c9eb0f016bdf2022-01-11 12:20:52.586root 11241100x80000000000000003912957Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e807e347f73bbaf92022-01-11 12:20:52.586root 11241100x80000000000000003912958Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74fa8c137e07f5a82022-01-11 12:20:52.586root 11241100x80000000000000003912959Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.985e09290df01d2c2022-01-11 12:20:52.587root 11241100x80000000000000003912960Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ae6deb02cebbb5d2022-01-11 12:20:52.587root 11241100x80000000000000003912961Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0cae1d6d0d86b3352022-01-11 12:20:52.587root 11241100x80000000000000003912962Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48d5c28f46dd42372022-01-11 12:20:52.587root 11241100x80000000000000003912963Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26ea47e2b757e8442022-01-11 12:20:52.587root 11241100x80000000000000003912964Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12c0c1b552ecb28c2022-01-11 12:20:52.587root 11241100x80000000000000003912965Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6fe597dccca46a9b2022-01-11 12:20:52.587root 11241100x80000000000000003912966Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.910490a22e78cf322022-01-11 12:20:52.587root 11241100x80000000000000003912967Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df3ed9b524e9d7922022-01-11 12:20:52.587root 11241100x80000000000000003912968Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67ba876489d2f0022022-01-11 12:20:52.587root 11241100x80000000000000003912969Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.03f1be04acc65e5e2022-01-11 12:20:52.587root 11241100x80000000000000003912970Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf244e27d60eae012022-01-11 12:20:52.587root 11241100x80000000000000003912971Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20b98a8b03055bbf2022-01-11 12:20:52.588root 11241100x80000000000000003912972Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.740fd21c502071be2022-01-11 12:20:52.588root 11241100x80000000000000003912973Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e658c940995752762022-01-11 12:20:52.588root 11241100x80000000000000003912974Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:52.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6c1e0f42504d1cd2022-01-11 12:20:52.588root 11241100x80000000000000003912975Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1d8fd87de36c9672022-01-11 12:20:53.084root 11241100x80000000000000003912976Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ae08390907fca312022-01-11 12:20:53.084root 11241100x80000000000000003912977Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.203e03349b23d56d2022-01-11 12:20:53.084root 11241100x80000000000000003912978Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1e564b3846419bc2022-01-11 12:20:53.084root 11241100x80000000000000003912979Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4aea0de032d7dc6f2022-01-11 12:20:53.084root 11241100x80000000000000003912980Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.866078ae0a9cf7772022-01-11 12:20:53.084root 11241100x80000000000000003912981Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.262a50ecf35479dd2022-01-11 12:20:53.084root 11241100x80000000000000003912982Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77f33bbcb7fcc5d02022-01-11 12:20:53.084root 11241100x80000000000000003912983Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.796cc4b1ee9846c32022-01-11 12:20:53.084root 11241100x80000000000000003912984Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7fe7f036085acf642022-01-11 12:20:53.084root 11241100x80000000000000003912985Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d6aafdf10ce4f9d2022-01-11 12:20:53.085root 11241100x80000000000000003912986Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49fc5a35bb7e86b22022-01-11 12:20:53.085root 11241100x80000000000000003912987Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b929845d3c1aafc2022-01-11 12:20:53.085root 11241100x80000000000000003912988Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a69c9b3ad5f510ac2022-01-11 12:20:53.085root 11241100x80000000000000003912989Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2049b6c29513bd82022-01-11 12:20:53.085root 11241100x80000000000000003912990Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1cb8fb046d4b73632022-01-11 12:20:53.085root 11241100x80000000000000003912991Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b4a723be5aedbc92022-01-11 12:20:53.085root 11241100x80000000000000003912992Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b36531bd46ae92ac2022-01-11 12:20:53.085root 11241100x80000000000000003912993Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d94c2c7df6fd77b2022-01-11 12:20:53.085root 11241100x80000000000000003912994Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b7c9d430ca6981b2022-01-11 12:20:53.085root 11241100x80000000000000003912995Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.820ccb4e570d23772022-01-11 12:20:53.086root 11241100x80000000000000003912996Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad5def373fc130b62022-01-11 12:20:53.086root 11241100x80000000000000003912997Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1e01cf37a2782502022-01-11 12:20:53.086root 11241100x80000000000000003912998Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48497c17ea5c6b0a2022-01-11 12:20:53.086root 11241100x80000000000000003912999Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3fba6facb88dc1852022-01-11 12:20:53.086root 11241100x80000000000000003913000Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.633a69b67e180e7b2022-01-11 12:20:53.086root 11241100x80000000000000003913001Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91024c8e37b546842022-01-11 12:20:53.086root 11241100x80000000000000003913002Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd9afe17ee3bbf452022-01-11 12:20:53.086root 11241100x80000000000000003913003Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0981f363c0bfb7242022-01-11 12:20:53.086root 11241100x80000000000000003913004Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ea58050873cf9802022-01-11 12:20:53.086root 11241100x80000000000000003913005Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1243cb1aca5f3eb52022-01-11 12:20:53.086root 11241100x80000000000000003913006Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.30965f0593ebd4312022-01-11 12:20:53.087root 11241100x80000000000000003913007Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b597f47df2e37f62022-01-11 12:20:53.087root 11241100x80000000000000003913008Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c220821a9e1eaef2022-01-11 12:20:53.087root 11241100x80000000000000003913009Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d51e9249c82016972022-01-11 12:20:53.087root 11241100x80000000000000003913010Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17ce85cd8e937c5d2022-01-11 12:20:53.087root 11241100x80000000000000003913011Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eca1e61e085a330f2022-01-11 12:20:53.087root 11241100x80000000000000003913012Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c33582368c6886302022-01-11 12:20:53.087root 11241100x80000000000000003913013Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.349a71b56f21c3142022-01-11 12:20:53.088root 11241100x80000000000000003913014Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f467407b238004b2022-01-11 12:20:53.088root 11241100x80000000000000003913015Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c3f814233a73eef2022-01-11 12:20:53.088root 11241100x80000000000000003913016Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cecf5d57bae341bb2022-01-11 12:20:53.088root 11241100x80000000000000003913017Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.932f9547c59f64a72022-01-11 12:20:53.088root 11241100x80000000000000003913018Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4348eba116cd97e52022-01-11 12:20:53.088root 11241100x80000000000000003913019Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d797dcd0ce1341e02022-01-11 12:20:53.088root 11241100x80000000000000003913020Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5819c022a17f2cee2022-01-11 12:20:53.088root 11241100x80000000000000003913021Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bfadce022469cfb62022-01-11 12:20:53.088root 11241100x80000000000000003913022Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc4158c449ccea092022-01-11 12:20:53.088root 11241100x80000000000000003913023Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91e9a9f43db283ae2022-01-11 12:20:53.089root 11241100x80000000000000003913024Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2357bdf105d590a12022-01-11 12:20:53.089root 11241100x80000000000000003913025Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.229ba60fb3150e772022-01-11 12:20:53.089root 11241100x80000000000000003913026Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6819cf100a3805e2022-01-11 12:20:53.089root 11241100x80000000000000003913027Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.405a7c34e7014a6c2022-01-11 12:20:53.089root 11241100x80000000000000003913028Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4a122384ee786cd2022-01-11 12:20:53.089root 11241100x80000000000000003913029Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a3f363a0a6435932022-01-11 12:20:53.089root 11241100x80000000000000003913030Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5970758f1e2f8bb2022-01-11 12:20:53.089root 11241100x80000000000000003913031Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa6f3f34a378b6d72022-01-11 12:20:53.089root 11241100x80000000000000003913032Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bba9a30ed69057f52022-01-11 12:20:53.090root 11241100x80000000000000003913033Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69f2013c5564dedc2022-01-11 12:20:53.090root 11241100x80000000000000003913034Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.114951beed1607372022-01-11 12:20:53.090root 11241100x80000000000000003913035Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.607a005778909cca2022-01-11 12:20:53.090root 11241100x80000000000000003913036Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.708490cef27cab012022-01-11 12:20:53.090root 11241100x80000000000000003913037Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36b52ad61d7b3efd2022-01-11 12:20:53.090root 11241100x80000000000000003913038Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.023b6307f2dd16b72022-01-11 12:20:53.090root 11241100x80000000000000003913039Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3df962915167da02022-01-11 12:20:53.090root 11241100x80000000000000003913040Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dea9b722921c8b862022-01-11 12:20:53.090root 11241100x80000000000000003913041Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50739af9e6b2bace2022-01-11 12:20:53.090root 11241100x80000000000000003913042Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d19ef2f352a3e482022-01-11 12:20:53.090root 11241100x80000000000000003913043Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b341256ffe9ff902022-01-11 12:20:53.090root 11241100x80000000000000003913044Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6938faafa3ab7c0e2022-01-11 12:20:53.584root 11241100x80000000000000003913045Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79594d0d29302b202022-01-11 12:20:53.584root 11241100x80000000000000003913046Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26c99d3e6a1fa6c02022-01-11 12:20:53.584root 11241100x80000000000000003913047Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4fef445345c755542022-01-11 12:20:53.584root 11241100x80000000000000003913048Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f36532fc952fdb52022-01-11 12:20:53.584root 11241100x80000000000000003913049Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9432c41c2020d8492022-01-11 12:20:53.584root 11241100x80000000000000003913050Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b916353a00fe5112022-01-11 12:20:53.584root 11241100x80000000000000003913051Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b2a3380a7d1497e2022-01-11 12:20:53.584root 11241100x80000000000000003913052Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aed5a110d841f7012022-01-11 12:20:53.584root 11241100x80000000000000003913053Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a13efd3ff38828e32022-01-11 12:20:53.585root 11241100x80000000000000003913054Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2fb4a5bbb9b5af8e2022-01-11 12:20:53.585root 11241100x80000000000000003913055Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0736110f388759022022-01-11 12:20:53.585root 11241100x80000000000000003913056Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d392251d5656ea6a2022-01-11 12:20:53.585root 11241100x80000000000000003913057Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc812d8ec36356622022-01-11 12:20:53.585root 11241100x80000000000000003913058Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7c7ddfa432f03a32022-01-11 12:20:53.585root 11241100x80000000000000003913059Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1edef3122348f8ca2022-01-11 12:20:53.585root 11241100x80000000000000003913060Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d19f8b5d00c72312022-01-11 12:20:53.585root 11241100x80000000000000003913061Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.833a29618273f0af2022-01-11 12:20:53.585root 11241100x80000000000000003913062Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d173e8ff0e5ac2e82022-01-11 12:20:53.585root 11241100x80000000000000003913063Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2202452c80d4b5b02022-01-11 12:20:53.586root 11241100x80000000000000003913064Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef92b222ad4a66f52022-01-11 12:20:53.586root 11241100x80000000000000003913065Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a72607dd78844acf2022-01-11 12:20:53.587root 11241100x80000000000000003913066Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7aa2661812864872022-01-11 12:20:53.587root 11241100x80000000000000003913067Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35e614b915bda5762022-01-11 12:20:53.587root 11241100x80000000000000003913068Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c4927cd5082913b2022-01-11 12:20:53.587root 11241100x80000000000000003913069Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f69bb6713b54ee632022-01-11 12:20:53.588root 11241100x80000000000000003913070Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6054fe0b841e0d432022-01-11 12:20:53.588root 11241100x80000000000000003913071Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.314b5fff30ce283c2022-01-11 12:20:53.588root 11241100x80000000000000003913072Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.312a13308e0cbe772022-01-11 12:20:53.588root 11241100x80000000000000003913073Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f366d333ea64f0b42022-01-11 12:20:53.588root 11241100x80000000000000003913074Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.85344a7ca12869cc2022-01-11 12:20:53.589root 11241100x80000000000000003913075Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53cedcbaaea4295a2022-01-11 12:20:53.589root 11241100x80000000000000003913076Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff0723996a5046782022-01-11 12:20:53.589root 11241100x80000000000000003913077Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25f32ae92098e64b2022-01-11 12:20:53.589root 11241100x80000000000000003913078Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:53.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ac15afa1dfc76322022-01-11 12:20:53.589root 11241100x80000000000000003913079Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.30b384b93ac8e9ee2022-01-11 12:20:54.084root 11241100x80000000000000003913080Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f5963af98e09b702022-01-11 12:20:54.084root 11241100x80000000000000003913081Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c825caedc63209a2022-01-11 12:20:54.085root 11241100x80000000000000003913082Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.610211c59bf47d932022-01-11 12:20:54.085root 11241100x80000000000000003913083Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32b3f020cfd22f962022-01-11 12:20:54.085root 11241100x80000000000000003913084Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f9a67d5ed69f236a2022-01-11 12:20:54.085root 11241100x80000000000000003913085Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd6b1fba57fef4592022-01-11 12:20:54.085root 11241100x80000000000000003913086Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5e8539ec05ba6a32022-01-11 12:20:54.086root 11241100x80000000000000003913087Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aebe483f41deba872022-01-11 12:20:54.086root 11241100x80000000000000003913088Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b87026a72e0d2662022-01-11 12:20:54.086root 11241100x80000000000000003913089Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7d2a988daf646cd2022-01-11 12:20:54.086root 11241100x80000000000000003913090Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0bee0167f2cb6b62022-01-11 12:20:54.086root 11241100x80000000000000003913091Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8463aa78adec6152022-01-11 12:20:54.086root 11241100x80000000000000003913092Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f98de1fce3a9e71d2022-01-11 12:20:54.087root 11241100x80000000000000003913093Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54944cf66800065d2022-01-11 12:20:54.087root 11241100x80000000000000003913094Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.99aba754111ea97f2022-01-11 12:20:54.087root 11241100x80000000000000003913095Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.673509f9fd0c8f662022-01-11 12:20:54.088root 11241100x80000000000000003913096Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22f634d1dbde572b2022-01-11 12:20:54.088root 11241100x80000000000000003913097Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2217b7f606c793812022-01-11 12:20:54.088root 11241100x80000000000000003913098Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15dfa70a9501834b2022-01-11 12:20:54.088root 11241100x80000000000000003913099Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e07b172540a120262022-01-11 12:20:54.088root 11241100x80000000000000003913100Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa0e254f6ed9b8712022-01-11 12:20:54.089root 11241100x80000000000000003913101Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c647265f7ad37dd2022-01-11 12:20:54.089root 11241100x80000000000000003913102Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d1e31a99439d3dd2022-01-11 12:20:54.089root 11241100x80000000000000003913103Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a93fd6d870879fb2022-01-11 12:20:54.089root 11241100x80000000000000003913104Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4625dfc9f2f80652022-01-11 12:20:54.089root 11241100x80000000000000003913105Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e53e144f413ad1b2022-01-11 12:20:54.089root 11241100x80000000000000003913106Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12b855bff15f74692022-01-11 12:20:54.089root 11241100x80000000000000003913107Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fac275f9da6e00412022-01-11 12:20:54.089root 11241100x80000000000000003913108Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93a6fb4fabb372a42022-01-11 12:20:54.089root 11241100x80000000000000003913109Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01bba5873a474fe02022-01-11 12:20:54.089root 11241100x80000000000000003913110Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca5f2f62ce7e910d2022-01-11 12:20:54.090root 11241100x80000000000000003913111Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48afd9d8994311da2022-01-11 12:20:54.090root 11241100x80000000000000003913112Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b938ea3525507f02022-01-11 12:20:54.090root 354300x80000000000000003913113Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.205{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56306-false10.0.1.12-8000- 11241100x80000000000000003913114Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d83da7eb287bb5b2022-01-11 12:20:54.583root 11241100x80000000000000003913115Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bfba7b0f7e1f28cf2022-01-11 12:20:54.583root 11241100x80000000000000003913116Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f469868d0c2402a82022-01-11 12:20:54.584root 11241100x80000000000000003913117Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.938c186b43a990f22022-01-11 12:20:54.584root 11241100x80000000000000003913118Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.934390207b9b3ac82022-01-11 12:20:54.585root 11241100x80000000000000003913119Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.301708aad6282ddf2022-01-11 12:20:54.585root 11241100x80000000000000003913120Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6245516137a73f8a2022-01-11 12:20:54.585root 11241100x80000000000000003913121Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e75fa45684dc11cd2022-01-11 12:20:54.586root 11241100x80000000000000003913122Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ac6ba56101405332022-01-11 12:20:54.586root 11241100x80000000000000003913123Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.64a12bbcac4d20592022-01-11 12:20:54.586root 11241100x80000000000000003913124Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c16f9730a3b05ef62022-01-11 12:20:54.586root 11241100x80000000000000003913125Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8bff25a2bb79f0bc2022-01-11 12:20:54.586root 11241100x80000000000000003913126Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.442d69953d2b99822022-01-11 12:20:54.587root 11241100x80000000000000003913127Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8190e25605c2e6cc2022-01-11 12:20:54.587root 11241100x80000000000000003913128Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.695753fcacd91c0a2022-01-11 12:20:54.587root 11241100x80000000000000003913129Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26bf7dba404488192022-01-11 12:20:54.587root 11241100x80000000000000003913130Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.700b086d402712a42022-01-11 12:20:54.587root 11241100x80000000000000003913131Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dfdd72e159f440782022-01-11 12:20:54.587root 11241100x80000000000000003913132Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.27304d4f01d70f192022-01-11 12:20:54.587root 11241100x80000000000000003913133Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3b553e3f3226cef2022-01-11 12:20:54.588root 11241100x80000000000000003913134Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b1a15d103708f692022-01-11 12:20:54.588root 11241100x80000000000000003913135Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.330c691d5db7b30d2022-01-11 12:20:54.588root 11241100x80000000000000003913136Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.601f4a3c9014a6072022-01-11 12:20:54.588root 11241100x80000000000000003913137Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.566cb944287dccf62022-01-11 12:20:54.588root 11241100x80000000000000003913138Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.288f1c8fe7d5db3e2022-01-11 12:20:54.588root 11241100x80000000000000003913139Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3e670cc97dc44c42022-01-11 12:20:54.588root 11241100x80000000000000003913140Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.112059ac466609b02022-01-11 12:20:54.589root 11241100x80000000000000003913141Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c96a0b8ad0ee0bb2022-01-11 12:20:54.589root 11241100x80000000000000003913142Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9568954a91cff0ce2022-01-11 12:20:54.589root 11241100x80000000000000003913143Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97d6e660494a31812022-01-11 12:20:54.589root 11241100x80000000000000003913144Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10344d4c920de6192022-01-11 12:20:54.589root 11241100x80000000000000003913145Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.868ae27350f5c7072022-01-11 12:20:54.589root 11241100x80000000000000003913146Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a2651ba98d313ea2022-01-11 12:20:54.590root 11241100x80000000000000003913147Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.daa978dd846dc8b22022-01-11 12:20:54.590root 11241100x80000000000000003913148Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.daa3700bcc8096682022-01-11 12:20:54.590root 11241100x80000000000000003913149Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8783c44570d4da2f2022-01-11 12:20:54.591root 11241100x80000000000000003913150Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af98fe531c6e47c22022-01-11 12:20:54.591root 11241100x80000000000000003913151Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec23c3bb6afb76c72022-01-11 12:20:54.591root 11241100x80000000000000003913152Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d4f7b98a5c90ee62022-01-11 12:20:54.591root 11241100x80000000000000003913153Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.894{ec2d504d-f0f9-61db-30a8-2a40f5550000}5391/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log2022-01-11 12:20:54.894root 11241100x80000000000000003913154Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.894{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4d49d3e3a6712e32022-01-11 12:20:54.894root 11241100x80000000000000003913155Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.895{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ecddfe99c456c612022-01-11 12:20:54.895root 11241100x80000000000000003913156Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.895{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d00fd828f3baedfa2022-01-11 12:20:54.895root 11241100x80000000000000003913157Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.895{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.baf391646088e3612022-01-11 12:20:54.895root 11241100x80000000000000003913158Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.895{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a406f1f5d55dbe502022-01-11 12:20:54.895root 11241100x80000000000000003913159Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.895{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d086c90ce323d702022-01-11 12:20:54.895root 11241100x80000000000000003913160Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d83e4053eff642432022-01-11 12:20:54.896root 11241100x80000000000000003913161Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0aa335dc18fdc2492022-01-11 12:20:54.896root 11241100x80000000000000003913162Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d06a14cbd7bb612d2022-01-11 12:20:54.896root 11241100x80000000000000003913163Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c585d6ab3af527fc2022-01-11 12:20:54.896root 11241100x80000000000000003913164Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b5daeb3b429d2992022-01-11 12:20:54.896root 11241100x80000000000000003913165Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.881655419c73cfe62022-01-11 12:20:54.897root 11241100x80000000000000003913166Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5605fa560c5985992022-01-11 12:20:54.897root 11241100x80000000000000003913167Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0fcc46db9242f79e2022-01-11 12:20:54.897root 11241100x80000000000000003913168Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bfce04dc20fd57462022-01-11 12:20:54.897root 11241100x80000000000000003913169Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c67c37793be603482022-01-11 12:20:54.898root 11241100x80000000000000003913170Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.899{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8bdd10bdc34e59fe2022-01-11 12:20:54.899root 11241100x80000000000000003913171Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.899{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f402f71315c23ce2022-01-11 12:20:54.899root 11241100x80000000000000003913172Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.899{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4478e9e1b08b0562022-01-11 12:20:54.899root 11241100x80000000000000003913173Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.899{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e97dd95ca05e0c302022-01-11 12:20:54.899root 11241100x80000000000000003913174Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.899{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c24fa0a824e0e0062022-01-11 12:20:54.899root 11241100x80000000000000003913175Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.899{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c3248a3485e5fde02022-01-11 12:20:54.899root 11241100x80000000000000003913176Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.900{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1df919612c4ff8372022-01-11 12:20:54.900root 11241100x80000000000000003913177Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.900{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.03f9a34be6a586152022-01-11 12:20:54.900root 11241100x80000000000000003913178Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.900{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ebee0269f4dffdc2022-01-11 12:20:54.900root 11241100x80000000000000003913179Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.900{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9271d7527cde4a992022-01-11 12:20:54.900root 11241100x80000000000000003913180Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.900{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd130c8f6b8f0c272022-01-11 12:20:54.900root 11241100x80000000000000003913181Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.900{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c198e26890eed5652022-01-11 12:20:54.900root 11241100x80000000000000003913182Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.900{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c410ad4cdc233d092022-01-11 12:20:54.900root 11241100x80000000000000003913183Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.900{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16c215ada505c1cc2022-01-11 12:20:54.900root 11241100x80000000000000003913184Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.900{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.92d8497a4b6b4edd2022-01-11 12:20:54.900root 11241100x80000000000000003913185Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.900{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d9dabd7c065a75eb2022-01-11 12:20:54.900root 11241100x80000000000000003913186Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.901{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f95e16fa44461e752022-01-11 12:20:54.901root 11241100x80000000000000003913187Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.901{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c515b58650a85aae2022-01-11 12:20:54.901root 11241100x80000000000000003913188Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.901{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e05d180d014aa7a2022-01-11 12:20:54.901root 11241100x80000000000000003913189Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.901{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1a83da51b65cd072022-01-11 12:20:54.901root 11241100x80000000000000003913190Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.901{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61012a069ac727cd2022-01-11 12:20:54.901root 11241100x80000000000000003913191Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.901{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d5086e185d4498f2022-01-11 12:20:54.901root 11241100x80000000000000003913192Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.901{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1e587854cae30c7a2022-01-11 12:20:54.901root 11241100x80000000000000003913193Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.901{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.700886a4b15f2f122022-01-11 12:20:54.901root 11241100x80000000000000003913194Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.902{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd1473c82bb26ad62022-01-11 12:20:54.902root 11241100x80000000000000003913195Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.902{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43f80eae015109022022-01-11 12:20:54.902root 11241100x80000000000000003913196Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.902{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a49de5b5a93fe542022-01-11 12:20:54.902root 11241100x80000000000000003913197Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.902{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a11464141755fa282022-01-11 12:20:54.902root 11241100x80000000000000003913198Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:54.902{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0545d28dd4dd1232022-01-11 12:20:54.902root 11241100x80000000000000003913199Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1d2e5f70b3700a22022-01-11 12:20:55.333root 11241100x80000000000000003913200Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2cad64bd4c377b022022-01-11 12:20:55.334root 11241100x80000000000000003913201Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ee930daf9e6666c2022-01-11 12:20:55.334root 11241100x80000000000000003913202Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0c28c1c36a7f8202022-01-11 12:20:55.334root 11241100x80000000000000003913203Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5fd4739c6f5d2ef2022-01-11 12:20:55.334root 11241100x80000000000000003913204Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cdf5704c6dffa6262022-01-11 12:20:55.334root 11241100x80000000000000003913205Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e75cc22414df71f2022-01-11 12:20:55.334root 11241100x80000000000000003913206Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82048c25c79de8c52022-01-11 12:20:55.334root 11241100x80000000000000003913207Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a148ebe34dbd023c2022-01-11 12:20:55.334root 11241100x80000000000000003913208Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d0dd6bafbb157752022-01-11 12:20:55.335root 11241100x80000000000000003913209Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97683e7f14ce782f2022-01-11 12:20:55.335root 11241100x80000000000000003913210Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0fd5c04ae71a95a62022-01-11 12:20:55.335root 11241100x80000000000000003913211Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b69a57adac86e31f2022-01-11 12:20:55.335root 11241100x80000000000000003913212Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e99ce0e4602849682022-01-11 12:20:55.336root 11241100x80000000000000003913213Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f17eccb9d895bf1f2022-01-11 12:20:55.336root 11241100x80000000000000003913214Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6aded4b5699f519e2022-01-11 12:20:55.336root 11241100x80000000000000003913215Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62103e2d49422df82022-01-11 12:20:55.336root 11241100x80000000000000003913216Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.480d18ec2169097b2022-01-11 12:20:55.336root 11241100x80000000000000003913217Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e232b4e86f9b3a102022-01-11 12:20:55.336root 11241100x80000000000000003913218Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e38a46d80579a1c02022-01-11 12:20:55.336root 11241100x80000000000000003913219Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2df941444548a7762022-01-11 12:20:55.336root 11241100x80000000000000003913220Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.98429577fb8b62c12022-01-11 12:20:55.336root 11241100x80000000000000003913221Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.faa843636c2057092022-01-11 12:20:55.336root 11241100x80000000000000003913222Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.75c6465edc9891922022-01-11 12:20:55.337root 11241100x80000000000000003913223Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa71ef5564bc653c2022-01-11 12:20:55.337root 11241100x80000000000000003913224Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b6091cd268ae53b2022-01-11 12:20:55.337root 11241100x80000000000000003913225Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.03a57938ee4436b82022-01-11 12:20:55.337root 11241100x80000000000000003913226Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aab2890c4363c7462022-01-11 12:20:55.337root 11241100x80000000000000003913227Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41063e98fd1a690a2022-01-11 12:20:55.337root 11241100x80000000000000003913228Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7313b85c14df8a962022-01-11 12:20:55.337root 11241100x80000000000000003913229Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a8a39d5c5c24f332022-01-11 12:20:55.337root 11241100x80000000000000003913230Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1dd619d1d442e9842022-01-11 12:20:55.337root 11241100x80000000000000003913231Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33dde1db966393342022-01-11 12:20:55.337root 11241100x80000000000000003913232Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73f3d0dff743f1ac2022-01-11 12:20:55.337root 11241100x80000000000000003913233Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04b20af9993b1f402022-01-11 12:20:55.338root 11241100x80000000000000003913234Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b7284c69d2a01562022-01-11 12:20:55.338root 11241100x80000000000000003913235Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d11e19f3e3c42232022-01-11 12:20:55.338root 11241100x80000000000000003913236Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d0054032a4689b52022-01-11 12:20:55.338root 11241100x80000000000000003913237Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00637da6b05423af2022-01-11 12:20:55.338root 11241100x80000000000000003913238Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1699e3294e06a0e42022-01-11 12:20:55.338root 11241100x80000000000000003913239Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.87df411cd6c46d582022-01-11 12:20:55.834root 11241100x80000000000000003913240Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86be2ddaadeea0552022-01-11 12:20:55.834root 11241100x80000000000000003913241Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ac8da5e54c6aa262022-01-11 12:20:55.834root 11241100x80000000000000003913242Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42112048df072ad42022-01-11 12:20:55.834root 11241100x80000000000000003913243Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b754ee2f587604092022-01-11 12:20:55.835root 11241100x80000000000000003913244Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8eaf99fa53bded222022-01-11 12:20:55.835root 11241100x80000000000000003913245Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5206b440c68288b82022-01-11 12:20:55.835root 11241100x80000000000000003913246Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8ce7bbe140dba6a2022-01-11 12:20:55.835root 11241100x80000000000000003913247Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.551dd72d83c898242022-01-11 12:20:55.835root 11241100x80000000000000003913248Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.803cb5ad97f45d502022-01-11 12:20:55.835root 11241100x80000000000000003913249Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1b34e56dee2fdbe2022-01-11 12:20:55.835root 11241100x80000000000000003913250Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7fed7ad7af8452942022-01-11 12:20:55.835root 11241100x80000000000000003913251Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5af612d9cec770db2022-01-11 12:20:55.836root 11241100x80000000000000003913252Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6015a43d9d4b6412022-01-11 12:20:55.836root 11241100x80000000000000003913253Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.60631f9aad1580702022-01-11 12:20:55.836root 11241100x80000000000000003913254Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a64f8ea0c45948f2022-01-11 12:20:55.836root 11241100x80000000000000003913255Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.404c551aa2f18bc22022-01-11 12:20:55.836root 11241100x80000000000000003913256Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e6ee6db0b28a5f72022-01-11 12:20:55.837root 11241100x80000000000000003913257Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.540d15a7523cc09d2022-01-11 12:20:55.837root 11241100x80000000000000003913258Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e92a18009691e2f2022-01-11 12:20:55.837root 11241100x80000000000000003913259Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d74ba744dd8027572022-01-11 12:20:55.837root 11241100x80000000000000003913260Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05f1152c17c7bfe92022-01-11 12:20:55.837root 11241100x80000000000000003913261Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.928325218e046f472022-01-11 12:20:55.837root 11241100x80000000000000003913262Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79613438327d2c902022-01-11 12:20:55.837root 11241100x80000000000000003913263Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dfbf36ec3e6d28392022-01-11 12:20:55.837root 11241100x80000000000000003913264Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e0304ce9c3b42a22022-01-11 12:20:55.837root 11241100x80000000000000003913265Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb464f453c336f422022-01-11 12:20:55.838root 11241100x80000000000000003913266Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a3916a3aaa644812022-01-11 12:20:55.838root 11241100x80000000000000003913267Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42e92fee60c17edb2022-01-11 12:20:55.838root 11241100x80000000000000003913268Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f5813a75ef172ad22022-01-11 12:20:55.838root 11241100x80000000000000003913269Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9de9a19419cbe0172022-01-11 12:20:55.838root 11241100x80000000000000003913270Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.725ab439833a8cda2022-01-11 12:20:55.838root 11241100x80000000000000003913271Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e77b830f3e49c332022-01-11 12:20:55.838root 11241100x80000000000000003913272Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47a9469a2ad0c6262022-01-11 12:20:55.839root 11241100x80000000000000003913273Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9436557945c45be2022-01-11 12:20:55.839root 11241100x80000000000000003913274Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:55.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e751c993a53254132022-01-11 12:20:55.839root 11241100x80000000000000003913275Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2287b39d01c73762022-01-11 12:20:56.333root 11241100x80000000000000003913276Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e0fc9cf62bd47142022-01-11 12:20:56.334root 11241100x80000000000000003913277Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d697c69756496dc32022-01-11 12:20:56.334root 11241100x80000000000000003913278Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3982da57fee52532022-01-11 12:20:56.334root 11241100x80000000000000003913279Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47c64a6bec8862292022-01-11 12:20:56.335root 11241100x80000000000000003913280Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5827730bf05dae672022-01-11 12:20:56.335root 11241100x80000000000000003913281Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd6b73bf0bf048402022-01-11 12:20:56.335root 11241100x80000000000000003913282Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3da07fb8970f9c862022-01-11 12:20:56.335root 11241100x80000000000000003913283Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.031e18fb7c3dcc0e2022-01-11 12:20:56.335root 11241100x80000000000000003913284Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.201c8d551cb68be72022-01-11 12:20:56.335root 11241100x80000000000000003913285Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf1d6252ac426b1c2022-01-11 12:20:56.336root 11241100x80000000000000003913286Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17aa66eb9ef7704d2022-01-11 12:20:56.336root 11241100x80000000000000003913287Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.454a0b9e385029a92022-01-11 12:20:56.336root 11241100x80000000000000003913288Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.52472a086bd867962022-01-11 12:20:56.336root 11241100x80000000000000003913289Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d789993202942fd12022-01-11 12:20:56.336root 11241100x80000000000000003913290Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a74f778cbbb273e2022-01-11 12:20:56.336root 11241100x80000000000000003913291Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7cd160ec2452e4c72022-01-11 12:20:56.336root 11241100x80000000000000003913292Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.edb9f4301e6932e72022-01-11 12:20:56.336root 11241100x80000000000000003913293Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.151fdb3539d6dd252022-01-11 12:20:56.336root 11241100x80000000000000003913294Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16d50fe5e78e7bd82022-01-11 12:20:56.336root 11241100x80000000000000003913295Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c68d4d376bb5fa82022-01-11 12:20:56.337root 11241100x80000000000000003913296Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2ff717af7b589122022-01-11 12:20:56.337root 11241100x80000000000000003913297Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d78c442fc624dd9a2022-01-11 12:20:56.337root 11241100x80000000000000003913298Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ca0c7113dcf265e2022-01-11 12:20:56.337root 11241100x80000000000000003913299Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95fa582d043b5a252022-01-11 12:20:56.337root 11241100x80000000000000003913300Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3dca4415323719ee2022-01-11 12:20:56.337root 11241100x80000000000000003913301Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48f57235357f5ef02022-01-11 12:20:56.337root 11241100x80000000000000003913302Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.153759fabd43107a2022-01-11 12:20:56.337root 11241100x80000000000000003913303Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b1b678a4bef4e2b2022-01-11 12:20:56.337root 11241100x80000000000000003913304Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02d02350d8cccfb42022-01-11 12:20:56.337root 11241100x80000000000000003913305Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee3242c65a77f82b2022-01-11 12:20:56.337root 11241100x80000000000000003913306Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.491f7accbd499bf82022-01-11 12:20:56.338root 11241100x80000000000000003913307Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b76efb4623e69e52022-01-11 12:20:56.338root 11241100x80000000000000003913308Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb2f205005f066182022-01-11 12:20:56.338root 11241100x80000000000000003913309Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67c16138bc6d30e12022-01-11 12:20:56.338root 11241100x80000000000000003913310Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46106ffbb5303cf82022-01-11 12:20:56.338root 11241100x80000000000000003913311Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.703f530ef29e58522022-01-11 12:20:56.338root 11241100x80000000000000003913312Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2dbacd423fb8b88b2022-01-11 12:20:56.338root 11241100x80000000000000003913313Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.967b724349ccab4c2022-01-11 12:20:56.338root 11241100x80000000000000003913314Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b8b5d3ba5e85929a2022-01-11 12:20:56.834root 11241100x80000000000000003913315Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ac51c635f1b34712022-01-11 12:20:56.834root 11241100x80000000000000003913316Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7448270cad30376f2022-01-11 12:20:56.834root 11241100x80000000000000003913317Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17736738e4f13b1a2022-01-11 12:20:56.834root 11241100x80000000000000003913318Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50cb11cda73881272022-01-11 12:20:56.834root 11241100x80000000000000003913319Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.803ed8ffd4ac36812022-01-11 12:20:56.834root 11241100x80000000000000003913320Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.504d6591bfa4ebe52022-01-11 12:20:56.834root 11241100x80000000000000003913321Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e31a7b66feaacb4f2022-01-11 12:20:56.834root 11241100x80000000000000003913322Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca4bad57194f4d752022-01-11 12:20:56.834root 11241100x80000000000000003913323Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8c5247fde3f89442022-01-11 12:20:56.835root 11241100x80000000000000003913324Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d1cb6e697592e302022-01-11 12:20:56.835root 11241100x80000000000000003913325Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.30cb70057c5b59592022-01-11 12:20:56.835root 11241100x80000000000000003913326Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.790bdbe5c1727c8c2022-01-11 12:20:56.835root 11241100x80000000000000003913327Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4db19a5125347aec2022-01-11 12:20:56.835root 11241100x80000000000000003913328Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0cbd4207c61604fa2022-01-11 12:20:56.835root 11241100x80000000000000003913329Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ae66358b8ae85d92022-01-11 12:20:56.835root 11241100x80000000000000003913330Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c97c6acbb608f1022022-01-11 12:20:56.835root 11241100x80000000000000003913331Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d925d7d82cdbb87d2022-01-11 12:20:56.835root 11241100x80000000000000003913332Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f56d55b0b3cff9f72022-01-11 12:20:56.835root 11241100x80000000000000003913333Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6099a4ed38a9e0802022-01-11 12:20:56.836root 11241100x80000000000000003913334Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc485e8b2a5f59fc2022-01-11 12:20:56.836root 11241100x80000000000000003913335Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.726fd5e2516138e92022-01-11 12:20:56.836root 11241100x80000000000000003913336Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9647ff46511dad1f2022-01-11 12:20:56.836root 11241100x80000000000000003913337Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd84e4b887a557ce2022-01-11 12:20:56.836root 11241100x80000000000000003913338Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2edd8823cc7499762022-01-11 12:20:56.836root 11241100x80000000000000003913339Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4fcb50baa84d28f12022-01-11 12:20:56.836root 11241100x80000000000000003913340Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73f1260f407e7af02022-01-11 12:20:56.836root 11241100x80000000000000003913341Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ccafc7702e334cd32022-01-11 12:20:56.836root 11241100x80000000000000003913342Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d74830a338242fe92022-01-11 12:20:56.836root 11241100x80000000000000003913343Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff0a82c2a01e0eb52022-01-11 12:20:56.837root 11241100x80000000000000003913344Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.24e60a0e5bc61b892022-01-11 12:20:56.837root 11241100x80000000000000003913345Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa16779ff22ff33b2022-01-11 12:20:56.837root 11241100x80000000000000003913346Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6475a2b409a27bf2022-01-11 12:20:56.837root 11241100x80000000000000003913347Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c7084fc57b19e3a2022-01-11 12:20:56.837root 11241100x80000000000000003913348Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.934f1741480492cd2022-01-11 12:20:56.837root 11241100x80000000000000003913349Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c27c20b97559cb2a2022-01-11 12:20:56.837root 11241100x80000000000000003913350Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:56.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34de94ccb5f5ecf52022-01-11 12:20:56.837root 11241100x80000000000000003913351Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b8a0236844789a242022-01-11 12:20:57.333root 11241100x80000000000000003913352Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3be0fcef08b74fbd2022-01-11 12:20:57.333root 11241100x80000000000000003913353Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae07fc1c85750f512022-01-11 12:20:57.334root 11241100x80000000000000003913354Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b6a9ce0093d7e112022-01-11 12:20:57.334root 11241100x80000000000000003913355Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.147e4b77b3fd08012022-01-11 12:20:57.334root 11241100x80000000000000003913356Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1aea205e9dd998282022-01-11 12:20:57.335root 11241100x80000000000000003913357Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7ae552bdcdf215c2022-01-11 12:20:57.335root 11241100x80000000000000003913358Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9721ed752211e3602022-01-11 12:20:57.335root 11241100x80000000000000003913359Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.067dd4fc2bcd7ffb2022-01-11 12:20:57.335root 11241100x80000000000000003913360Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b457e0779d14a4e02022-01-11 12:20:57.335root 11241100x80000000000000003913361Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b64a943e379a9e9a2022-01-11 12:20:57.336root 11241100x80000000000000003913362Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04683a1a2c95dd682022-01-11 12:20:57.336root 11241100x80000000000000003913363Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c46bebfb902b090a2022-01-11 12:20:57.336root 11241100x80000000000000003913364Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5650b6fd6bbd43f92022-01-11 12:20:57.336root 11241100x80000000000000003913365Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f5a3f19ef96726d02022-01-11 12:20:57.336root 11241100x80000000000000003913366Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f6a6ca2b88988262022-01-11 12:20:57.337root 11241100x80000000000000003913367Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.231bed071fc8a7c72022-01-11 12:20:57.337root 11241100x80000000000000003913368Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbea566c2eb811e62022-01-11 12:20:57.337root 11241100x80000000000000003913369Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04645ed8558f7f432022-01-11 12:20:57.337root 11241100x80000000000000003913370Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3813cf35a7d6de872022-01-11 12:20:57.337root 11241100x80000000000000003913371Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c7bdd375078c9012022-01-11 12:20:57.338root 11241100x80000000000000003913372Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c80665a7133816a62022-01-11 12:20:57.338root 11241100x80000000000000003913373Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.edbd2ec81d7296c72022-01-11 12:20:57.338root 11241100x80000000000000003913374Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0554b7b731ceee2f2022-01-11 12:20:57.338root 11241100x80000000000000003913375Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ca929d1055f20282022-01-11 12:20:57.338root 11241100x80000000000000003913376Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.918cbaf900f6eec92022-01-11 12:20:57.340root 11241100x80000000000000003913377Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6bb0be5dd539de8c2022-01-11 12:20:57.340root 11241100x80000000000000003913378Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.657a9fe4ccc6efbd2022-01-11 12:20:57.340root 11241100x80000000000000003913379Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.341{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.28a490238537d1fa2022-01-11 12:20:57.341root 11241100x80000000000000003913380Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.341{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7679a076e81308162022-01-11 12:20:57.341root 11241100x80000000000000003913381Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.341{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a905c1701997dfb22022-01-11 12:20:57.341root 11241100x80000000000000003913382Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.341{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fadf1fa0773a53942022-01-11 12:20:57.341root 11241100x80000000000000003913383Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.341{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb42e5fed8a083ea2022-01-11 12:20:57.341root 11241100x80000000000000003913384Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.342{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.afb084abd77e79062022-01-11 12:20:57.342root 11241100x80000000000000003913385Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.342{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41002ba993aab4da2022-01-11 12:20:57.342root 11241100x80000000000000003913386Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.342{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56b1913a9d3e1a2b2022-01-11 12:20:57.342root 11241100x80000000000000003913387Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.342{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4afdebd4a14a1f22022-01-11 12:20:57.342root 11241100x80000000000000003913388Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.342{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a47e3128f41a92e72022-01-11 12:20:57.342root 11241100x80000000000000003913389Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.342{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0939798d91451202022-01-11 12:20:57.342root 11241100x80000000000000003913390Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.342{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7a147f6cba1c27b2022-01-11 12:20:57.342root 11241100x80000000000000003913391Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8acbf764984df7a2022-01-11 12:20:57.833root 11241100x80000000000000003913392Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9857aa6e09eb07a2022-01-11 12:20:57.833root 11241100x80000000000000003913393Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.adf99fd2f3ce78672022-01-11 12:20:57.834root 11241100x80000000000000003913394Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7e37ffafe458f5b2022-01-11 12:20:57.834root 11241100x80000000000000003913395Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2bf0762261fd7f22022-01-11 12:20:57.834root 11241100x80000000000000003913396Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1caa05d20079d0c82022-01-11 12:20:57.834root 11241100x80000000000000003913397Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c319a49180893ae2022-01-11 12:20:57.834root 11241100x80000000000000003913398Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c205d8da8d270512022-01-11 12:20:57.835root 11241100x80000000000000003913399Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b38b92626f9676142022-01-11 12:20:57.835root 11241100x80000000000000003913400Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3d21b0a8daa5bbb2022-01-11 12:20:57.835root 11241100x80000000000000003913401Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2acb522b25ebe662022-01-11 12:20:57.835root 11241100x80000000000000003913402Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e75410708aebcaf12022-01-11 12:20:57.835root 11241100x80000000000000003913403Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e5a6596d86eef322022-01-11 12:20:57.836root 11241100x80000000000000003913404Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6bcbf86ca09a6bb92022-01-11 12:20:57.836root 11241100x80000000000000003913405Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c10984505ef864d2022-01-11 12:20:57.836root 11241100x80000000000000003913406Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da47631b09110ecd2022-01-11 12:20:57.836root 11241100x80000000000000003913407Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3ae303d20c005242022-01-11 12:20:57.837root 11241100x80000000000000003913408Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00aa42645a9038d02022-01-11 12:20:57.837root 11241100x80000000000000003913409Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08a25b815c645b3b2022-01-11 12:20:57.837root 11241100x80000000000000003913410Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a63e1c78a53eba8c2022-01-11 12:20:57.837root 11241100x80000000000000003913411Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.13d8e2fc843a5b7e2022-01-11 12:20:57.837root 11241100x80000000000000003913412Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d139e5a4e252cb952022-01-11 12:20:57.837root 11241100x80000000000000003913413Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d5c97d40f8112192022-01-11 12:20:57.838root 11241100x80000000000000003913414Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8b3ccf4a2d03fa52022-01-11 12:20:57.838root 11241100x80000000000000003913415Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7296fd9f6c2550172022-01-11 12:20:57.838root 11241100x80000000000000003913416Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4d58e840b7e83002022-01-11 12:20:57.838root 11241100x80000000000000003913417Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57e8cc6eb981ad3b2022-01-11 12:20:57.838root 11241100x80000000000000003913418Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f1331daa9d6adea2022-01-11 12:20:57.840root 11241100x80000000000000003913419Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50bc7adeac15a0122022-01-11 12:20:57.840root 11241100x80000000000000003913420Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0e4507c655adbb62022-01-11 12:20:57.840root 11241100x80000000000000003913421Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.71c772da172988782022-01-11 12:20:57.840root 11241100x80000000000000003913422Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.841{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0edf8b2c34de7382022-01-11 12:20:57.841root 11241100x80000000000000003913423Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.841{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56e429551725f82d2022-01-11 12:20:57.841root 11241100x80000000000000003913424Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.841{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd1fb0377ed9db372022-01-11 12:20:57.841root 11241100x80000000000000003913425Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.841{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0fd1460ea86ae8cf2022-01-11 12:20:57.841root 11241100x80000000000000003913426Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.842{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35a393b7e6ae71af2022-01-11 12:20:57.842root 11241100x80000000000000003913427Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.842{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e12ed50bb1b4bdd2022-01-11 12:20:57.842root 11241100x80000000000000003913428Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.842{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5128dedb918812262022-01-11 12:20:57.842root 11241100x80000000000000003913429Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.842{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c3a1e5e2ca6774852022-01-11 12:20:57.842root 11241100x80000000000000003913430Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.842{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54ad5c14f51c3dee2022-01-11 12:20:57.842root 11241100x80000000000000003913431Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.843{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f852a23a2f9e61972022-01-11 12:20:57.843root 11241100x80000000000000003913432Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.843{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0b1730424c0ce932022-01-11 12:20:57.843root 11241100x80000000000000003913433Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.843{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c604adc4409cd80b2022-01-11 12:20:57.843root 23542300x80000000000000003913434Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:57.895{ec2d504d-f0f9-61db-30a8-2a40f5550000}5391root/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log--- 11241100x80000000000000003913435Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bfc73cdd6231a0722022-01-11 12:20:58.334root 11241100x80000000000000003913436Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.876597a0f413796a2022-01-11 12:20:58.334root 11241100x80000000000000003913437Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f67ffb7e22df3fbf2022-01-11 12:20:58.334root 11241100x80000000000000003913438Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c7ff039b1412bc02022-01-11 12:20:58.335root 11241100x80000000000000003913439Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42e685a846c503bd2022-01-11 12:20:58.335root 11241100x80000000000000003913440Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bdb45652a7f364572022-01-11 12:20:58.335root 11241100x80000000000000003913441Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ea0a17747e447612022-01-11 12:20:58.335root 11241100x80000000000000003913442Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ebd9d63284c70cd2022-01-11 12:20:58.335root 11241100x80000000000000003913443Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f59c016fa1a9a562022-01-11 12:20:58.335root 11241100x80000000000000003913444Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.64ca106345b50fc72022-01-11 12:20:58.335root 11241100x80000000000000003913445Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b83fbfb9de214ec2022-01-11 12:20:58.336root 11241100x80000000000000003913446Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.582a1c25f24a23072022-01-11 12:20:58.336root 11241100x80000000000000003913447Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0f58b7312b3f2ac2022-01-11 12:20:58.337root 11241100x80000000000000003913448Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ebde17f98f8cb122022-01-11 12:20:58.337root 11241100x80000000000000003913449Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.020c571d1f0de5652022-01-11 12:20:58.337root 11241100x80000000000000003913450Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3118867621b84d492022-01-11 12:20:58.337root 11241100x80000000000000003913451Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.afa7b00678d92d6f2022-01-11 12:20:58.337root 11241100x80000000000000003913452Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6939ab8b88c727842022-01-11 12:20:58.337root 11241100x80000000000000003913453Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2c59b438877cb332022-01-11 12:20:58.337root 11241100x80000000000000003913454Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2847fc4587e0d22a2022-01-11 12:20:58.337root 11241100x80000000000000003913455Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08ec97bda5d455f82022-01-11 12:20:58.337root 11241100x80000000000000003913456Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aeff486ebb9c81592022-01-11 12:20:58.338root 11241100x80000000000000003913457Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.978fd25bd342d80d2022-01-11 12:20:58.338root 11241100x80000000000000003913458Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1db2b61fe09089012022-01-11 12:20:58.338root 11241100x80000000000000003913459Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f9cc7a07578881eb2022-01-11 12:20:58.338root 11241100x80000000000000003913460Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91e7674221c7f57a2022-01-11 12:20:58.338root 11241100x80000000000000003913461Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf52c6c8fffe3cb32022-01-11 12:20:58.338root 11241100x80000000000000003913462Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7607094862c89fb92022-01-11 12:20:58.338root 11241100x80000000000000003913463Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.64d5574dc73b71792022-01-11 12:20:58.338root 11241100x80000000000000003913464Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.85e444930ab0064d2022-01-11 12:20:58.338root 11241100x80000000000000003913465Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.901b3f37d2b8d2d42022-01-11 12:20:58.338root 11241100x80000000000000003913466Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f46389f89a4d73dc2022-01-11 12:20:58.338root 11241100x80000000000000003913467Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3b8c2631707ed772022-01-11 12:20:58.338root 11241100x80000000000000003913468Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c61cffb7a9b796f12022-01-11 12:20:58.338root 11241100x80000000000000003913469Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8dc2f3122ba5c1682022-01-11 12:20:58.338root 11241100x80000000000000003913470Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ab8c7075e598c822022-01-11 12:20:58.338root 11241100x80000000000000003913471Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.914cb6810898f50b2022-01-11 12:20:58.338root 11241100x80000000000000003913472Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89b1b14dc3865b542022-01-11 12:20:58.339root 11241100x80000000000000003913473Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.246144f82e54ba322022-01-11 12:20:58.833root 11241100x80000000000000003913474Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12d742cab98701772022-01-11 12:20:58.833root 11241100x80000000000000003913475Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.441dcfc21a55bc562022-01-11 12:20:58.834root 11241100x80000000000000003913476Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79d19b0d9e04a4c12022-01-11 12:20:58.834root 11241100x80000000000000003913477Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a71b3f66614c50b02022-01-11 12:20:58.834root 11241100x80000000000000003913478Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80f49ed143d0a9922022-01-11 12:20:58.834root 11241100x80000000000000003913479Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.142c10cfa8bff5a92022-01-11 12:20:58.835root 11241100x80000000000000003913480Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca2ac90dd5ca644a2022-01-11 12:20:58.835root 11241100x80000000000000003913481Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.147fd115469717392022-01-11 12:20:58.835root 11241100x80000000000000003913482Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b72d8b2c31949f52022-01-11 12:20:58.835root 11241100x80000000000000003913483Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6523df9862229e422022-01-11 12:20:58.835root 11241100x80000000000000003913484Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d807d0808fc3a7122022-01-11 12:20:58.835root 11241100x80000000000000003913485Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5207914723a6f9ee2022-01-11 12:20:58.835root 11241100x80000000000000003913486Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a85a9a9ccb8ddd22022-01-11 12:20:58.835root 11241100x80000000000000003913487Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ee38a887fc75fcd2022-01-11 12:20:58.836root 11241100x80000000000000003913488Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68afa90da5cf7c522022-01-11 12:20:58.836root 11241100x80000000000000003913489Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4d37658ec69389442022-01-11 12:20:58.836root 11241100x80000000000000003913490Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d05d51a94dc3fdad2022-01-11 12:20:58.836root 11241100x80000000000000003913491Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd46bd0d7b820b862022-01-11 12:20:58.836root 11241100x80000000000000003913492Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d02a8430d0ad8c72022-01-11 12:20:58.836root 11241100x80000000000000003913493Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1364f909c9ebb142022-01-11 12:20:58.836root 11241100x80000000000000003913494Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7befaec814d71d42022-01-11 12:20:58.836root 11241100x80000000000000003913495Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.58cad3d4ef7e56f72022-01-11 12:20:58.836root 11241100x80000000000000003913496Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd27659b82ccbb8c2022-01-11 12:20:58.836root 11241100x80000000000000003913497Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da7e6034b51779482022-01-11 12:20:58.836root 11241100x80000000000000003913498Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d244de6af3eb9bd22022-01-11 12:20:58.836root 11241100x80000000000000003913499Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1be7e81fd8571d4b2022-01-11 12:20:58.837root 11241100x80000000000000003913500Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a11f950656e5c3e22022-01-11 12:20:58.837root 11241100x80000000000000003913501Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f698262fa5e6651d2022-01-11 12:20:58.837root 11241100x80000000000000003913502Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d34810d0f44be1432022-01-11 12:20:58.837root 11241100x80000000000000003913503Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.182708ea6df9cfae2022-01-11 12:20:58.837root 11241100x80000000000000003913504Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1faec0b9ce1e4ca2022-01-11 12:20:58.837root 11241100x80000000000000003913505Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd2001928663214f2022-01-11 12:20:58.837root 11241100x80000000000000003913506Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16de3eb38a3aedf52022-01-11 12:20:58.837root 11241100x80000000000000003913507Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e9e97d0545a54a32022-01-11 12:20:58.837root 11241100x80000000000000003913508Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8eff859d41d1b9002022-01-11 12:20:58.837root 11241100x80000000000000003913509Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d8187873209ad612022-01-11 12:20:58.837root 11241100x80000000000000003913510Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df66d1ea9bde9db32022-01-11 12:20:58.838root 11241100x80000000000000003913511Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3160b7b3aed5c492022-01-11 12:20:58.838root 11241100x80000000000000003913512Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.178888d864475d1a2022-01-11 12:20:58.838root 11241100x80000000000000003913513Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd92594fce67f3aa2022-01-11 12:20:58.838root 11241100x80000000000000003913514Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc4a9ce7146af2192022-01-11 12:20:58.838root 11241100x80000000000000003913515Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:58.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4ded0435e5105532022-01-11 12:20:58.838root 11241100x80000000000000003913516Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83a7c0fc3a9706d62022-01-11 12:20:59.333root 11241100x80000000000000003913517Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9cfc6e8bacda80022022-01-11 12:20:59.333root 11241100x80000000000000003913518Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.190d1f7f9a8613a82022-01-11 12:20:59.334root 11241100x80000000000000003913519Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.70fbe3fef3c13ce72022-01-11 12:20:59.334root 11241100x80000000000000003913520Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.99b7a240ac6b472b2022-01-11 12:20:59.334root 11241100x80000000000000003913521Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a642f618281e29c02022-01-11 12:20:59.334root 11241100x80000000000000003913522Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ccb85d98b0f7b1e82022-01-11 12:20:59.334root 11241100x80000000000000003913523Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da26c9945ab1d9e02022-01-11 12:20:59.334root 11241100x80000000000000003913524Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0fde052c459c1f382022-01-11 12:20:59.334root 11241100x80000000000000003913525Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.665b48a4369c95332022-01-11 12:20:59.334root 11241100x80000000000000003913526Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e249c2a5b35c22092022-01-11 12:20:59.334root 11241100x80000000000000003913527Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e61e4ef891ffa75e2022-01-11 12:20:59.335root 11241100x80000000000000003913528Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79a13bea3034ad122022-01-11 12:20:59.335root 11241100x80000000000000003913529Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d80d8b01e1b4b8b2022-01-11 12:20:59.335root 11241100x80000000000000003913530Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44c9d6b1491ba31c2022-01-11 12:20:59.335root 11241100x80000000000000003913531Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbf1ebe4eae16e412022-01-11 12:20:59.335root 11241100x80000000000000003913532Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dba9554fc3ca9b1b2022-01-11 12:20:59.335root 11241100x80000000000000003913533Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b720757c580f4b92022-01-11 12:20:59.335root 11241100x80000000000000003913534Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d49aac43bef574cf2022-01-11 12:20:59.335root 11241100x80000000000000003913535Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee63a797f63ef6202022-01-11 12:20:59.335root 11241100x80000000000000003913536Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3d5d0ee304d46d92022-01-11 12:20:59.336root 11241100x80000000000000003913537Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8cd47dba47fe39872022-01-11 12:20:59.336root 11241100x80000000000000003913538Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ab4e0639515ff702022-01-11 12:20:59.336root 11241100x80000000000000003913539Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0caa68ac558133e62022-01-11 12:20:59.336root 11241100x80000000000000003913540Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b926e6d182c6ad102022-01-11 12:20:59.336root 11241100x80000000000000003913541Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba393308a562bfff2022-01-11 12:20:59.336root 11241100x80000000000000003913542Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.70be79d7ed7667b92022-01-11 12:20:59.336root 11241100x80000000000000003913543Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39bb27da4be6e1d12022-01-11 12:20:59.337root 11241100x80000000000000003913544Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d42e4386a86069b62022-01-11 12:20:59.337root 11241100x80000000000000003913545Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c669e4c48ca46562022-01-11 12:20:59.337root 11241100x80000000000000003913546Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c21d9e5a9ae4fb522022-01-11 12:20:59.337root 11241100x80000000000000003913547Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22fa8cb4e0a671b82022-01-11 12:20:59.337root 11241100x80000000000000003913548Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4d5fb3b3f715c4462022-01-11 12:20:59.338root 11241100x80000000000000003913549Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.24506872f6c3680d2022-01-11 12:20:59.338root 11241100x80000000000000003913550Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d1383a57f85f54a2022-01-11 12:20:59.338root 11241100x80000000000000003913551Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1bac8e085b758812022-01-11 12:20:59.338root 11241100x80000000000000003913552Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba8b527a236dc7bd2022-01-11 12:20:59.339root 11241100x80000000000000003913553Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ffdf6b198fc2abc2022-01-11 12:20:59.339root 11241100x80000000000000003913554Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a27a438a057613c2022-01-11 12:20:59.339root 11241100x80000000000000003913555Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23f38f841f37a9942022-01-11 12:20:59.339root 11241100x80000000000000003913556Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5af27b0e4c35ede72022-01-11 12:20:59.339root 11241100x80000000000000003913557Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95341b7550d2b9062022-01-11 12:20:59.340root 11241100x80000000000000003913558Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68d62f0751d7a3fb2022-01-11 12:20:59.340root 11241100x80000000000000003913559Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.968591d8197bd4cf2022-01-11 12:20:59.340root 11241100x80000000000000003913560Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.85026d9e698753842022-01-11 12:20:59.340root 11241100x80000000000000003913561Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.318f479928441fd72022-01-11 12:20:59.340root 11241100x80000000000000003913562Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22c1a8387e619f9e2022-01-11 12:20:59.834root 11241100x80000000000000003913563Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d66613bef30d6532022-01-11 12:20:59.834root 11241100x80000000000000003913564Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e23e4706c06f6b112022-01-11 12:20:59.835root 11241100x80000000000000003913565Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.222ee340787ff7582022-01-11 12:20:59.835root 11241100x80000000000000003913566Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3316c09f64aace622022-01-11 12:20:59.835root 11241100x80000000000000003913567Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7e60c7fff28fe822022-01-11 12:20:59.835root 11241100x80000000000000003913568Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d8244bca3d3662a2022-01-11 12:20:59.835root 11241100x80000000000000003913569Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca7188b1c5af6f072022-01-11 12:20:59.835root 11241100x80000000000000003913570Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9166bcceaeee0102022-01-11 12:20:59.835root 11241100x80000000000000003913571Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d77a47f1ef4037e2022-01-11 12:20:59.835root 11241100x80000000000000003913572Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b23e60931d4a49892022-01-11 12:20:59.835root 11241100x80000000000000003913573Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2b83727c3c957042022-01-11 12:20:59.835root 11241100x80000000000000003913574Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a559aaebc9d1da3f2022-01-11 12:20:59.835root 11241100x80000000000000003913575Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.582d4c9539936d812022-01-11 12:20:59.836root 11241100x80000000000000003913576Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f2dd709ffe8e7e22022-01-11 12:20:59.836root 11241100x80000000000000003913577Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e41c6921391562a32022-01-11 12:20:59.836root 11241100x80000000000000003913578Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5fc00a6ed69906d22022-01-11 12:20:59.836root 11241100x80000000000000003913579Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77495c4a5438f8982022-01-11 12:20:59.836root 11241100x80000000000000003913580Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ff604edab79ea332022-01-11 12:20:59.836root 11241100x80000000000000003913581Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c769247e9e948dc92022-01-11 12:20:59.836root 11241100x80000000000000003913582Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40edefbf42c87fe62022-01-11 12:20:59.836root 11241100x80000000000000003913583Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c4556e369b1ebe282022-01-11 12:20:59.836root 11241100x80000000000000003913584Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac192c4c0b5e209c2022-01-11 12:20:59.836root 11241100x80000000000000003913585Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34a224dff90629bc2022-01-11 12:20:59.837root 11241100x80000000000000003913586Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.78ff97b5707d270b2022-01-11 12:20:59.837root 11241100x80000000000000003913587Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e75091c0e05b37ed2022-01-11 12:20:59.837root 11241100x80000000000000003913588Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8def9af7d8f289c2022-01-11 12:20:59.837root 11241100x80000000000000003913589Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02ca45e465a5d1ec2022-01-11 12:20:59.837root 11241100x80000000000000003913590Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.867d2bdbb257fb232022-01-11 12:20:59.837root 11241100x80000000000000003913591Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.287f6b16d131208f2022-01-11 12:20:59.837root 11241100x80000000000000003913592Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb56587e6ddbb8e02022-01-11 12:20:59.837root 11241100x80000000000000003913593Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f058587b20ede5c52022-01-11 12:20:59.837root 11241100x80000000000000003913594Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4b3e9d5748224942022-01-11 12:20:59.837root 11241100x80000000000000003913595Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11c9b861a9b3401e2022-01-11 12:20:59.837root 11241100x80000000000000003913596Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25f6f68cd93363542022-01-11 12:20:59.837root 11241100x80000000000000003913597Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6257e509140bc302022-01-11 12:20:59.837root 11241100x80000000000000003913598Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:20:59.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.067681d87c9697ce2022-01-11 12:20:59.837root 354300x80000000000000003913599Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.098{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56308-false10.0.1.12-8000- 11241100x80000000000000003913600Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.099{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08a8ed9a8fc8708d2022-01-11 12:21:00.099root 11241100x80000000000000003913601Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.099{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.139053d73b374c6c2022-01-11 12:21:00.099root 11241100x80000000000000003913602Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.099{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c56c1bbc565e7da2022-01-11 12:21:00.099root 11241100x80000000000000003913603Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.099{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a58d291c23cbaaf22022-01-11 12:21:00.099root 11241100x80000000000000003913604Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.100{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35ef19c1ed75119e2022-01-11 12:21:00.100root 11241100x80000000000000003913605Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.100{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4cd755dadc598cdc2022-01-11 12:21:00.100root 11241100x80000000000000003913606Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.100{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51c96e508508575f2022-01-11 12:21:00.100root 11241100x80000000000000003913607Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.100{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57b4e031e890f44f2022-01-11 12:21:00.100root 11241100x80000000000000003913608Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.101{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c20a4afed48c6bdc2022-01-11 12:21:00.101root 11241100x80000000000000003913609Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.101{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df615bc4bdc98ffc2022-01-11 12:21:00.101root 11241100x80000000000000003913610Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.101{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.78518c78d31343d62022-01-11 12:21:00.101root 11241100x80000000000000003913611Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.101{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.829007081bf5803c2022-01-11 12:21:00.101root 11241100x80000000000000003913612Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.102{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cba7afbf97c9e8522022-01-11 12:21:00.102root 11241100x80000000000000003913613Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.102{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bde8d59bc0d8e20a2022-01-11 12:21:00.102root 11241100x80000000000000003913614Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.102{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.92718e27a06ca6f82022-01-11 12:21:00.102root 11241100x80000000000000003913615Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.102{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.decceea063ddadc22022-01-11 12:21:00.102root 11241100x80000000000000003913616Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.102{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.452eef070139702b2022-01-11 12:21:00.102root 11241100x80000000000000003913617Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.103{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f21934abd9932352022-01-11 12:21:00.103root 11241100x80000000000000003913618Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.103{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c572599c282bf5fc2022-01-11 12:21:00.103root 11241100x80000000000000003913619Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.103{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f452b140c3595212022-01-11 12:21:00.103root 11241100x80000000000000003913620Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.104{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f41a513090524532022-01-11 12:21:00.104root 11241100x80000000000000003913621Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.104{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.75ed229f1aad8df02022-01-11 12:21:00.104root 11241100x80000000000000003913622Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.104{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f78fda172fcc8f4c2022-01-11 12:21:00.104root 11241100x80000000000000003913623Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.104{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3901bb243283f11c2022-01-11 12:21:00.104root 11241100x80000000000000003913624Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.104{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.14a47a5b86d321dd2022-01-11 12:21:00.104root 11241100x80000000000000003913625Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.105{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f5478ad7119c15b2022-01-11 12:21:00.105root 11241100x80000000000000003913626Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.105{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4aaa19448c920842022-01-11 12:21:00.105root 11241100x80000000000000003913627Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.105{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0076ed0a86448922022-01-11 12:21:00.105root 11241100x80000000000000003913628Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.105{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15cf6a21e4a4c94a2022-01-11 12:21:00.105root 11241100x80000000000000003913629Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.105{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.936b4a890eec0d6e2022-01-11 12:21:00.105root 11241100x80000000000000003913630Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.105{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d931f8fe5ba07a52022-01-11 12:21:00.105root 11241100x80000000000000003913631Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.105{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be2a18c44a6953d72022-01-11 12:21:00.105root 11241100x80000000000000003913632Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.106{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.010a9027376e30152022-01-11 12:21:00.106root 11241100x80000000000000003913633Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.106{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32fded3f7e71bca52022-01-11 12:21:00.106root 11241100x80000000000000003913634Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.106{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4f644a8464042a42022-01-11 12:21:00.106root 11241100x80000000000000003913635Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.106{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26ba077236638cbb2022-01-11 12:21:00.106root 11241100x80000000000000003913636Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.106{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f2b07f737b8f5612022-01-11 12:21:00.106root 11241100x80000000000000003913637Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.106{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23669887c91a47e32022-01-11 12:21:00.106root 11241100x80000000000000003913638Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.106{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df32840fbb55c4b22022-01-11 12:21:00.106root 11241100x80000000000000003913639Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.107{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.99ba43d1485d5b442022-01-11 12:21:00.107root 11241100x80000000000000003913640Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.107{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3c05304257a03972022-01-11 12:21:00.107root 11241100x80000000000000003913641Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.107{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5297bce902d840d32022-01-11 12:21:00.107root 11241100x80000000000000003913642Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.107{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.13d1c7f03eb383482022-01-11 12:21:00.107root 11241100x80000000000000003913643Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.107{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1be9d56ca41327d82022-01-11 12:21:00.107root 11241100x80000000000000003913644Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.107{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc22aa231d7e0d292022-01-11 12:21:00.107root 11241100x80000000000000003913645Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e0ad286e6edafa12022-01-11 12:21:00.584root 11241100x80000000000000003913646Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d482ee978ea909372022-01-11 12:21:00.585root 11241100x80000000000000003913647Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.095aad167c81ce282022-01-11 12:21:00.585root 11241100x80000000000000003913648Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e252571ba46b7e62022-01-11 12:21:00.585root 11241100x80000000000000003913649Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38b4a44d48d3b33c2022-01-11 12:21:00.585root 11241100x80000000000000003913650Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d46ca5c81bc25062022-01-11 12:21:00.586root 11241100x80000000000000003913651Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e5b5a890443d6dd2022-01-11 12:21:00.586root 11241100x80000000000000003913652Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.095a113af4380a8f2022-01-11 12:21:00.586root 11241100x80000000000000003913653Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22f1b223f66df9482022-01-11 12:21:00.586root 11241100x80000000000000003913654Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a7128dc22b1580c2022-01-11 12:21:00.586root 11241100x80000000000000003913655Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95793a2836d047bc2022-01-11 12:21:00.586root 11241100x80000000000000003913656Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f23eb6d10c35440a2022-01-11 12:21:00.587root 11241100x80000000000000003913657Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.837c370ec601be572022-01-11 12:21:00.587root 11241100x80000000000000003913658Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.70f57d109461919a2022-01-11 12:21:00.587root 11241100x80000000000000003913659Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11bd0ccc9fcb44862022-01-11 12:21:00.587root 11241100x80000000000000003913660Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e338fc33032c8c3d2022-01-11 12:21:00.587root 11241100x80000000000000003913661Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65d007441cd6d9fc2022-01-11 12:21:00.587root 11241100x80000000000000003913662Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dce6809d9a1917072022-01-11 12:21:00.587root 11241100x80000000000000003913663Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05bded904a69b1602022-01-11 12:21:00.587root 11241100x80000000000000003913664Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1cbd5bdf6885b712022-01-11 12:21:00.587root 11241100x80000000000000003913665Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c836955716a0830a2022-01-11 12:21:00.587root 11241100x80000000000000003913666Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a97d5c8939e430f2022-01-11 12:21:00.587root 11241100x80000000000000003913667Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.670b06a1b08877d72022-01-11 12:21:00.587root 11241100x80000000000000003913668Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23975c13e270eecb2022-01-11 12:21:00.587root 11241100x80000000000000003913669Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.caf5b751ce0b67d92022-01-11 12:21:00.587root 11241100x80000000000000003913670Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.669e2056663ca8f52022-01-11 12:21:00.588root 11241100x80000000000000003913671Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.519297d0bba42ff42022-01-11 12:21:00.588root 11241100x80000000000000003913672Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81b66d870134f8a42022-01-11 12:21:00.588root 11241100x80000000000000003913673Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86568fa79751411a2022-01-11 12:21:00.588root 11241100x80000000000000003913674Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.31fadfa606abefe92022-01-11 12:21:00.588root 11241100x80000000000000003913675Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2fa1e0b697968f332022-01-11 12:21:00.588root 11241100x80000000000000003913676Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6b081ad22a23cc82022-01-11 12:21:00.588root 11241100x80000000000000003913677Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a92741864ed84b112022-01-11 12:21:00.588root 11241100x80000000000000003913678Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00ff5a33a6c843412022-01-11 12:21:00.588root 11241100x80000000000000003913679Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0cfc7d272fa845612022-01-11 12:21:00.588root 11241100x80000000000000003913680Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f92511f197750752022-01-11 12:21:00.588root 11241100x80000000000000003913681Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02fbd69d499289d32022-01-11 12:21:00.590root 11241100x80000000000000003913682Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3d0d013bd5aa2972022-01-11 12:21:00.590root 11241100x80000000000000003913683Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:00.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c394fea8c05de3462022-01-11 12:21:00.590root 11241100x80000000000000003913684Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.103648408e0b02822022-01-11 12:21:01.083root 11241100x80000000000000003913685Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7bf005f21b47200e2022-01-11 12:21:01.083root 11241100x80000000000000003913686Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1da97b634d12b4fa2022-01-11 12:21:01.083root 11241100x80000000000000003913687Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e2ffe2fa09c643e2022-01-11 12:21:01.083root 11241100x80000000000000003913688Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46fb9bdb8de434a52022-01-11 12:21:01.084root 11241100x80000000000000003913689Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6921c5dc45ab36f2022-01-11 12:21:01.084root 11241100x80000000000000003913690Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.995a4c74a8774cc72022-01-11 12:21:01.084root 11241100x80000000000000003913691Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8861bf5573fd4a592022-01-11 12:21:01.084root 11241100x80000000000000003913692Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35008b87e94a3a722022-01-11 12:21:01.084root 11241100x80000000000000003913693Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a34618e806090f422022-01-11 12:21:01.084root 11241100x80000000000000003913694Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6e8b8f6fe1b55c92022-01-11 12:21:01.084root 11241100x80000000000000003913695Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d9aec37ca8987652022-01-11 12:21:01.084root 11241100x80000000000000003913696Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.304478fd41a1f6852022-01-11 12:21:01.085root 11241100x80000000000000003913697Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d913387526feaf502022-01-11 12:21:01.085root 11241100x80000000000000003913698Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e70df1571a34b5812022-01-11 12:21:01.085root 11241100x80000000000000003913699Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff41a19b1131a2872022-01-11 12:21:01.085root 11241100x80000000000000003913700Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b88e11cd7fa2d2922022-01-11 12:21:01.085root 11241100x80000000000000003913701Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfac2e4f40f9a0622022-01-11 12:21:01.085root 11241100x80000000000000003913702Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6ecee2f923d30022022-01-11 12:21:01.085root 11241100x80000000000000003913703Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.663a13c1a91fd15b2022-01-11 12:21:01.086root 11241100x80000000000000003913704Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.573c6cfe7c2a0cfa2022-01-11 12:21:01.086root 11241100x80000000000000003913705Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be306a6d8d14a8aa2022-01-11 12:21:01.086root 11241100x80000000000000003913706Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a8ce93cefc8eef12022-01-11 12:21:01.086root 11241100x80000000000000003913707Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8edb49458158f0a2022-01-11 12:21:01.086root 11241100x80000000000000003913708Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee8d1231075f90de2022-01-11 12:21:01.086root 11241100x80000000000000003913709Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09dfb3f9d853e26f2022-01-11 12:21:01.087root 11241100x80000000000000003913710Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bbbc7aab0cf8d58b2022-01-11 12:21:01.087root 11241100x80000000000000003913711Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f798315e13042c52022-01-11 12:21:01.087root 11241100x80000000000000003913712Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a534b74cb40518982022-01-11 12:21:01.087root 11241100x80000000000000003913713Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec8cf92829c3d3d42022-01-11 12:21:01.087root 11241100x80000000000000003913714Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93f7676cd55053a42022-01-11 12:21:01.088root 11241100x80000000000000003913715Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6af8b4633bdb60352022-01-11 12:21:01.088root 11241100x80000000000000003913716Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b80148bfc8b0c88f2022-01-11 12:21:01.088root 11241100x80000000000000003913717Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e2a4655d828ef452022-01-11 12:21:01.088root 11241100x80000000000000003913718Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.211d13947f7c2bb32022-01-11 12:21:01.088root 11241100x80000000000000003913719Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9503a49768dc0c52022-01-11 12:21:01.088root 11241100x80000000000000003913720Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d23856ac469739f12022-01-11 12:21:01.088root 11241100x80000000000000003913721Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8a91ead671ecf162022-01-11 12:21:01.088root 11241100x80000000000000003913722Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9633268b045ca10e2022-01-11 12:21:01.089root 11241100x80000000000000003913723Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e778b321830828fc2022-01-11 12:21:01.089root 11241100x80000000000000003913724Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.708c012d025ce0302022-01-11 12:21:01.583root 11241100x80000000000000003913725Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cdb072e743a3fe972022-01-11 12:21:01.583root 11241100x80000000000000003913726Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ac6a77d06d737d92022-01-11 12:21:01.584root 11241100x80000000000000003913727Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ecb46cfebf6029022022-01-11 12:21:01.584root 11241100x80000000000000003913728Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d73d92a45a3a3c302022-01-11 12:21:01.584root 11241100x80000000000000003913729Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de0a0d8df959fc3c2022-01-11 12:21:01.584root 11241100x80000000000000003913730Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb594d8d072bafd42022-01-11 12:21:01.584root 11241100x80000000000000003913731Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44564b76613cf8c52022-01-11 12:21:01.584root 11241100x80000000000000003913732Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47313d54e3e8a59d2022-01-11 12:21:01.584root 11241100x80000000000000003913733Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7daf0e70fb4508632022-01-11 12:21:01.584root 11241100x80000000000000003913734Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d27f4dfcd4eaf7c2022-01-11 12:21:01.585root 11241100x80000000000000003913735Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.87b4d4e30c4a62f52022-01-11 12:21:01.585root 11241100x80000000000000003913736Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81d97ca3b1a11a0f2022-01-11 12:21:01.585root 11241100x80000000000000003913737Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f2b9fb6974759b52022-01-11 12:21:01.585root 11241100x80000000000000003913738Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a41e374a6fb40ac62022-01-11 12:21:01.585root 11241100x80000000000000003913739Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4dc0b96704f65b12022-01-11 12:21:01.585root 11241100x80000000000000003913740Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c423845e1196e2662022-01-11 12:21:01.585root 11241100x80000000000000003913741Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc93ec4eb8d4a7322022-01-11 12:21:01.585root 11241100x80000000000000003913742Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2bd66ee399b82dc2022-01-11 12:21:01.585root 11241100x80000000000000003913743Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4dcc2c91e67dea212022-01-11 12:21:01.585root 11241100x80000000000000003913744Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df3a48de5fbb551e2022-01-11 12:21:01.585root 11241100x80000000000000003913745Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e185ec4872bff912022-01-11 12:21:01.585root 11241100x80000000000000003913746Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0dcfa0bc6486260d2022-01-11 12:21:01.586root 11241100x80000000000000003913747Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9000b1d8ee9703522022-01-11 12:21:01.586root 11241100x80000000000000003913748Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c5de2ea451bc8f42022-01-11 12:21:01.586root 11241100x80000000000000003913749Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b8868bc7ec8e4e82022-01-11 12:21:01.586root 11241100x80000000000000003913750Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a2b37c20d72afb72022-01-11 12:21:01.586root 11241100x80000000000000003913751Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ed55b97c03b24372022-01-11 12:21:01.586root 11241100x80000000000000003913752Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9213c5d79b61c8b52022-01-11 12:21:01.586root 11241100x80000000000000003913753Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73e483b467f47f6e2022-01-11 12:21:01.586root 11241100x80000000000000003913754Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12e1a7e2185ef6802022-01-11 12:21:01.586root 11241100x80000000000000003913755Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a2f2e66a94af85a2022-01-11 12:21:01.586root 11241100x80000000000000003913756Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ff21c3615deafb12022-01-11 12:21:01.587root 11241100x80000000000000003913757Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38f1e972ea4585662022-01-11 12:21:01.587root 11241100x80000000000000003913758Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b35bb6727df7b8f2022-01-11 12:21:01.587root 11241100x80000000000000003913759Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de4cea72d2b0ad212022-01-11 12:21:01.587root 11241100x80000000000000003913760Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6c332d57c985cd82022-01-11 12:21:01.587root 11241100x80000000000000003913761Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc28ed6e6624131e2022-01-11 12:21:01.587root 11241100x80000000000000003913762Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7225d4c572ab05002022-01-11 12:21:01.587root 11241100x80000000000000003913763Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:01.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0daefae3ae41c232022-01-11 12:21:01.587root 11241100x80000000000000003913764Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b14ef49558f25292022-01-11 12:21:02.083root 11241100x80000000000000003913765Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2284a2b1934501e72022-01-11 12:21:02.083root 11241100x80000000000000003913766Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db686e6cc64ea5832022-01-11 12:21:02.084root 11241100x80000000000000003913767Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.230c7f0600fda88e2022-01-11 12:21:02.084root 11241100x80000000000000003913768Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa0c12d84217bacd2022-01-11 12:21:02.084root 11241100x80000000000000003913769Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a73af9494cccc99e2022-01-11 12:21:02.084root 11241100x80000000000000003913770Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ca775dab7ba2cb22022-01-11 12:21:02.084root 11241100x80000000000000003913771Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38bd343a73d11a252022-01-11 12:21:02.084root 11241100x80000000000000003913772Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6d0a8a1282c43492022-01-11 12:21:02.084root 11241100x80000000000000003913773Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d77d18f3bdfbdf9b2022-01-11 12:21:02.084root 11241100x80000000000000003913774Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a15d6667bf150492022-01-11 12:21:02.085root 11241100x80000000000000003913775Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4049729711ce03012022-01-11 12:21:02.085root 11241100x80000000000000003913776Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40a4869c56f24b432022-01-11 12:21:02.085root 11241100x80000000000000003913777Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35d0ab4ad511eeda2022-01-11 12:21:02.085root 11241100x80000000000000003913778Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f87814a387e0d3032022-01-11 12:21:02.086root 11241100x80000000000000003913779Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8643b02e990821622022-01-11 12:21:02.086root 11241100x80000000000000003913780Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.45556e080c2ce5402022-01-11 12:21:02.086root 11241100x80000000000000003913781Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93320132872b899a2022-01-11 12:21:02.086root 11241100x80000000000000003913782Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d3605d4a82e8e5b2022-01-11 12:21:02.086root 11241100x80000000000000003913783Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f83f8712889c0132022-01-11 12:21:02.087root 11241100x80000000000000003913784Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a9e4026203fca1d2022-01-11 12:21:02.087root 11241100x80000000000000003913785Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.855650f4b0b315b62022-01-11 12:21:02.087root 11241100x80000000000000003913786Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bee9951ef953aca22022-01-11 12:21:02.087root 11241100x80000000000000003913787Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4bf2cb7a4cbb7072022-01-11 12:21:02.087root 11241100x80000000000000003913788Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.428e828fd20c59e52022-01-11 12:21:02.088root 11241100x80000000000000003913789Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.147827b159ad43942022-01-11 12:21:02.088root 11241100x80000000000000003913790Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48eceeb7a55e18342022-01-11 12:21:02.088root 11241100x80000000000000003913791Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.780a1debc026f4ff2022-01-11 12:21:02.088root 11241100x80000000000000003913792Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a267c1268ccecb22022-01-11 12:21:02.088root 11241100x80000000000000003913793Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23067d54fc58097b2022-01-11 12:21:02.088root 11241100x80000000000000003913794Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f5cec27338627382022-01-11 12:21:02.089root 11241100x80000000000000003913795Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.603dea23b17cbeaa2022-01-11 12:21:02.089root 11241100x80000000000000003913796Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5872a1a6fe2a60e2022-01-11 12:21:02.089root 11241100x80000000000000003913797Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1e7935d30f6bda082022-01-11 12:21:02.089root 11241100x80000000000000003913798Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b8c8ddfcef5096db2022-01-11 12:21:02.090root 11241100x80000000000000003913799Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa683e83fa6930502022-01-11 12:21:02.090root 11241100x80000000000000003913800Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19474257a15542992022-01-11 12:21:02.090root 11241100x80000000000000003913801Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.359d513aa7629d202022-01-11 12:21:02.090root 11241100x80000000000000003913802Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.70d991c6d600a37b2022-01-11 12:21:02.090root 11241100x80000000000000003913803Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.31c786d17d9a52d62022-01-11 12:21:02.090root 11241100x80000000000000003913804Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e50c7aa4a91ed9d2022-01-11 12:21:02.090root 11241100x80000000000000003913805Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47f7ada782e617c22022-01-11 12:21:02.090root 11241100x80000000000000003913806Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb8e65087aa3d4df2022-01-11 12:21:02.090root 11241100x80000000000000003913807Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a89d4a6925edc2d02022-01-11 12:21:02.090root 11241100x80000000000000003913808Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d845dfe05cfd023d2022-01-11 12:21:02.090root 11241100x80000000000000003913809Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6adeb33317e57922022-01-11 12:21:02.090root 11241100x80000000000000003913810Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c1c1236fbf35f872022-01-11 12:21:02.091root 11241100x80000000000000003913811Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a7dbb8b7df0947d2022-01-11 12:21:02.091root 11241100x80000000000000003913812Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83af7ef933014ad02022-01-11 12:21:02.091root 11241100x80000000000000003913813Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f28c4fe9a3438fd2022-01-11 12:21:02.584root 11241100x80000000000000003913814Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1faf0790f2c4247e2022-01-11 12:21:02.584root 11241100x80000000000000003913815Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.30da460175dec5dc2022-01-11 12:21:02.584root 11241100x80000000000000003913816Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0fad349d715f8362022-01-11 12:21:02.584root 11241100x80000000000000003913817Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b95f203dde08b9062022-01-11 12:21:02.584root 11241100x80000000000000003913818Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b792d8ae06bf93a2022-01-11 12:21:02.584root 11241100x80000000000000003913819Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.096cab4bfad163c62022-01-11 12:21:02.584root 11241100x80000000000000003913820Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.27167f29a835a7142022-01-11 12:21:02.584root 11241100x80000000000000003913821Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9229b6f180d3434d2022-01-11 12:21:02.584root 11241100x80000000000000003913822Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09c5004d69d090002022-01-11 12:21:02.585root 11241100x80000000000000003913823Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1b860ea1b9007502022-01-11 12:21:02.585root 11241100x80000000000000003913824Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a001106a229d11d2022-01-11 12:21:02.585root 11241100x80000000000000003913825Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fbdfa65a720d5062022-01-11 12:21:02.585root 11241100x80000000000000003913826Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3deca1c7dd5647a82022-01-11 12:21:02.585root 11241100x80000000000000003913827Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2fff291581bca09e2022-01-11 12:21:02.585root 11241100x80000000000000003913828Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ecdb61b7d972ea82022-01-11 12:21:02.585root 11241100x80000000000000003913829Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1cbda0a22fdf1b312022-01-11 12:21:02.585root 11241100x80000000000000003913830Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e58d3723dc21c3702022-01-11 12:21:02.585root 11241100x80000000000000003913831Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f2b4e9ddddff63e2022-01-11 12:21:02.585root 11241100x80000000000000003913832Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16d8a4cc32bba3ff2022-01-11 12:21:02.586root 11241100x80000000000000003913833Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e7291e2e40249032022-01-11 12:21:02.586root 11241100x80000000000000003913834Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d49ae874c473e67e2022-01-11 12:21:02.586root 11241100x80000000000000003913835Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d4a1e95b22e93b42022-01-11 12:21:02.586root 11241100x80000000000000003913836Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2dac5979756e8972022-01-11 12:21:02.586root 11241100x80000000000000003913837Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4d13920bcab81be2022-01-11 12:21:02.586root 11241100x80000000000000003913838Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d5e54d4470cb8682022-01-11 12:21:02.586root 11241100x80000000000000003913839Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53fc2fd9e7fca2f22022-01-11 12:21:02.586root 11241100x80000000000000003913840Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e2512ea06ecf17f2022-01-11 12:21:02.586root 11241100x80000000000000003913841Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e043eb453f6e2f22022-01-11 12:21:02.586root 11241100x80000000000000003913842Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.539922d417aad83b2022-01-11 12:21:02.586root 11241100x80000000000000003913843Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b57163af9defbbe12022-01-11 12:21:02.586root 11241100x80000000000000003913844Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fd8e2cf5a9f55de2022-01-11 12:21:02.587root 11241100x80000000000000003913845Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ba83d6e03bf05be2022-01-11 12:21:02.587root 11241100x80000000000000003913846Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63fe170394292bc52022-01-11 12:21:02.587root 11241100x80000000000000003913847Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a221efab50031b6f2022-01-11 12:21:02.587root 11241100x80000000000000003913848Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3b1ba550b4d22ab2022-01-11 12:21:02.587root 11241100x80000000000000003913849Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c40d297cbdd618ee2022-01-11 12:21:02.587root 11241100x80000000000000003913850Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b817ef97dcbfc042022-01-11 12:21:02.587root 11241100x80000000000000003913851Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f6eeb2655274c642022-01-11 12:21:02.587root 11241100x80000000000000003913852Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b8c22cb27cd56b9e2022-01-11 12:21:02.587root 11241100x80000000000000003913853Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74cd1576219fb21b2022-01-11 12:21:02.587root 11241100x80000000000000003913854Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.288b63b6c02251aa2022-01-11 12:21:02.587root 11241100x80000000000000003913855Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39ba4eacc8efc8002022-01-11 12:21:02.587root 11241100x80000000000000003913856Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79fe165a4c198bdc2022-01-11 12:21:02.587root 11241100x80000000000000003913857Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe004aac51e073b52022-01-11 12:21:02.587root 11241100x80000000000000003913858Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c7b92b6257aa2a42022-01-11 12:21:02.587root 11241100x80000000000000003913859Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ceb970138b5255f2022-01-11 12:21:02.588root 11241100x80000000000000003913860Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9602cd394167c6a2022-01-11 12:21:02.588root 11241100x80000000000000003913861Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26f342f78417fab22022-01-11 12:21:02.588root 11241100x80000000000000003913862Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.075e1ccad88eacdf2022-01-11 12:21:02.588root 11241100x80000000000000003913863Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4bae1a658fb5abf82022-01-11 12:21:02.588root 11241100x80000000000000003913864Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:02.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db2b063dcd5e56412022-01-11 12:21:02.588root 11241100x80000000000000003913865Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7291a348a08764252022-01-11 12:21:03.084root 11241100x80000000000000003913866Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de5abf3532974c3e2022-01-11 12:21:03.084root 11241100x80000000000000003913867Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.338a5cf13f0856f72022-01-11 12:21:03.084root 11241100x80000000000000003913868Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15cc68e2bba79b8e2022-01-11 12:21:03.084root 11241100x80000000000000003913869Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69a383e368f662622022-01-11 12:21:03.084root 11241100x80000000000000003913870Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd85c36dc158ca002022-01-11 12:21:03.084root 11241100x80000000000000003913871Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe975cb8836d049a2022-01-11 12:21:03.084root 11241100x80000000000000003913872Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72cfba634bba32b32022-01-11 12:21:03.084root 11241100x80000000000000003913873Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.723158a9ee90d4002022-01-11 12:21:03.084root 11241100x80000000000000003913874Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06bc2265a7cdb2462022-01-11 12:21:03.085root 11241100x80000000000000003913875Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d84569d390f1e802022-01-11 12:21:03.085root 11241100x80000000000000003913876Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.142a001485a894622022-01-11 12:21:03.085root 11241100x80000000000000003913877Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3f0ab43a588e9c62022-01-11 12:21:03.085root 11241100x80000000000000003913878Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7060d080d33ca26f2022-01-11 12:21:03.085root 11241100x80000000000000003913879Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5879c99c5a4fb9862022-01-11 12:21:03.085root 11241100x80000000000000003913880Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9be4935bf6d24012022-01-11 12:21:03.085root 11241100x80000000000000003913881Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aff8f6affeb8c06d2022-01-11 12:21:03.085root 11241100x80000000000000003913882Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ed198301a6dad6c2022-01-11 12:21:03.085root 11241100x80000000000000003913883Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba6b012c981692622022-01-11 12:21:03.085root 11241100x80000000000000003913884Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.236df6dd4ac604d42022-01-11 12:21:03.086root 11241100x80000000000000003913885Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33e47303fcd68c652022-01-11 12:21:03.086root 11241100x80000000000000003913886Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9465b4b64365c8a42022-01-11 12:21:03.086root 11241100x80000000000000003913887Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88307ea767a191532022-01-11 12:21:03.086root 11241100x80000000000000003913888Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25b599b6c57019de2022-01-11 12:21:03.086root 11241100x80000000000000003913889Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.175a1d3dec1a41d42022-01-11 12:21:03.086root 11241100x80000000000000003913890Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a4fd2a3f1dd8d7f2022-01-11 12:21:03.086root 11241100x80000000000000003913891Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79fca22ea5e715082022-01-11 12:21:03.086root 11241100x80000000000000003913892Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3c7c6606153e8ff2022-01-11 12:21:03.086root 11241100x80000000000000003913893Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04fdd362f7b77bc92022-01-11 12:21:03.086root 11241100x80000000000000003913894Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f43636b89aa1a1882022-01-11 12:21:03.087root 11241100x80000000000000003913895Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e16fa957b1f763722022-01-11 12:21:03.087root 11241100x80000000000000003913896Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8036bb560e8c64b32022-01-11 12:21:03.087root 11241100x80000000000000003913897Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.577bb749b4255fd22022-01-11 12:21:03.087root 11241100x80000000000000003913898Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f456f291c84de3002022-01-11 12:21:03.087root 11241100x80000000000000003913899Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7d4d7456d39d5e82022-01-11 12:21:03.087root 11241100x80000000000000003913900Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cbd49ea309e56d752022-01-11 12:21:03.087root 11241100x80000000000000003913901Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce04e21521be21fe2022-01-11 12:21:03.087root 11241100x80000000000000003913902Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.078c85c83653d3072022-01-11 12:21:03.087root 11241100x80000000000000003913903Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04c24039848870942022-01-11 12:21:03.087root 11241100x80000000000000003913904Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.031e1f20858c84842022-01-11 12:21:03.087root 11241100x80000000000000003913905Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b26f3f373c15e1a02022-01-11 12:21:03.087root 11241100x80000000000000003913906Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af51fa087c6efa022022-01-11 12:21:03.088root 11241100x80000000000000003913907Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06dfc5b7ce7089522022-01-11 12:21:03.088root 11241100x80000000000000003913908Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f1ea77cc80b0d352022-01-11 12:21:03.088root 11241100x80000000000000003913909Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b0f089fa82fa9e42022-01-11 12:21:03.088root 11241100x80000000000000003913910Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fce50acbbd5e8e682022-01-11 12:21:03.584root 11241100x80000000000000003913911Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a43a0095dbe31632022-01-11 12:21:03.584root 11241100x80000000000000003913912Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12401d585c0dca922022-01-11 12:21:03.584root 11241100x80000000000000003913913Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2d7c891637be83d2022-01-11 12:21:03.585root 11241100x80000000000000003913914Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.533f0f7ec70c10e92022-01-11 12:21:03.585root 11241100x80000000000000003913915Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce88b71f225654102022-01-11 12:21:03.585root 11241100x80000000000000003913916Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4e02840d59ce8e42022-01-11 12:21:03.585root 11241100x80000000000000003913917Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0350ad6880ed5b372022-01-11 12:21:03.585root 11241100x80000000000000003913918Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7196bebb3ff84b7e2022-01-11 12:21:03.586root 11241100x80000000000000003913919Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3554dd01e727ffa2022-01-11 12:21:03.586root 11241100x80000000000000003913920Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4aa3bbe71f293fa02022-01-11 12:21:03.586root 11241100x80000000000000003913921Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93bfd05ee444cca02022-01-11 12:21:03.586root 11241100x80000000000000003913922Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c357f851a1242142022-01-11 12:21:03.586root 11241100x80000000000000003913923Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eab03f1729d9af792022-01-11 12:21:03.587root 11241100x80000000000000003913924Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96c6a106019e5b5d2022-01-11 12:21:03.587root 11241100x80000000000000003913925Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d3d65af1bef494b2022-01-11 12:21:03.587root 11241100x80000000000000003913926Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34c38e718f7001f22022-01-11 12:21:03.587root 11241100x80000000000000003913927Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd361efbdd5e60392022-01-11 12:21:03.587root 11241100x80000000000000003913928Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eea606d70bcc1c3a2022-01-11 12:21:03.588root 11241100x80000000000000003913929Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6538390ad6a1c6272022-01-11 12:21:03.588root 11241100x80000000000000003913930Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad7f14492f6553f42022-01-11 12:21:03.588root 11241100x80000000000000003913931Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5769bbeeacac2cbc2022-01-11 12:21:03.588root 11241100x80000000000000003913932Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.813c41f22806aa012022-01-11 12:21:03.588root 11241100x80000000000000003913933Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df38b9975d3940192022-01-11 12:21:03.588root 11241100x80000000000000003913934Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7de496a8d03e9282022-01-11 12:21:03.588root 11241100x80000000000000003913935Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f11592fb0a5d6bcc2022-01-11 12:21:03.588root 11241100x80000000000000003913936Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21f410b30f0a6bf42022-01-11 12:21:03.588root 11241100x80000000000000003913937Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6206a49e1f14d622022-01-11 12:21:03.589root 11241100x80000000000000003913938Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.481aba148efdc83f2022-01-11 12:21:03.589root 11241100x80000000000000003913939Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef42bc6d35be38dc2022-01-11 12:21:03.589root 11241100x80000000000000003913940Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb89e786b24978ef2022-01-11 12:21:03.589root 11241100x80000000000000003913941Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c9cbb076cb133d12022-01-11 12:21:03.589root 11241100x80000000000000003913942Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.764bca032cc169ff2022-01-11 12:21:03.590root 11241100x80000000000000003913943Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e4edaede6716cbf2022-01-11 12:21:03.590root 11241100x80000000000000003913944Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf22f24c945b4e792022-01-11 12:21:03.590root 11241100x80000000000000003913945Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c53df7b85be72a42022-01-11 12:21:03.590root 11241100x80000000000000003913946Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6b2352f8b61d5da2022-01-11 12:21:03.590root 11241100x80000000000000003913947Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e3ee5cc67225d442022-01-11 12:21:03.590root 11241100x80000000000000003913948Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:03.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f59858def3fe80622022-01-11 12:21:03.590root 11241100x80000000000000003913949Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.718ffa1409a4e7cb2022-01-11 12:21:04.084root 11241100x80000000000000003913950Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72711c73397a272f2022-01-11 12:21:04.084root 11241100x80000000000000003913951Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8196f5ee88e6a242022-01-11 12:21:04.084root 11241100x80000000000000003913952Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.729f2f72d4e64ac32022-01-11 12:21:04.084root 11241100x80000000000000003913953Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.950466529c6c9ddf2022-01-11 12:21:04.084root 11241100x80000000000000003913954Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1b1313b65501bc62022-01-11 12:21:04.084root 11241100x80000000000000003913955Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.98c7859b15f84e1a2022-01-11 12:21:04.084root 11241100x80000000000000003913956Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb807bdc33fc39ed2022-01-11 12:21:04.085root 11241100x80000000000000003913957Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4651146d4eb2c432022-01-11 12:21:04.085root 11241100x80000000000000003913958Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef74103287cf321f2022-01-11 12:21:04.085root 11241100x80000000000000003913959Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4765ef50eb8230ea2022-01-11 12:21:04.085root 11241100x80000000000000003913960Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84992a80f467b78e2022-01-11 12:21:04.085root 11241100x80000000000000003913961Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55a1eb90cb1da3012022-01-11 12:21:04.085root 11241100x80000000000000003913962Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f333fdbd5d6cff22022-01-11 12:21:04.085root 11241100x80000000000000003913963Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fda52d0898b46a822022-01-11 12:21:04.085root 11241100x80000000000000003913964Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c564d058e8e8e442022-01-11 12:21:04.085root 11241100x80000000000000003913965Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e607703b51682e52022-01-11 12:21:04.085root 11241100x80000000000000003913966Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf7043fe8f023fde2022-01-11 12:21:04.085root 11241100x80000000000000003913967Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1855a17de9ea14f92022-01-11 12:21:04.085root 11241100x80000000000000003913968Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.969d08a487755ae12022-01-11 12:21:04.086root 11241100x80000000000000003913969Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3053ed3abfea1fa32022-01-11 12:21:04.086root 11241100x80000000000000003913970Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb3e79e7daa2c58e2022-01-11 12:21:04.086root 11241100x80000000000000003913971Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15451b2ecc03fe722022-01-11 12:21:04.086root 11241100x80000000000000003913972Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f6068059243e0652022-01-11 12:21:04.086root 11241100x80000000000000003913973Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9afd7f732f37f2a2022-01-11 12:21:04.086root 11241100x80000000000000003913974Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c3e4b9af7948d01f2022-01-11 12:21:04.086root 11241100x80000000000000003913975Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd93338e692ad4142022-01-11 12:21:04.086root 11241100x80000000000000003913976Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d9175965db423a322022-01-11 12:21:04.087root 11241100x80000000000000003913977Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa67a8bdc54fe31e2022-01-11 12:21:04.087root 11241100x80000000000000003913978Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26c1d0d22aae114a2022-01-11 12:21:04.087root 11241100x80000000000000003913979Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc0e2b693d1942cf2022-01-11 12:21:04.087root 11241100x80000000000000003913980Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db892a84ab54c1382022-01-11 12:21:04.087root 11241100x80000000000000003913981Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cdc52e0a699b70b22022-01-11 12:21:04.087root 11241100x80000000000000003913982Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09f725141e4d84752022-01-11 12:21:04.087root 11241100x80000000000000003913983Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20615aa3613cf4692022-01-11 12:21:04.087root 11241100x80000000000000003913984Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46a8e5d89b44e1b22022-01-11 12:21:04.087root 11241100x80000000000000003913985Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.012bcf3cded4debd2022-01-11 12:21:04.087root 11241100x80000000000000003913986Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f508dd0a4d3e3e5b2022-01-11 12:21:04.088root 11241100x80000000000000003913987Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c24b10f0f36098b2022-01-11 12:21:04.088root 11241100x80000000000000003913988Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df6007cf1ede5d9e2022-01-11 12:21:04.088root 11241100x80000000000000003913989Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.07d08b88ce1b683c2022-01-11 12:21:04.088root 11241100x80000000000000003913990Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0140b1d4bac8a29f2022-01-11 12:21:04.088root 11241100x80000000000000003913991Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f6362fe66476bf72022-01-11 12:21:04.088root 11241100x80000000000000003913992Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.386b2e6e7c56cc5f2022-01-11 12:21:04.088root 11241100x80000000000000003913993Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6edbce50fcfcb7ca2022-01-11 12:21:04.583root 11241100x80000000000000003913994Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3367d3f54149af842022-01-11 12:21:04.584root 11241100x80000000000000003913995Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66bdaa8470087e932022-01-11 12:21:04.584root 11241100x80000000000000003913996Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90f7802d6b1134a52022-01-11 12:21:04.584root 11241100x80000000000000003913997Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4735419bf16993432022-01-11 12:21:04.584root 11241100x80000000000000003913998Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7007b2aff22bcc0a2022-01-11 12:21:04.585root 11241100x80000000000000003913999Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.649bb69a2df144fc2022-01-11 12:21:04.585root 11241100x80000000000000003914000Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0ae98565a7110a32022-01-11 12:21:04.586root 11241100x80000000000000003914001Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d8621a395871a5a2022-01-11 12:21:04.586root 11241100x80000000000000003914002Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d34ef6e4e246cb02022-01-11 12:21:04.586root 11241100x80000000000000003914003Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eba78d666a0e4cb42022-01-11 12:21:04.587root 11241100x80000000000000003914004Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a613879a3132cdec2022-01-11 12:21:04.587root 11241100x80000000000000003914005Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e3f26a755726f9b2022-01-11 12:21:04.587root 11241100x80000000000000003914006Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d567ce60a65938552022-01-11 12:21:04.587root 11241100x80000000000000003914007Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9a8da7b5a78c0622022-01-11 12:21:04.587root 11241100x80000000000000003914008Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55c96df8d6eff96c2022-01-11 12:21:04.587root 11241100x80000000000000003914009Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c584f24e2e871e6e2022-01-11 12:21:04.587root 11241100x80000000000000003914010Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.58b14c9b3af751012022-01-11 12:21:04.588root 11241100x80000000000000003914011Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.640fce361259829b2022-01-11 12:21:04.588root 11241100x80000000000000003914012Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19eea3f35da6a9ac2022-01-11 12:21:04.588root 11241100x80000000000000003914013Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2bf9292bf9673c822022-01-11 12:21:04.588root 11241100x80000000000000003914014Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82d457c8d13998d12022-01-11 12:21:04.588root 11241100x80000000000000003914015Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a71f9c49caed4ae12022-01-11 12:21:04.588root 11241100x80000000000000003914016Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0865b2ae0fd98a122022-01-11 12:21:04.588root 11241100x80000000000000003914017Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50ac9d9efe131dc22022-01-11 12:21:04.588root 11241100x80000000000000003914018Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83ab62714784dfb52022-01-11 12:21:04.588root 11241100x80000000000000003914019Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b1e058f5da6ea532022-01-11 12:21:04.589root 11241100x80000000000000003914020Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6791dcfaacefa43f2022-01-11 12:21:04.589root 11241100x80000000000000003914021Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.681d20b0cddef5252022-01-11 12:21:04.589root 11241100x80000000000000003914022Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c977133b13ac98242022-01-11 12:21:04.589root 11241100x80000000000000003914023Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7d55cb5bcc51aa32022-01-11 12:21:04.589root 11241100x80000000000000003914024Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.acb80c03edabdf322022-01-11 12:21:04.589root 11241100x80000000000000003914025Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25314321427d6ebe2022-01-11 12:21:04.589root 11241100x80000000000000003914026Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1706b1e4d38ee1422022-01-11 12:21:04.589root 11241100x80000000000000003914027Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.970dfd5d46986adf2022-01-11 12:21:04.589root 11241100x80000000000000003914028Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.877054cfdfcf0c782022-01-11 12:21:04.589root 11241100x80000000000000003914029Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3160750ebf8152822022-01-11 12:21:04.589root 11241100x80000000000000003914030Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1bfdfc28e6d5f102022-01-11 12:21:04.589root 11241100x80000000000000003914031Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a13e659de704a622022-01-11 12:21:04.589root 11241100x80000000000000003914032Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63c03d362dfaca042022-01-11 12:21:04.589root 11241100x80000000000000003914033Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2191a1be760279542022-01-11 12:21:04.590root 11241100x80000000000000003914034Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ae7a7e1fc2479ff2022-01-11 12:21:04.590root 11241100x80000000000000003914035Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55e93edc3803b06e2022-01-11 12:21:04.590root 11241100x80000000000000003914036Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.589{ec2d504d-7621-61dd-90e5-77cfea550000}9859/usr/bin/ssh-keygen/home/ubuntu/.ssh/id_rsa2022-01-11 12:21:04.589ubuntu 11241100x80000000000000003914037Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.589{ec2d504d-7621-61dd-90e5-77cfea550000}9859/usr/bin/ssh-keygen/home/ubuntu/.ssh/id_rsa.pub2022-01-11 12:21:04.589ubuntu 534500x80000000000000003914038Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:04.590{ec2d504d-7621-61dd-90e5-77cfea550000}9859/usr/bin/ssh-keygenubuntu 11241100x80000000000000003914039Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1dac2d42af71eb762022-01-11 12:21:05.083root 11241100x80000000000000003914040Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4565a5fa23d20592022-01-11 12:21:05.084root 11241100x80000000000000003914041Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00dc50b34b56465b2022-01-11 12:21:05.084root 11241100x80000000000000003914042Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac010a13e0b17ac92022-01-11 12:21:05.084root 11241100x80000000000000003914043Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be17a3e6f6676b772022-01-11 12:21:05.085root 11241100x80000000000000003914044Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e115845181f1e9b82022-01-11 12:21:05.085root 11241100x80000000000000003914045Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e9f5556f3ca83ea2022-01-11 12:21:05.085root 11241100x80000000000000003914046Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d1ccd27930471e52022-01-11 12:21:05.085root 11241100x80000000000000003914047Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc5ead76d4c799af2022-01-11 12:21:05.085root 11241100x80000000000000003914048Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.499313906afc88842022-01-11 12:21:05.086root 11241100x80000000000000003914049Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.edacb5bb8b73f9b32022-01-11 12:21:05.086root 11241100x80000000000000003914050Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25126b2e43a83db12022-01-11 12:21:05.086root 11241100x80000000000000003914051Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2b27b96a37a15912022-01-11 12:21:05.086root 11241100x80000000000000003914052Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cacecfe78e21d0c92022-01-11 12:21:05.086root 11241100x80000000000000003914053Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91f557d65cf262d52022-01-11 12:21:05.087root 11241100x80000000000000003914054Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76a90e7ed1b5f0042022-01-11 12:21:05.087root 11241100x80000000000000003914055Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9aef4c1974dd98042022-01-11 12:21:05.087root 11241100x80000000000000003914056Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d11104c3513556b92022-01-11 12:21:05.087root 11241100x80000000000000003914057Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.530e96f562e43d762022-01-11 12:21:05.087root 11241100x80000000000000003914058Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1bf756cb509967bb2022-01-11 12:21:05.087root 11241100x80000000000000003914059Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f4d0c9fbd74384c2022-01-11 12:21:05.087root 11241100x80000000000000003914060Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c61823c38f4c95a2022-01-11 12:21:05.087root 11241100x80000000000000003914061Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f46aff98e72f17722022-01-11 12:21:05.088root 11241100x80000000000000003914062Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f593a32196c34fb12022-01-11 12:21:05.088root 11241100x80000000000000003914063Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ab485dc96ff53872022-01-11 12:21:05.088root 11241100x80000000000000003914064Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3db92468af38d1352022-01-11 12:21:05.088root 11241100x80000000000000003914065Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4f93a7f07f6dc032022-01-11 12:21:05.088root 11241100x80000000000000003914066Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ae7c16da8cb9f752022-01-11 12:21:05.088root 11241100x80000000000000003914067Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9428dad9636d5f232022-01-11 12:21:05.088root 11241100x80000000000000003914068Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e678cfc2e27bc3d12022-01-11 12:21:05.088root 11241100x80000000000000003914069Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.751366094442f7bc2022-01-11 12:21:05.088root 11241100x80000000000000003914070Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1312260d2bfb6dc32022-01-11 12:21:05.088root 11241100x80000000000000003914071Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1dedbedbd2cda7842022-01-11 12:21:05.088root 11241100x80000000000000003914072Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8eda2d48d74af8b2022-01-11 12:21:05.088root 11241100x80000000000000003914073Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cff4494d584bb84e2022-01-11 12:21:05.088root 11241100x80000000000000003914074Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.311a3f84de84803f2022-01-11 12:21:05.088root 11241100x80000000000000003914075Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1176e95015d6d6aa2022-01-11 12:21:05.088root 11241100x80000000000000003914076Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ebf851725db054ea2022-01-11 12:21:05.088root 11241100x80000000000000003914077Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a79c7abc9de418832022-01-11 12:21:05.089root 11241100x80000000000000003914078Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b8e1610681663292022-01-11 12:21:05.089root 11241100x80000000000000003914079Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.918d2a9324bd362d2022-01-11 12:21:05.089root 11241100x80000000000000003914080Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f5bd7d97028e87412022-01-11 12:21:05.089root 11241100x80000000000000003914081Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23531c42d43ecd792022-01-11 12:21:05.089root 11241100x80000000000000003914082Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc24c5cae0f990192022-01-11 12:21:05.089root 11241100x80000000000000003914083Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90d9466dc7e806da2022-01-11 12:21:05.089root 11241100x80000000000000003914084Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19447e147a33337d2022-01-11 12:21:05.089root 11241100x80000000000000003914085Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c41e6930c22defd52022-01-11 12:21:05.089root 11241100x80000000000000003914086Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ebd5082efce79dd2022-01-11 12:21:05.089root 11241100x80000000000000003914087Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.617f61156531b7f72022-01-11 12:21:05.089root 11241100x80000000000000003914088Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba6ccd2b424d09a92022-01-11 12:21:05.089root 11241100x80000000000000003914089Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2a16ba96ce89a3f2022-01-11 12:21:05.089root 11241100x80000000000000003914090Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f096992764aae752022-01-11 12:21:05.089root 354300x80000000000000003914091Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.246{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56310-false10.0.1.12-8000- 11241100x80000000000000003914092Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0501684fa89d77b92022-01-11 12:21:05.583root 11241100x80000000000000003914093Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f4b115d9514c0722022-01-11 12:21:05.583root 11241100x80000000000000003914094Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5af439ffe1bee4f82022-01-11 12:21:05.583root 11241100x80000000000000003914095Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d9da4ae70b8b9eae2022-01-11 12:21:05.583root 11241100x80000000000000003914096Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33c3b9682068393c2022-01-11 12:21:05.584root 11241100x80000000000000003914097Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.52e221d3e5c984022022-01-11 12:21:05.584root 11241100x80000000000000003914098Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc659d709c20c95e2022-01-11 12:21:05.584root 11241100x80000000000000003914099Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62a70e68c0a04b722022-01-11 12:21:05.584root 11241100x80000000000000003914100Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11542c2678d867f82022-01-11 12:21:05.584root 11241100x80000000000000003914101Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a8536e79390452a2022-01-11 12:21:05.584root 11241100x80000000000000003914102Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f91f1c85d4b56a442022-01-11 12:21:05.584root 11241100x80000000000000003914103Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9346392b3c32e142022-01-11 12:21:05.584root 11241100x80000000000000003914104Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4eccfc2850acd3932022-01-11 12:21:05.584root 11241100x80000000000000003914105Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6afc8a97d902d572022-01-11 12:21:05.584root 11241100x80000000000000003914106Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66b70569704285132022-01-11 12:21:05.584root 11241100x80000000000000003914107Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.269bb39d93f1f1f72022-01-11 12:21:05.584root 11241100x80000000000000003914108Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6004d25b88685fef2022-01-11 12:21:05.584root 11241100x80000000000000003914109Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a182d9c504ae87352022-01-11 12:21:05.585root 11241100x80000000000000003914110Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2fd0b780a98afaa22022-01-11 12:21:05.585root 11241100x80000000000000003914111Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d729792829bde1eb2022-01-11 12:21:05.585root 11241100x80000000000000003914112Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.438c12d9792eafa42022-01-11 12:21:05.585root 11241100x80000000000000003914113Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10ff0e46babd6bcc2022-01-11 12:21:05.585root 11241100x80000000000000003914114Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b24219689da504c2022-01-11 12:21:05.585root 11241100x80000000000000003914115Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47b330225f6392ba2022-01-11 12:21:05.585root 11241100x80000000000000003914116Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2caa0c328e90579e2022-01-11 12:21:05.585root 11241100x80000000000000003914117Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22258728396be9012022-01-11 12:21:05.585root 11241100x80000000000000003914118Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55f64980271b156c2022-01-11 12:21:05.585root 11241100x80000000000000003914119Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3700c3221050e7c72022-01-11 12:21:05.585root 11241100x80000000000000003914120Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6f0dee24b6ad70b2022-01-11 12:21:05.586root 11241100x80000000000000003914121Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1f3f2ef5c737c342022-01-11 12:21:05.586root 11241100x80000000000000003914122Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3aade5a71c1c38852022-01-11 12:21:05.586root 11241100x80000000000000003914123Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.869bc3f525ce76cb2022-01-11 12:21:05.586root 11241100x80000000000000003914124Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.edc81e772680254d2022-01-11 12:21:05.586root 11241100x80000000000000003914125Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2355724e638449cd2022-01-11 12:21:05.586root 11241100x80000000000000003914126Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65c5bc5694c97dec2022-01-11 12:21:05.586root 11241100x80000000000000003914127Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c3dfb53e8ff259532022-01-11 12:21:05.586root 11241100x80000000000000003914128Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51f7d0b898ab7ad62022-01-11 12:21:05.586root 11241100x80000000000000003914129Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9749059c420243b92022-01-11 12:21:05.586root 11241100x80000000000000003914130Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08f7c60641edbd0b2022-01-11 12:21:05.586root 11241100x80000000000000003914131Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05a1d4e229ed9cf72022-01-11 12:21:05.587root 11241100x80000000000000003914132Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c21da779a3bfce002022-01-11 12:21:05.587root 11241100x80000000000000003914133Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:05.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0328e14cf69e4ced2022-01-11 12:21:05.587root 11241100x80000000000000003914134Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0c276c537b1c6f52022-01-11 12:21:06.083root 11241100x80000000000000003914135Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4d24c1d3e8072002022-01-11 12:21:06.083root 11241100x80000000000000003914136Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.059a862fc1e3e0802022-01-11 12:21:06.083root 11241100x80000000000000003914137Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19bf26f71eca6e882022-01-11 12:21:06.084root 11241100x80000000000000003914138Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6907bb38632ea162022-01-11 12:21:06.084root 11241100x80000000000000003914139Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0eafaf8a216041e82022-01-11 12:21:06.084root 11241100x80000000000000003914140Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80533419cf22ac0b2022-01-11 12:21:06.084root 11241100x80000000000000003914141Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db7ca30134adbe562022-01-11 12:21:06.084root 11241100x80000000000000003914142Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b10984bc61a6e4042022-01-11 12:21:06.084root 11241100x80000000000000003914143Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4913eef9e96edbd52022-01-11 12:21:06.084root 11241100x80000000000000003914144Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1828f8a386cf1c82022-01-11 12:21:06.084root 11241100x80000000000000003914145Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c28f8db03680ebc2022-01-11 12:21:06.084root 11241100x80000000000000003914146Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e0e9a568e2b16312022-01-11 12:21:06.085root 11241100x80000000000000003914147Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0777a5baa20cb63b2022-01-11 12:21:06.085root 11241100x80000000000000003914148Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f43e2ece4eb1a1c2022-01-11 12:21:06.085root 11241100x80000000000000003914149Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.429ec70eb8a3feca2022-01-11 12:21:06.085root 11241100x80000000000000003914150Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.025f771e9b9770af2022-01-11 12:21:06.085root 11241100x80000000000000003914151Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3010368f6eddd3972022-01-11 12:21:06.085root 11241100x80000000000000003914152Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77c4fe51a3def58e2022-01-11 12:21:06.085root 11241100x80000000000000003914153Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d81f0a3142376bb2022-01-11 12:21:06.085root 11241100x80000000000000003914154Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.abb1bd3124d66de12022-01-11 12:21:06.086root 11241100x80000000000000003914155Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ddc172c261ed4372022-01-11 12:21:06.086root 11241100x80000000000000003914156Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5dff3ea51525ea22022-01-11 12:21:06.086root 11241100x80000000000000003914157Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c25ffd626db106cd2022-01-11 12:21:06.086root 11241100x80000000000000003914158Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.454fdfdb63f8fac22022-01-11 12:21:06.086root 11241100x80000000000000003914159Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bcd48ece9d81d0f02022-01-11 12:21:06.086root 11241100x80000000000000003914160Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62c60f5c598f226c2022-01-11 12:21:06.086root 11241100x80000000000000003914161Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4599c32912346fd32022-01-11 12:21:06.087root 11241100x80000000000000003914162Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72d270ee1eba05932022-01-11 12:21:06.087root 11241100x80000000000000003914163Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6a03201b2b9c1972022-01-11 12:21:06.087root 11241100x80000000000000003914164Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d9dce7850cb06082022-01-11 12:21:06.087root 11241100x80000000000000003914165Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7421ed8c5e07cfbe2022-01-11 12:21:06.087root 11241100x80000000000000003914166Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be747cd05f849d622022-01-11 12:21:06.087root 11241100x80000000000000003914167Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.29f187897f5917da2022-01-11 12:21:06.087root 11241100x80000000000000003914168Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10cdfa81c9ffdc932022-01-11 12:21:06.087root 11241100x80000000000000003914169Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d519f592e4a455d22022-01-11 12:21:06.087root 11241100x80000000000000003914170Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1739dcc23a9280e12022-01-11 12:21:06.087root 11241100x80000000000000003914171Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f6c5759a3d3fa6d2022-01-11 12:21:06.088root 11241100x80000000000000003914172Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68a0876acf1ee0d92022-01-11 12:21:06.088root 11241100x80000000000000003914173Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a03f89c1ac7f9fd2022-01-11 12:21:06.088root 11241100x80000000000000003914174Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8208f4ed033a85272022-01-11 12:21:06.088root 11241100x80000000000000003914175Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b933e4ae1816f0c02022-01-11 12:21:06.088root 11241100x80000000000000003914176Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.145468a030fa5eb62022-01-11 12:21:06.088root 11241100x80000000000000003914177Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c1a8f2f774c67a82022-01-11 12:21:06.088root 11241100x80000000000000003914178Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.836a25f90d5ad6572022-01-11 12:21:06.088root 11241100x80000000000000003914179Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce616b09b7ce824a2022-01-11 12:21:06.088root 11241100x80000000000000003914180Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da43edb82918e5292022-01-11 12:21:06.088root 11241100x80000000000000003914181Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5177673bef9d35d12022-01-11 12:21:06.088root 11241100x80000000000000003914182Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4afff3a08aa98d052022-01-11 12:21:06.089root 11241100x80000000000000003914183Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b2ebeedcbdf65d62022-01-11 12:21:06.089root 11241100x80000000000000003914184Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1871de61dfa592692022-01-11 12:21:06.089root 11241100x80000000000000003914185Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a058fed78dc48a22022-01-11 12:21:06.089root 11241100x80000000000000003914186Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1d16f7d013e6c752022-01-11 12:21:06.089root 11241100x80000000000000003914187Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7328b880ceeff3562022-01-11 12:21:06.089root 11241100x80000000000000003914188Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40961f702854a59f2022-01-11 12:21:06.089root 11241100x80000000000000003914189Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.99dacda5f99773c32022-01-11 12:21:06.090root 11241100x80000000000000003914190Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10a7cea5b4091a1f2022-01-11 12:21:06.090root 11241100x80000000000000003914191Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.958ec7e7a43e8f652022-01-11 12:21:06.090root 11241100x80000000000000003914192Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c179ee161f626d972022-01-11 12:21:06.090root 11241100x80000000000000003914193Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ca9c31470f95a9d2022-01-11 12:21:06.583root 11241100x80000000000000003914194Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3512300ccec104542022-01-11 12:21:06.583root 11241100x80000000000000003914195Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47365debfec517642022-01-11 12:21:06.583root 11241100x80000000000000003914196Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34867ea1004684a92022-01-11 12:21:06.583root 11241100x80000000000000003914197Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49191b3c361c11e02022-01-11 12:21:06.583root 11241100x80000000000000003914198Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ada4883602a4f092022-01-11 12:21:06.584root 11241100x80000000000000003914199Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa2c6f5290d87c922022-01-11 12:21:06.584root 11241100x80000000000000003914200Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d8f7dcedb53023e2022-01-11 12:21:06.585root 11241100x80000000000000003914201Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5eaed31d82e3b1482022-01-11 12:21:06.585root 11241100x80000000000000003914202Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.07e3db1c02b10d1a2022-01-11 12:21:06.586root 11241100x80000000000000003914203Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7c4a433b981b1012022-01-11 12:21:06.586root 11241100x80000000000000003914204Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8d9bea87f169c782022-01-11 12:21:06.586root 11241100x80000000000000003914205Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.079725f2aba9da062022-01-11 12:21:06.586root 11241100x80000000000000003914206Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41a8cdb1b4f9576b2022-01-11 12:21:06.586root 11241100x80000000000000003914207Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82b668ede581a2922022-01-11 12:21:06.587root 11241100x80000000000000003914208Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2f8ce6822d04eb72022-01-11 12:21:06.587root 11241100x80000000000000003914209Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c693402a3e2821992022-01-11 12:21:06.587root 11241100x80000000000000003914210Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e39e8a2b2d2ee5c2022-01-11 12:21:06.588root 11241100x80000000000000003914211Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0a67e8648dd8d922022-01-11 12:21:06.588root 11241100x80000000000000003914212Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33064105841983ed2022-01-11 12:21:06.588root 11241100x80000000000000003914213Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f892cc50e6e23342022-01-11 12:21:06.589root 11241100x80000000000000003914214Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95193eb335237ce12022-01-11 12:21:06.589root 11241100x80000000000000003914215Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b599b2d60c129de2022-01-11 12:21:06.589root 11241100x80000000000000003914216Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3df2b057da8ad35b2022-01-11 12:21:06.589root 11241100x80000000000000003914217Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.320e3437f032ab832022-01-11 12:21:06.589root 11241100x80000000000000003914218Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.85a451461f75e6422022-01-11 12:21:06.590root 11241100x80000000000000003914219Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1d16beff07036862022-01-11 12:21:06.590root 11241100x80000000000000003914220Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c9154277f7f40b22022-01-11 12:21:06.590root 11241100x80000000000000003914221Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34a5ef70a97764c02022-01-11 12:21:06.590root 11241100x80000000000000003914222Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc92d1caf3ea645c2022-01-11 12:21:06.590root 11241100x80000000000000003914223Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25546767c6d87e0a2022-01-11 12:21:06.591root 11241100x80000000000000003914224Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.afd21ac7ef0d285c2022-01-11 12:21:06.591root 11241100x80000000000000003914225Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6857e6a07f7dfd1f2022-01-11 12:21:06.591root 11241100x80000000000000003914226Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76bd9a6e68ee5d562022-01-11 12:21:06.591root 11241100x80000000000000003914227Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.592{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c942f3fa18ec0e32022-01-11 12:21:06.592root 11241100x80000000000000003914228Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.592{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ee22b789eccbcf42022-01-11 12:21:06.592root 11241100x80000000000000003914229Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.592{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66c4c058a4865bd62022-01-11 12:21:06.592root 11241100x80000000000000003914230Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.592{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.494cdde0aec537eb2022-01-11 12:21:06.592root 11241100x80000000000000003914231Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.593{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.262f621c0f14160d2022-01-11 12:21:06.593root 11241100x80000000000000003914232Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.593{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.24d7cfaeabbf4a902022-01-11 12:21:06.593root 11241100x80000000000000003914233Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.593{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.510192514d84f5c32022-01-11 12:21:06.593root 11241100x80000000000000003914234Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.594{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6286ef5398ec16d52022-01-11 12:21:06.594root 11241100x80000000000000003914235Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.594{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4ce8b4a7cfba0f92022-01-11 12:21:06.594root 11241100x80000000000000003914236Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.594{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23e980cf0aa873782022-01-11 12:21:06.594root 11241100x80000000000000003914237Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.594{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.280ca5fc63df9f562022-01-11 12:21:06.594root 11241100x80000000000000003914238Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.595{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f79b88d7037353232022-01-11 12:21:06.595root 11241100x80000000000000003914239Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:06.595{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6e2be685372345d2022-01-11 12:21:06.595root 11241100x80000000000000003914240Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2a8a10724de0a922022-01-11 12:21:07.084root 11241100x80000000000000003914241Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9c1fdf0ac76144c2022-01-11 12:21:07.084root 11241100x80000000000000003914242Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9cf8d5e986f3f7002022-01-11 12:21:07.084root 11241100x80000000000000003914243Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4384b9e20dd435842022-01-11 12:21:07.084root 11241100x80000000000000003914244Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3d31a322e9dea1c2022-01-11 12:21:07.084root 11241100x80000000000000003914245Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0438559f03d42ea82022-01-11 12:21:07.084root 11241100x80000000000000003914246Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3448220d275a3a632022-01-11 12:21:07.084root 11241100x80000000000000003914247Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9692b1fd82e3bcc22022-01-11 12:21:07.084root 11241100x80000000000000003914248Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32fb08bd2dc8eb272022-01-11 12:21:07.084root 11241100x80000000000000003914249Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8710a2cbce4f917a2022-01-11 12:21:07.084root 11241100x80000000000000003914250Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.78076730c13293492022-01-11 12:21:07.085root 11241100x80000000000000003914251Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f67aa7ffbcb2b5ab2022-01-11 12:21:07.085root 11241100x80000000000000003914252Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d7b4b246ee001a62022-01-11 12:21:07.085root 11241100x80000000000000003914253Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c597d5bec5970242022-01-11 12:21:07.085root 11241100x80000000000000003914254Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a810352bbc4446572022-01-11 12:21:07.085root 11241100x80000000000000003914255Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b5e053dbac6e6d22022-01-11 12:21:07.085root 11241100x80000000000000003914256Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0dc6b54e5ab0951a2022-01-11 12:21:07.085root 11241100x80000000000000003914257Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8b524ab002b556b2022-01-11 12:21:07.085root 11241100x80000000000000003914258Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.329a2d8d4d284f902022-01-11 12:21:07.085root 11241100x80000000000000003914259Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.586c0b430f8e762b2022-01-11 12:21:07.085root 11241100x80000000000000003914260Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fc7b480b48332402022-01-11 12:21:07.085root 11241100x80000000000000003914261Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.788f3baec489eea82022-01-11 12:21:07.085root 11241100x80000000000000003914262Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e69edbf1ac5e02cf2022-01-11 12:21:07.085root 11241100x80000000000000003914263Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c746f8e3c26e5242022-01-11 12:21:07.086root 11241100x80000000000000003914264Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.361e8ef864fb15aa2022-01-11 12:21:07.086root 11241100x80000000000000003914265Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c944f94eded1e4be2022-01-11 12:21:07.086root 11241100x80000000000000003914266Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47c08ffca90411692022-01-11 12:21:07.086root 11241100x80000000000000003914267Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7670b2a51fb4fb8d2022-01-11 12:21:07.086root 11241100x80000000000000003914268Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82ca7f4655bd33182022-01-11 12:21:07.086root 11241100x80000000000000003914269Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf48c536ac94fe902022-01-11 12:21:07.086root 11241100x80000000000000003914270Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1b914e1a79ecf082022-01-11 12:21:07.086root 11241100x80000000000000003914271Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.452e236dbf717e652022-01-11 12:21:07.086root 11241100x80000000000000003914272Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e20c60204893d47d2022-01-11 12:21:07.086root 11241100x80000000000000003914273Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cba1c7146533ebd62022-01-11 12:21:07.086root 11241100x80000000000000003914274Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4355fb95cd2aad9f2022-01-11 12:21:07.086root 11241100x80000000000000003914275Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d11e7a47a199864c2022-01-11 12:21:07.086root 11241100x80000000000000003914276Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e2a3e50eca36c1d2022-01-11 12:21:07.087root 11241100x80000000000000003914277Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.461406a9e8a9b8112022-01-11 12:21:07.087root 11241100x80000000000000003914278Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd58821b3e4e556a2022-01-11 12:21:07.087root 11241100x80000000000000003914279Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8af64301d36977b2022-01-11 12:21:07.087root 11241100x80000000000000003914280Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47af4a36554f0f932022-01-11 12:21:07.087root 11241100x80000000000000003914281Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c25e23f31b06494d2022-01-11 12:21:07.087root 11241100x80000000000000003914282Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c9a7387d5515b1e2022-01-11 12:21:07.583root 11241100x80000000000000003914283Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43dd566b05a497d22022-01-11 12:21:07.584root 11241100x80000000000000003914284Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02ef9e66934888532022-01-11 12:21:07.584root 11241100x80000000000000003914285Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a347a06534254c832022-01-11 12:21:07.584root 11241100x80000000000000003914286Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.290f08ac29dcb8802022-01-11 12:21:07.584root 11241100x80000000000000003914287Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.94ecbe4e153d447b2022-01-11 12:21:07.584root 11241100x80000000000000003914288Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.edbb3f18537db35d2022-01-11 12:21:07.584root 11241100x80000000000000003914289Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:07.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1215c86fde2579812022-01-11 12:21:07.584root 354300x80000000000000003914335Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:16.043{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56314-false10.0.1.12-8000- 11241100x80000000000000003914336Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:16.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d0263abc7cfd8f32022-01-11 12:21:16.333root 11241100x80000000000000003914337Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:16.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.435801d652f25f6b2022-01-11 12:21:16.833root 11241100x80000000000000003914338Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:17.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6eb455ebfe0c45d2022-01-11 12:21:17.333root 11241100x80000000000000003914339Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:17.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce06c0ed44ef79312022-01-11 12:21:17.833root 11241100x80000000000000003914340Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:18.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba6ea6fccb874b8b2022-01-11 12:21:18.333root 11241100x80000000000000003914341Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:18.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc6dcdc2772cc8512022-01-11 12:21:18.833root 11241100x80000000000000003914342Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:19.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3ad1693d587bd9e2022-01-11 12:21:19.333root 11241100x80000000000000003914343Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:19.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1fb9350c27c4ea912022-01-11 12:21:19.833root 11241100x80000000000000003914344Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:20.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.832043e19276db752022-01-11 12:21:20.333root 11241100x80000000000000003914345Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:20.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3adbb823c367cee52022-01-11 12:21:20.833root 354300x80000000000000003914346Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:21.175{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56316-false10.0.1.12-8000- 11241100x80000000000000003914347Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:21.176{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2954a193cd1ca86f2022-01-11 12:21:21.176root 11241100x80000000000000003914348Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:21.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.025b91adfc5ad2e22022-01-11 12:21:21.583root 11241100x80000000000000003914349Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:21.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1dbd48b198103982022-01-11 12:21:21.583root 11241100x80000000000000003914350Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:22.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.186e24424bd1d9af2022-01-11 12:21:22.083root 11241100x80000000000000003914351Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:22.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.198ac32f163272732022-01-11 12:21:22.083root 11241100x80000000000000003914352Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:22.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc4c025800d2d87b2022-01-11 12:21:22.583root 11241100x80000000000000003914353Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:22.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51c88fb41bf65dca2022-01-11 12:21:22.583root 11241100x80000000000000003914354Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:23.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b11f83b150e893842022-01-11 12:21:23.083root 11241100x80000000000000003914355Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:23.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f11cbfe2fcac4b972022-01-11 12:21:23.083root 11241100x80000000000000003914356Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:23.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11437d890e4916932022-01-11 12:21:23.583root 11241100x80000000000000003914357Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:23.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be26e50fefe0b6022022-01-11 12:21:23.583root 11241100x80000000000000003914358Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:24.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.faceb435e6c8e5842022-01-11 12:21:24.083root 11241100x80000000000000003914359Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:24.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.60c20c91b7da820b2022-01-11 12:21:24.083root 11241100x80000000000000003914360Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:24.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de315c0515caea212022-01-11 12:21:24.583root 11241100x80000000000000003914361Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:24.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf6dad6cdbf900a32022-01-11 12:21:24.583root 11241100x80000000000000003914362Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:24.894{ec2d504d-f0f9-61db-30a8-2a40f5550000}5391/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log2022-01-11 12:21:24.894root 11241100x80000000000000003914363Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:24.895{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.29ba6838e00c34d82022-01-11 12:21:24.895root 11241100x80000000000000003914364Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:24.895{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb19503818deb0fe2022-01-11 12:21:24.895root 354300x80000000000000003914365Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:24.956{ec2d504d-f0f9-61db-30a8-2a40f5550000}5391/opt/splunkforwarder/bin/splunkdroottcptruefalse10.0.1.25-34250-false10.0.1.12-8089- 11241100x80000000000000003914366Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:25.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be6330e2b69bd8f42022-01-11 12:21:25.333root 11241100x80000000000000003914367Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:25.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08538af387c816c52022-01-11 12:21:25.333root 11241100x80000000000000003914368Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:25.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23215bef3adcb9c72022-01-11 12:21:25.333root 11241100x80000000000000003914369Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:25.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed58a195afdd36282022-01-11 12:21:25.333root 11241100x80000000000000003914370Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:25.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b6ff3c0ff6c28162022-01-11 12:21:25.833root 11241100x80000000000000003914371Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:25.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6502c2a11dbb60b92022-01-11 12:21:25.833root 11241100x80000000000000003914372Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:25.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc4a226c90fe61862022-01-11 12:21:25.833root 11241100x80000000000000003914373Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:25.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1c0175efe7aa1852022-01-11 12:21:25.833root 11241100x80000000000000003914374Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:26.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a353dffda9d5b392022-01-11 12:21:26.333root 11241100x80000000000000003914375Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:26.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1cb95db4053df032022-01-11 12:21:26.333root 11241100x80000000000000003914376Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:26.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de62ce049c5839c32022-01-11 12:21:26.333root 11241100x80000000000000003914377Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:26.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d418c166041158192022-01-11 12:21:26.333root 11241100x80000000000000003914378Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:26.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.973b2c22ac6feca42022-01-11 12:21:26.833root 11241100x80000000000000003914379Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:26.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b29bda005d5a496b2022-01-11 12:21:26.833root 11241100x80000000000000003914380Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:26.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.684997e76622c0d02022-01-11 12:21:26.833root 11241100x80000000000000003914381Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:26.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.426fdfed1499ab2c2022-01-11 12:21:26.833root 354300x80000000000000003914382Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:27.169{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56320-false10.0.1.12-8000- 11241100x80000000000000003914383Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:27.169{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e3dc60753e660482022-01-11 12:21:27.169root 11241100x80000000000000003914384Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:27.169{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be581ed76049e9182022-01-11 12:21:27.169root 11241100x80000000000000003914385Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:27.170{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df0ef03389048e3a2022-01-11 12:21:27.170root 11241100x80000000000000003914386Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:27.170{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.add41d3d6e8881dd2022-01-11 12:21:27.170root 11241100x80000000000000003914387Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:27.170{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f36592ad74ac35492022-01-11 12:21:27.170root 11241100x80000000000000003914388Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:27.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25e8fd5f9954cacf2022-01-11 12:21:27.583root 11241100x80000000000000003914389Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:27.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e6106ef1bbd07c12022-01-11 12:21:27.583root 11241100x80000000000000003914390Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:27.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ceb2f65bc1090da62022-01-11 12:21:27.583root 11241100x80000000000000003914391Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:27.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1078b76c86fb06102022-01-11 12:21:27.583root 11241100x80000000000000003914392Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:27.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b29318e488b4ccc22022-01-11 12:21:27.584root 23542300x80000000000000003914393Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:27.895{ec2d504d-f0f9-61db-30a8-2a40f5550000}5391root/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log--- 11241100x80000000000000003914394Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:27.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2c53b28bae1a5a52022-01-11 12:21:27.896root 11241100x80000000000000003914395Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:27.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54395f622e6a1e0a2022-01-11 12:21:27.896root 11241100x80000000000000003914396Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:27.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aacfdc688740230d2022-01-11 12:21:27.896root 11241100x80000000000000003914397Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:27.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.419b642d777a5dbc2022-01-11 12:21:27.897root 11241100x80000000000000003914398Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:27.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf0cff72beb255e12022-01-11 12:21:27.897root 11241100x80000000000000003914399Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:27.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d9f212b496e0f8c2022-01-11 12:21:27.898root 11241100x80000000000000003914400Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:28.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.27e07413032336f82022-01-11 12:21:28.333root 11241100x80000000000000003914401Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.600784c72a30a4682022-01-11 12:21:28.334root 11241100x80000000000000003914402Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f5f12293f8da467f2022-01-11 12:21:28.334root 11241100x80000000000000003914403Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9358b1cbff61ca42022-01-11 12:21:28.334root 11241100x80000000000000003914404Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7dd2e621a5d135542022-01-11 12:21:28.334root 11241100x80000000000000003914405Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:28.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f2983f8a8d648672022-01-11 12:21:28.335root 11241100x80000000000000003914406Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:28.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba6b86a75eae34432022-01-11 12:21:28.833root 11241100x80000000000000003914407Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:28.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eba582e825d27eb12022-01-11 12:21:28.833root 11241100x80000000000000003914408Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:28.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.856d49cd646c7a182022-01-11 12:21:28.833root 11241100x80000000000000003914409Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:28.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.076e835d45313fd12022-01-11 12:21:28.833root 11241100x80000000000000003914410Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:28.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6bc4435ccaf691202022-01-11 12:21:28.833root 11241100x80000000000000003914411Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:28.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1ba561aa929ca702022-01-11 12:21:28.834root 11241100x80000000000000003914412Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:29.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6c639408e8ec7d62022-01-11 12:21:29.333root 11241100x80000000000000003914413Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:29.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ac8f8d9879a9b252022-01-11 12:21:29.333root 11241100x80000000000000003914414Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:29.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5810b745f2a4cf2d2022-01-11 12:21:29.333root 11241100x80000000000000003914415Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:29.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.29d450490dcdf2342022-01-11 12:21:29.333root 11241100x80000000000000003914416Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:29.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e25d8c1568fb823d2022-01-11 12:21:29.333root 11241100x80000000000000003914417Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:29.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c3b87379685fda92022-01-11 12:21:29.334root 11241100x80000000000000003914418Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:29.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83737e2514ef79932022-01-11 12:21:29.833root 11241100x80000000000000003914419Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:29.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dccab1739b8ae65c2022-01-11 12:21:29.833root 11241100x80000000000000003914420Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:29.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.339f7cefe4294eec2022-01-11 12:21:29.834root 11241100x80000000000000003914421Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:29.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e7da99ece641e402022-01-11 12:21:29.834root 11241100x80000000000000003914422Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:29.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f8b3db112ff0b042022-01-11 12:21:29.834root 11241100x80000000000000003914423Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:29.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0532d16d3a788c2e2022-01-11 12:21:29.834root 11241100x80000000000000003914424Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:30.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c04d151714046572022-01-11 12:21:30.333root 11241100x80000000000000003914425Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:30.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.944e6f34f8e632182022-01-11 12:21:30.333root 11241100x80000000000000003914426Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:30.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e85efc56a97282552022-01-11 12:21:30.333root 11241100x80000000000000003914427Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:30.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d4f1ac05c2790fa2022-01-11 12:21:30.333root 11241100x80000000000000003914428Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:30.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33f72f8da27195042022-01-11 12:21:30.334root 11241100x80000000000000003914429Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:30.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.85b278bf9fbd66f12022-01-11 12:21:30.334root 11241100x80000000000000003914430Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:30.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bfadb4ee89f632e92022-01-11 12:21:30.833root 11241100x80000000000000003914431Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:30.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f7d53727587f66b2022-01-11 12:21:30.833root 11241100x80000000000000003914432Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:30.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0fa5d5dcd64e8542022-01-11 12:21:30.834root 11241100x80000000000000003914433Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:30.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc07a1270799f9a32022-01-11 12:21:30.834root 11241100x80000000000000003914434Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:30.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e5bc71cc046ed8ae2022-01-11 12:21:30.834root 11241100x80000000000000003914435Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:30.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22fc379046c793122022-01-11 12:21:30.834root 11241100x80000000000000003914436Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:31.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d04f0e225c516f092022-01-11 12:21:31.333root 11241100x80000000000000003914437Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:31.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d08393aa0157561d2022-01-11 12:21:31.333root 11241100x80000000000000003914438Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:31.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ef0769f0e8ae6532022-01-11 12:21:31.333root 11241100x80000000000000003914439Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:31.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54347b76f1afa6bd2022-01-11 12:21:31.334root 11241100x80000000000000003914440Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:31.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f372cb10da7701a2022-01-11 12:21:31.334root 11241100x80000000000000003914441Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:31.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f66329e05869c2a42022-01-11 12:21:31.334root 11241100x80000000000000003914442Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:31.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c3640d62cb8200e42022-01-11 12:21:31.833root 11241100x80000000000000003914443Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:31.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.feb172d51396ba9b2022-01-11 12:21:31.833root 11241100x80000000000000003914444Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:31.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96cc84ff79c3cc402022-01-11 12:21:31.833root 11241100x80000000000000003914445Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:31.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18cc566ebc5aeba22022-01-11 12:21:31.833root 11241100x80000000000000003914446Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:31.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eae33febac45f75b2022-01-11 12:21:31.834root 11241100x80000000000000003914447Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:31.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e0379902b9fa81d2022-01-11 12:21:31.834root 11241100x80000000000000003914448Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:32.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89b557d2eaf8b6d92022-01-11 12:21:32.333root 11241100x80000000000000003914449Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:32.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6bfb7d1d23c305d2022-01-11 12:21:32.333root 11241100x80000000000000003914450Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:32.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ebd3b86d5be99fd2022-01-11 12:21:32.333root 11241100x80000000000000003914451Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:32.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8901e8901beed7732022-01-11 12:21:32.333root 11241100x80000000000000003914452Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:32.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.849371288a21f69d2022-01-11 12:21:32.333root 11241100x80000000000000003914453Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:32.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9653f27c8ff167392022-01-11 12:21:32.334root 11241100x80000000000000003914454Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:32.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0c65a7553fa348a2022-01-11 12:21:32.833root 11241100x80000000000000003914455Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:32.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e2d84912a9a9f802022-01-11 12:21:32.833root 11241100x80000000000000003914456Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:32.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf9f9a4b3dda21812022-01-11 12:21:32.833root 11241100x80000000000000003914457Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:32.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bdb8bd6792465f7b2022-01-11 12:21:32.833root 11241100x80000000000000003914458Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:32.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.112bcbf6d44d6ef32022-01-11 12:21:32.834root 11241100x80000000000000003914459Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:32.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4df2f509621451352022-01-11 12:21:32.834root 354300x80000000000000003914460Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:33.035{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56322-false10.0.1.12-8000- 11241100x80000000000000003914461Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:33.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5186666f9b5a5c8e2022-01-11 12:21:33.333root 11241100x80000000000000003914462Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:33.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3aa520d329c216732022-01-11 12:21:33.333root 11241100x80000000000000003914463Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:33.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9dcdb858c8f3df8c2022-01-11 12:21:33.334root 11241100x80000000000000003914464Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:33.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c219d38e68056d9f2022-01-11 12:21:33.334root 11241100x80000000000000003914465Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:33.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0882456ecb957d4c2022-01-11 12:21:33.334root 11241100x80000000000000003914466Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:33.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8927aad272680aa72022-01-11 12:21:33.334root 11241100x80000000000000003914467Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:33.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a13c248989f3ea302022-01-11 12:21:33.334root 11241100x80000000000000003914468Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:33.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b65e958b0bc02ea62022-01-11 12:21:33.833root 11241100x80000000000000003914469Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:33.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80d40f91895de3302022-01-11 12:21:33.833root 11241100x80000000000000003914470Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:33.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00a67c325a46e8f82022-01-11 12:21:33.833root 11241100x80000000000000003914471Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:33.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d448dad7fafb92852022-01-11 12:21:33.833root 11241100x80000000000000003914472Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:33.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37031a1b18db28e32022-01-11 12:21:33.834root 11241100x80000000000000003914473Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:33.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b08a1b693ae8f3d2022-01-11 12:21:33.834root 11241100x80000000000000003914474Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:33.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d578299c413cdc632022-01-11 12:21:33.834root 11241100x80000000000000003914475Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:34.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fecc19d42d850b752022-01-11 12:21:34.333root 11241100x80000000000000003914476Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:34.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a85c112284b57c62022-01-11 12:21:34.333root 11241100x80000000000000003914477Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:34.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1413aee45d06d402022-01-11 12:21:34.333root 11241100x80000000000000003914478Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:34.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b68d447f4ac4dd92022-01-11 12:21:34.333root 11241100x80000000000000003914479Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:34.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76e46ee5ee7d88ae2022-01-11 12:21:34.334root 11241100x80000000000000003914480Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:34.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2aeec5e1844906252022-01-11 12:21:34.334root 11241100x80000000000000003914481Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:34.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.64730e7e90fdee3e2022-01-11 12:21:34.334root 11241100x80000000000000003914482Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:34.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9619b2be459b666b2022-01-11 12:21:34.833root 11241100x80000000000000003914483Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:34.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.723da1427d0cfdf02022-01-11 12:21:34.833root 11241100x80000000000000003914484Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:34.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ab1d81bccc83b392022-01-11 12:21:34.833root 11241100x80000000000000003914485Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:34.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ac4c7f41db055f92022-01-11 12:21:34.833root 11241100x80000000000000003914486Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:34.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06860b2c82ac15092022-01-11 12:21:34.834root 11241100x80000000000000003914487Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:34.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.327f1ae10a5f48db2022-01-11 12:21:34.834root 11241100x80000000000000003914488Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:34.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3cb93445b7b4d9132022-01-11 12:21:34.834root 11241100x80000000000000003914489Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:35.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6088f00e53d43f902022-01-11 12:21:35.333root 11241100x80000000000000003914490Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:35.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56b50d2aa57094e42022-01-11 12:21:35.333root 11241100x80000000000000003914491Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:35.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f61e080f029cb3af2022-01-11 12:21:35.333root 11241100x80000000000000003914492Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:35.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ebdd2ab21ba18e62022-01-11 12:21:35.334root 11241100x80000000000000003914493Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:35.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c9136ebd71147e42022-01-11 12:21:35.334root 11241100x80000000000000003914494Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:35.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88f504e339ca56f72022-01-11 12:21:35.334root 11241100x80000000000000003914495Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:35.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a74d5fd812f9e1d92022-01-11 12:21:35.334root 11241100x80000000000000003914496Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:35.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef58bda955f478c02022-01-11 12:21:35.833root 11241100x80000000000000003914497Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:35.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.271d7de3542879302022-01-11 12:21:35.833root 11241100x80000000000000003914498Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:35.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0f4fe3608234b8a2022-01-11 12:21:35.833root 11241100x80000000000000003914499Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:35.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0887afbabf9d5d12022-01-11 12:21:35.833root 11241100x80000000000000003914500Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:35.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec4a9f50bfd400ce2022-01-11 12:21:35.833root 11241100x80000000000000003914501Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:35.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.92d22ba9f76023a22022-01-11 12:21:35.834root 11241100x80000000000000003914502Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:35.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.123f1fc521fca1732022-01-11 12:21:35.834root 11241100x80000000000000003914503Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:36.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6881e2ec7c7ffb532022-01-11 12:21:36.333root 11241100x80000000000000003914504Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:36.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c525396960cd4d242022-01-11 12:21:36.333root 11241100x80000000000000003914505Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:36.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a505660e5cea6152022-01-11 12:21:36.333root 11241100x80000000000000003914506Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:36.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91660a3e1ef14c0d2022-01-11 12:21:36.334root 11241100x80000000000000003914507Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:36.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d087958ea78800432022-01-11 12:21:36.334root 11241100x80000000000000003914508Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:36.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.913d6e0f34eebc0d2022-01-11 12:21:36.334root 11241100x80000000000000003914509Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:36.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2284ca40b38de6642022-01-11 12:21:36.334root 11241100x80000000000000003914510Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:36.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c0958f2e104de332022-01-11 12:21:36.833root 11241100x80000000000000003914511Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:36.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a387d6213924f3202022-01-11 12:21:36.833root 11241100x80000000000000003914512Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:36.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b53d34e3feae9132022-01-11 12:21:36.833root 11241100x80000000000000003914513Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:36.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.378272dbeb2eda292022-01-11 12:21:36.834root 11241100x80000000000000003914514Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:36.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7dfbac5ab26a0c92022-01-11 12:21:36.834root 11241100x80000000000000003914515Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:36.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4abcd1846ed7c22c2022-01-11 12:21:36.834root 11241100x80000000000000003914516Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:36.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a5cc9d10202f3312022-01-11 12:21:36.834root 11241100x80000000000000003914517Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:37.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f74e4beab9e59d7b2022-01-11 12:21:37.333root 11241100x80000000000000003914518Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:37.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d7ef178a03b6c4d2022-01-11 12:21:37.333root 11241100x80000000000000003914519Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:37.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11974ecbb4e2819b2022-01-11 12:21:37.334root 11241100x80000000000000003914520Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:37.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81f6f713086bf45b2022-01-11 12:21:37.334root 11241100x80000000000000003914521Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:37.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.787bb49a528497682022-01-11 12:21:37.334root 11241100x80000000000000003914522Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:37.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88a25d1294154bb62022-01-11 12:21:37.334root 11241100x80000000000000003914523Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:37.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff0928ba53e79b472022-01-11 12:21:37.334root 11241100x80000000000000003914524Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:37.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.884bf2ca948e302b2022-01-11 12:21:37.833root 11241100x80000000000000003914525Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:37.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1d4304c146a56362022-01-11 12:21:37.833root 11241100x80000000000000003914526Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:37.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12da7275b58e8bea2022-01-11 12:21:37.834root 11241100x80000000000000003914527Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:37.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9887e348969c6ad2022-01-11 12:21:37.834root 11241100x80000000000000003914528Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:37.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01675dfb156d1e812022-01-11 12:21:37.834root 11241100x80000000000000003914529Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:37.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa2775a90e1a04522022-01-11 12:21:37.834root 11241100x80000000000000003914530Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:37.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47168caea89576332022-01-11 12:21:37.834root 354300x80000000000000003914531Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:38.155{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56324-false10.0.1.12-8000- 11241100x80000000000000003914532Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:38.156{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d812371eb8bd97972022-01-11 12:21:38.156root 11241100x80000000000000003914533Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:38.156{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f908e6c3076b5e4c2022-01-11 12:21:38.156root 11241100x80000000000000003914534Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:38.156{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.547142171db0707a2022-01-11 12:21:38.156root 11241100x80000000000000003914535Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:38.156{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72a69815196ca0bd2022-01-11 12:21:38.156root 11241100x80000000000000003914536Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:38.156{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c998ee956d28b60e2022-01-11 12:21:38.156root 11241100x80000000000000003914537Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:38.156{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6dd06302c17982f2022-01-11 12:21:38.156root 11241100x80000000000000003914538Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:38.156{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a3fa6c7ec34e30f2022-01-11 12:21:38.156root 11241100x80000000000000003914539Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:38.156{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e1fbbac79be36662022-01-11 12:21:38.156root 11241100x80000000000000003914540Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:38.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9761f1f5718327412022-01-11 12:21:38.583root 11241100x80000000000000003914541Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:38.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d6c1b24254f68772022-01-11 12:21:38.583root 11241100x80000000000000003914542Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:38.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2665299ca6570c952022-01-11 12:21:38.583root 11241100x80000000000000003914543Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:38.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc210159079282ab2022-01-11 12:21:38.583root 11241100x80000000000000003914544Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:38.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41dfeaee040891b82022-01-11 12:21:38.583root 11241100x80000000000000003914545Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:38.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15da0d1861efa77d2022-01-11 12:21:38.584root 11241100x80000000000000003914546Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:38.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1591071e27ab4102022-01-11 12:21:38.584root 11241100x80000000000000003914547Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:38.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01506f821b1f53a52022-01-11 12:21:38.584root 11241100x80000000000000003914548Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:39.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a68c0d56405099542022-01-11 12:21:39.083root 11241100x80000000000000003914549Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:39.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.faeef412c34dd58d2022-01-11 12:21:39.083root 11241100x80000000000000003914550Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:39.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25f0e9d445c9a8f32022-01-11 12:21:39.083root 11241100x80000000000000003914551Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:39.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.877276b2212e8fce2022-01-11 12:21:39.083root 11241100x80000000000000003914552Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6415e1bf52d6b6b2022-01-11 12:21:39.084root 11241100x80000000000000003914553Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.111b72a7c9407bed2022-01-11 12:21:39.084root 11241100x80000000000000003914554Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f714c81d9663b40e2022-01-11 12:21:39.084root 11241100x80000000000000003914555Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb9fab164aafef7a2022-01-11 12:21:39.084root 11241100x80000000000000003914556Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:39.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca0c70bba3692b1e2022-01-11 12:21:39.583root 11241100x80000000000000003914557Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:39.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf014219419a73bd2022-01-11 12:21:39.583root 11241100x80000000000000003914558Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:39.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57779cd0135b2d3a2022-01-11 12:21:39.583root 11241100x80000000000000003914559Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:39.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c3b0a63ee0620242022-01-11 12:21:39.584root 11241100x80000000000000003914560Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:39.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2589929a395aefc2022-01-11 12:21:39.584root 11241100x80000000000000003914561Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:39.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06b93e91a9d2685c2022-01-11 12:21:39.584root 11241100x80000000000000003914562Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:39.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a97f8a084c9b5762022-01-11 12:21:39.584root 11241100x80000000000000003914563Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:39.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e828851bd69ff032022-01-11 12:21:39.584root 11241100x80000000000000003914564Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:40.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e628273c34e45352022-01-11 12:21:40.083root 11241100x80000000000000003914565Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:40.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8dd70adc36b2f3ce2022-01-11 12:21:40.083root 11241100x80000000000000003914566Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:40.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dafe44bc1d5525392022-01-11 12:21:40.084root 11241100x80000000000000003914567Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:40.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f8d574fa46cc4612022-01-11 12:21:40.084root 11241100x80000000000000003914568Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:40.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b48d42cbe2de89842022-01-11 12:21:40.084root 11241100x80000000000000003914569Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:40.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0b0abad43842b5b2022-01-11 12:21:40.084root 11241100x80000000000000003914570Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:40.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6070b3f156998aaf2022-01-11 12:21:40.084root 11241100x80000000000000003914571Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:40.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba7fd9527cf7761b2022-01-11 12:21:40.084root 11241100x80000000000000003914572Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:40.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6189ac827585b0192022-01-11 12:21:40.583root 11241100x80000000000000003914573Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:40.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b927001ce1a324bd2022-01-11 12:21:40.583root 11241100x80000000000000003914574Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:40.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fdbc6498357f8322022-01-11 12:21:40.584root 11241100x80000000000000003914575Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:40.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63d2139565d397a82022-01-11 12:21:40.584root 11241100x80000000000000003914576Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:40.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.922f9990790148b42022-01-11 12:21:40.584root 11241100x80000000000000003914577Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:40.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f4701622d3a17ca2022-01-11 12:21:40.584root 11241100x80000000000000003914578Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:40.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65b050dd37a30e7a2022-01-11 12:21:40.584root 11241100x80000000000000003914579Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:40.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2a0bbe49cdf320b2022-01-11 12:21:40.584root 11241100x80000000000000003914580Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:41.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7de6717be494b8682022-01-11 12:21:41.084root 11241100x80000000000000003914581Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:41.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.052ea457823fbb282022-01-11 12:21:41.084root 11241100x80000000000000003914582Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:41.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a48c34c7b0b608942022-01-11 12:21:41.084root 11241100x80000000000000003914583Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:41.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b911c959140275712022-01-11 12:21:41.084root 11241100x80000000000000003914584Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:41.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1dfa9fec7e54a2e72022-01-11 12:21:41.084root 11241100x80000000000000003914585Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:41.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7aaeb93cfcfecf1e2022-01-11 12:21:41.084root 11241100x80000000000000003914586Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:41.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd0f6350ab8666ef2022-01-11 12:21:41.085root 11241100x80000000000000003914587Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:41.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d3dda6e17e4fc5e2022-01-11 12:21:41.085root 11241100x80000000000000003914588Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:41.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc587d78981838c22022-01-11 12:21:41.583root 11241100x80000000000000003914589Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:41.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba80e01e4675536c2022-01-11 12:21:41.583root 11241100x80000000000000003914590Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:41.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97f4481cd64101232022-01-11 12:21:41.584root 11241100x80000000000000003914591Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:41.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a94e84f5b086d4932022-01-11 12:21:41.584root 11241100x80000000000000003914592Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:41.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.125a5ee8731bbf3b2022-01-11 12:21:41.584root 11241100x80000000000000003914593Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:41.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6b2b0967601ef632022-01-11 12:21:41.584root 11241100x80000000000000003914594Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:41.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.880a57634bae952f2022-01-11 12:21:41.584root 11241100x80000000000000003914595Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:41.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9015aa80c6602ab2022-01-11 12:21:41.584root 11241100x80000000000000003914596Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:42.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1468a90d0a271e3d2022-01-11 12:21:42.083root 11241100x80000000000000003914597Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:42.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e1be5dcd3f4b0152022-01-11 12:21:42.083root 11241100x80000000000000003914598Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:42.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c50750d42e812ca02022-01-11 12:21:42.084root 11241100x80000000000000003914599Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:42.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.741bb5b4ead0c5182022-01-11 12:21:42.084root 11241100x80000000000000003914600Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:42.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6994b66193756302022-01-11 12:21:42.084root 11241100x80000000000000003914601Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:42.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f23af767b721f662022-01-11 12:21:42.084root 11241100x80000000000000003914602Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:42.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3607acac14bffbca2022-01-11 12:21:42.084root 11241100x80000000000000003914603Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:42.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.964c6ec168cd17d32022-01-11 12:21:42.084root 11241100x80000000000000003914604Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:42.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.355c30c48108979a2022-01-11 12:21:42.583root 11241100x80000000000000003914605Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:42.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.894fc1a8465467202022-01-11 12:21:42.583root 11241100x80000000000000003914606Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:42.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.779c90b570f7717f2022-01-11 12:21:42.583root 11241100x80000000000000003914607Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:42.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1147e72a82c5d9d12022-01-11 12:21:42.583root 11241100x80000000000000003914608Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:42.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee32f04e62b68ee22022-01-11 12:21:42.583root 11241100x80000000000000003914609Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:42.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0783b902f92fa6d22022-01-11 12:21:42.584root 11241100x80000000000000003914610Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:42.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6980f2c9e9371d82022-01-11 12:21:42.584root 11241100x80000000000000003914611Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:42.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67c7cd96193fbaa32022-01-11 12:21:42.584root 11241100x80000000000000003914612Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:43.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.082b3820587c30b52022-01-11 12:21:43.083root 11241100x80000000000000003914613Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:43.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae590afd23db9c862022-01-11 12:21:43.083root 11241100x80000000000000003914614Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:43.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e84e4b5caff30f72022-01-11 12:21:43.084root 11241100x80000000000000003914615Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:43.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da3ae522197cb3602022-01-11 12:21:43.084root 11241100x80000000000000003914616Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:43.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb9b60a306c496192022-01-11 12:21:43.084root 11241100x80000000000000003914617Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:43.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04a918e622a25e9a2022-01-11 12:21:43.084root 11241100x80000000000000003914618Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:43.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c40906538927db52022-01-11 12:21:43.084root 11241100x80000000000000003914619Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:43.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95b5d0ba5efce0f22022-01-11 12:21:43.084root 354300x80000000000000003914620Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:43.222{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56326-false10.0.1.12-8000- 154100x80000000000000003914621Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:43.492{ec2d504d-7657-61dd-6894-3fff47560000}9861/bin/ps-----ps -e -o pid,ppid,state,command/var/snap/amazon-ssm-agent/4046root{ec2d504d-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}2402--- 11241100x80000000000000003914622Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:43.493{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cef45ef11cfd3f6f2022-01-11 12:21:43.493root 11241100x80000000000000003914623Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:43.493{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0fe5ec31c1bb5b422022-01-11 12:21:43.493root 11241100x80000000000000003914624Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:43.493{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e290d882a82b3ce52022-01-11 12:21:43.493root 11241100x80000000000000003914625Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:43.493{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.401d821e9af820ed2022-01-11 12:21:43.493root 11241100x80000000000000003914626Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:43.493{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e23acd550d4e9e082022-01-11 12:21:43.493root 11241100x80000000000000003914627Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:43.493{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.94e2f345b2cff3c72022-01-11 12:21:43.493root 11241100x80000000000000003914628Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:43.493{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a53dff1291b73e692022-01-11 12:21:43.493root 11241100x80000000000000003914629Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:43.494{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5bf0fc6d3d7fede2022-01-11 12:21:43.494root 11241100x80000000000000003914630Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:43.494{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.965f0172d93320392022-01-11 12:21:43.494root 11241100x80000000000000003914631Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:43.494{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.07eecab89dbd58d22022-01-11 12:21:43.494root 534500x80000000000000003914632Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:43.503{ec2d504d-7657-61dd-6894-3fff47560000}9861/bin/psroot 11241100x80000000000000003914633Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:43.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cbcac2092fc47dbd2022-01-11 12:21:43.833root 11241100x80000000000000003914634Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:43.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d0ac869016e955112022-01-11 12:21:43.834root 11241100x80000000000000003914635Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:43.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eeeba4a579e2b04a2022-01-11 12:21:43.834root 11241100x80000000000000003914636Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:43.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a3a0bedcae47c152022-01-11 12:21:43.834root 11241100x80000000000000003914637Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:43.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7366b0252bfeb4d2022-01-11 12:21:43.834root 11241100x80000000000000003914638Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:43.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11681d19e745d38e2022-01-11 12:21:43.834root 11241100x80000000000000003914639Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:43.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91378f228c8685392022-01-11 12:21:43.834root 11241100x80000000000000003914640Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:43.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.603fcee48a9358bc2022-01-11 12:21:43.834root 11241100x80000000000000003914641Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:43.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.189b1620a2da13c72022-01-11 12:21:43.834root 11241100x80000000000000003914642Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:43.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.373e48245ee9ee782022-01-11 12:21:43.834root 11241100x80000000000000003914643Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:43.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d88a4c7345355b82022-01-11 12:21:43.834root 11241100x80000000000000003914644Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:44.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.535dd04a026b66122022-01-11 12:21:44.333root 11241100x80000000000000003914645Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:44.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f1a733c29ae57452022-01-11 12:21:44.334root 11241100x80000000000000003914646Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:44.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cbe1878149f756dc2022-01-11 12:21:44.334root 11241100x80000000000000003914647Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:44.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22db05b385285dce2022-01-11 12:21:44.334root 11241100x80000000000000003914648Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:44.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56f5c9b6970f368a2022-01-11 12:21:44.334root 11241100x80000000000000003914649Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:44.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37422a911ad81da72022-01-11 12:21:44.334root 11241100x80000000000000003914650Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:44.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.812cdf4df3b9ebc72022-01-11 12:21:44.334root 11241100x80000000000000003914651Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:44.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f970812fedb98ce2022-01-11 12:21:44.334root 11241100x80000000000000003914652Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:44.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1034f5f6575c8212022-01-11 12:21:44.334root 11241100x80000000000000003914653Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:44.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.714bf71fbfaa9a692022-01-11 12:21:44.334root 11241100x80000000000000003914654Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:44.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1fb20ec1522b0ba2022-01-11 12:21:44.334root 11241100x80000000000000003914655Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:44.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2121ba252f3d4e52022-01-11 12:21:44.833root 11241100x80000000000000003914656Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:44.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4d79f17f17d602bb2022-01-11 12:21:44.834root 11241100x80000000000000003914657Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:44.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1aeac73303bfc0622022-01-11 12:21:44.834root 11241100x80000000000000003914658Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:44.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91834bfe694b0d372022-01-11 12:21:44.834root 11241100x80000000000000003914659Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:44.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1e04d48318057d22022-01-11 12:21:44.834root 11241100x80000000000000003914660Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:44.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.13ef06df373604b82022-01-11 12:21:44.834root 11241100x80000000000000003914661Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:44.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6dcd0fe5ce6b34172022-01-11 12:21:44.834root 11241100x80000000000000003914662Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:44.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1c31947cc270e352022-01-11 12:21:44.834root 11241100x80000000000000003914663Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:44.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1df303ee9ccacd02022-01-11 12:21:44.834root 11241100x80000000000000003914664Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:44.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.972d6fd4f8c9fe8f2022-01-11 12:21:44.834root 11241100x80000000000000003914665Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:44.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb0d00159b6334322022-01-11 12:21:44.834root 11241100x80000000000000003914666Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:45.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53879414f65a44eb2022-01-11 12:21:45.335root 11241100x80000000000000003914667Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:45.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20e2c6dbda2ccc2d2022-01-11 12:21:45.336root 11241100x80000000000000003914668Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:45.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1142c303f50ff03d2022-01-11 12:21:45.336root 11241100x80000000000000003914669Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:45.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6d17baf92ca37182022-01-11 12:21:45.336root 11241100x80000000000000003914670Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:45.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6fc88f3cff8c7762022-01-11 12:21:45.336root 11241100x80000000000000003914671Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:45.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f1c0924a15dcc582022-01-11 12:21:45.336root 11241100x80000000000000003914672Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:45.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e822079af389a1122022-01-11 12:21:45.336root 11241100x80000000000000003914673Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:45.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.adade8551dfc9f5e2022-01-11 12:21:45.336root 11241100x80000000000000003914674Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:45.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.218a9c0e3a9aafd92022-01-11 12:21:45.336root 11241100x80000000000000003914675Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:45.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79a840006ec5f9be2022-01-11 12:21:45.336root 11241100x80000000000000003914676Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:45.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d0cdda85d9ddec172022-01-11 12:21:45.336root 11241100x80000000000000003914677Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:45.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba4f0e260bbb7e592022-01-11 12:21:45.834root 11241100x80000000000000003914678Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:45.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c9c737da7ad07332022-01-11 12:21:45.834root 11241100x80000000000000003914679Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:45.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b8fcfb7b565b6002022-01-11 12:21:45.834root 11241100x80000000000000003914680Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:45.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2262d7219f9ebcd62022-01-11 12:21:45.834root 11241100x80000000000000003914681Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:45.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.29f4e32d7bf23ad52022-01-11 12:21:45.834root 11241100x80000000000000003914682Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:45.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b560091a7b6374d62022-01-11 12:21:45.834root 11241100x80000000000000003914683Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:45.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.067b2e9a23e5b3122022-01-11 12:21:45.834root 11241100x80000000000000003914684Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:45.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.654e3267a0cb084c2022-01-11 12:21:45.834root 11241100x80000000000000003914685Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:45.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.610f63e0e88d62a92022-01-11 12:21:45.834root 11241100x80000000000000003914686Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:45.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de370919622c88ff2022-01-11 12:21:45.834root 11241100x80000000000000003914687Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:45.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8da66dc344a40f2f2022-01-11 12:21:45.834root 11241100x80000000000000003914688Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:46.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77135e10a2a5848c2022-01-11 12:21:46.333root 11241100x80000000000000003914689Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:46.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c31c8f7fe7c9a752022-01-11 12:21:46.334root 11241100x80000000000000003914690Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:46.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e56444f9ffda5eee2022-01-11 12:21:46.334root 11241100x80000000000000003914691Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:46.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd9b77095e45da952022-01-11 12:21:46.334root 11241100x80000000000000003914692Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:46.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee84011482a82c502022-01-11 12:21:46.334root 11241100x80000000000000003914693Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:46.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62daf186619bea5b2022-01-11 12:21:46.334root 11241100x80000000000000003914694Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:46.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66c33d03ee5631f22022-01-11 12:21:46.334root 11241100x80000000000000003914695Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:46.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f1f65df7d5648652022-01-11 12:21:46.334root 11241100x80000000000000003914696Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:46.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cec4dd5b48c9bf052022-01-11 12:21:46.334root 11241100x80000000000000003914697Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:46.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ffb10b5c974a6a3e2022-01-11 12:21:46.334root 11241100x80000000000000003914698Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:46.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.270d605a6a9f7d782022-01-11 12:21:46.334root 11241100x80000000000000003914699Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:46.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ef3b5c6cdc5f98a2022-01-11 12:21:46.833root 11241100x80000000000000003914700Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:46.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90322756d4e1bdbe2022-01-11 12:21:46.834root 11241100x80000000000000003914701Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:46.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a53249071d43df532022-01-11 12:21:46.834root 11241100x80000000000000003914702Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:46.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e30a2e485b749dd42022-01-11 12:21:46.834root 11241100x80000000000000003914703Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:46.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.606965b8098d29ac2022-01-11 12:21:46.834root 11241100x80000000000000003914704Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:46.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec0dff488e91c8f42022-01-11 12:21:46.834root 11241100x80000000000000003914705Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:46.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00c3b0df9696d7ee2022-01-11 12:21:46.834root 11241100x80000000000000003914706Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:46.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3260f0767165c29e2022-01-11 12:21:46.834root 11241100x80000000000000003914707Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:46.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ecc18110dc9975f92022-01-11 12:21:46.834root 11241100x80000000000000003914708Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:46.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.07870d47b4c0c79e2022-01-11 12:21:46.834root 11241100x80000000000000003914709Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:46.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80d0042ca2e76ab22022-01-11 12:21:46.834root 11241100x80000000000000003914710Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:47.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2849b19be4af9c342022-01-11 12:21:47.333root 11241100x80000000000000003914711Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:47.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eaa9bdc65c773bb92022-01-11 12:21:47.333root 11241100x80000000000000003914712Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:47.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6014b9313577d83a2022-01-11 12:21:47.334root 11241100x80000000000000003914713Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:47.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.faae2a14a868b5ff2022-01-11 12:21:47.334root 11241100x80000000000000003914714Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:47.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac6351de815bdc742022-01-11 12:21:47.334root 11241100x80000000000000003914715Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:47.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5e641cbe77ee3ed2022-01-11 12:21:47.334root 11241100x80000000000000003914716Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:47.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f3c9fc64918add82022-01-11 12:21:47.334root 11241100x80000000000000003914717Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:47.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06faaea951dd6a5a2022-01-11 12:21:47.334root 11241100x80000000000000003914718Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:47.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2f207bf6d4039ec2022-01-11 12:21:47.334root 11241100x80000000000000003914719Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:47.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5427321497bb22bb2022-01-11 12:21:47.334root 11241100x80000000000000003914720Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:47.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a315dbad02f32062022-01-11 12:21:47.334root 11241100x80000000000000003914721Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:47.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6e99f6ee0be4a0e2022-01-11 12:21:47.833root 11241100x80000000000000003914722Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:47.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed567ded956fe4332022-01-11 12:21:47.834root 11241100x80000000000000003914723Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:47.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.352061f77e6eba392022-01-11 12:21:47.834root 11241100x80000000000000003914724Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:47.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.610c6a5a9ba943cf2022-01-11 12:21:47.834root 11241100x80000000000000003914725Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:47.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f3f75df181c1bec2022-01-11 12:21:47.834root 11241100x80000000000000003914726Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:47.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f9c06f371660d332022-01-11 12:21:47.834root 11241100x80000000000000003914727Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:47.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c752dfc5b5c99f952022-01-11 12:21:47.834root 11241100x80000000000000003914728Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:47.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da40b72e8ec838522022-01-11 12:21:47.834root 11241100x80000000000000003914729Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:47.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.048c8e0f7ad619322022-01-11 12:21:47.834root 11241100x80000000000000003914730Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:47.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb28417b2a19c3bb2022-01-11 12:21:47.834root 11241100x80000000000000003914731Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:47.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff9b668b8344753c2022-01-11 12:21:47.834root 11241100x80000000000000003914732Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:48.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89cf01398a1832682022-01-11 12:21:48.333root 11241100x80000000000000003914733Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:48.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b44725c9a208f872022-01-11 12:21:48.334root 11241100x80000000000000003914734Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:48.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74ff80f20f3727ba2022-01-11 12:21:48.334root 11241100x80000000000000003914735Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:48.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2a0b4234349b06a2022-01-11 12:21:48.334root 11241100x80000000000000003914736Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:48.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09680bfcafd58c3e2022-01-11 12:21:48.334root 11241100x80000000000000003914737Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:48.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.991ba23dc9272cac2022-01-11 12:21:48.334root 11241100x80000000000000003914738Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:48.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc91b883c609eaf72022-01-11 12:21:48.334root 11241100x80000000000000003914739Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:48.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a795f120663960562022-01-11 12:21:48.334root 11241100x80000000000000003914740Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:48.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d9bcd265326a5352022-01-11 12:21:48.334root 11241100x80000000000000003914741Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:48.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a574cc683b7fce12022-01-11 12:21:48.334root 11241100x80000000000000003914742Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:48.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f095896ef5992fdf2022-01-11 12:21:48.334root 11241100x80000000000000003914743Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:48.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d006e6d6ccf92ce72022-01-11 12:21:48.834root 11241100x80000000000000003914744Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:48.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33cf98596ecfb9992022-01-11 12:21:48.834root 11241100x80000000000000003914745Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:48.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ecae3309a9d088a2022-01-11 12:21:48.834root 11241100x80000000000000003914746Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:48.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55d419cb11e9a0a72022-01-11 12:21:48.834root 11241100x80000000000000003914747Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:48.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6d91fad152481aa2022-01-11 12:21:48.834root 11241100x80000000000000003914748Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:48.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.28cfa7a667e8f0bc2022-01-11 12:21:48.834root 11241100x80000000000000003914749Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:48.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.59ff5aad7ea0992b2022-01-11 12:21:48.834root 11241100x80000000000000003914750Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:48.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8e3e085551015992022-01-11 12:21:48.834root 11241100x80000000000000003914751Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:48.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c49870bdea078a142022-01-11 12:21:48.835root 11241100x80000000000000003914752Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:48.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1cf3eb6d87d640942022-01-11 12:21:48.835root 11241100x80000000000000003914753Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:48.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8ec7a71df854e202022-01-11 12:21:48.835root 354300x80000000000000003914754Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:49.032{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56328-false10.0.1.12-8000- 11241100x80000000000000003914755Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:49.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3551f048dc7d0392022-01-11 12:21:49.333root 11241100x80000000000000003914756Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:49.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.87e3c3993ac323422022-01-11 12:21:49.334root 11241100x80000000000000003914757Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:49.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b3c7ba006af300d2022-01-11 12:21:49.334root 11241100x80000000000000003914758Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:49.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9763b8b34d50afce2022-01-11 12:21:49.334root 11241100x80000000000000003914759Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:49.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8f556318f7e2bfe2022-01-11 12:21:49.334root 11241100x80000000000000003914760Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:49.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff292a83e33524ea2022-01-11 12:21:49.334root 11241100x80000000000000003914761Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:49.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23ea2a57102b3cde2022-01-11 12:21:49.334root 11241100x80000000000000003914762Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:49.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6a6b4253c92cecd2022-01-11 12:21:49.334root 11241100x80000000000000003914763Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:49.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c6497a1408171cc2022-01-11 12:21:49.334root 11241100x80000000000000003914764Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:49.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42c39a3800c3c0612022-01-11 12:21:49.334root 11241100x80000000000000003914765Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:49.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a6533d6247a9e1c2022-01-11 12:21:49.334root 11241100x80000000000000003914766Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:49.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ad5170a6e36798a2022-01-11 12:21:49.334root 11241100x80000000000000003914767Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:49.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26074b9495255cdb2022-01-11 12:21:49.833root 11241100x80000000000000003914768Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:49.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd650187493788372022-01-11 12:21:49.833root 11241100x80000000000000003914769Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:49.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1eadecf2ed20fa6a2022-01-11 12:21:49.834root 11241100x80000000000000003914770Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:49.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8cf43e5ea12c47f62022-01-11 12:21:49.834root 11241100x80000000000000003914771Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:49.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81058239dbe632ab2022-01-11 12:21:49.834root 11241100x80000000000000003914772Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:49.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47cea9f268b3a95b2022-01-11 12:21:49.834root 11241100x80000000000000003914773Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:49.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5cc09c7d32ca39172022-01-11 12:21:49.834root 11241100x80000000000000003914774Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:49.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9dfd1258f75d8832022-01-11 12:21:49.834root 11241100x80000000000000003914775Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:49.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a7fc5f7089fe0612022-01-11 12:21:49.834root 11241100x80000000000000003914776Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:49.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.869b62ed48a94ab92022-01-11 12:21:49.834root 11241100x80000000000000003914777Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:49.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7fd4a9aa9cfe943f2022-01-11 12:21:49.834root 11241100x80000000000000003914778Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:49.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1acce0b7782b49ab2022-01-11 12:21:49.834root 11241100x80000000000000003914779Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:50.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b03a42fda19a1352022-01-11 12:21:50.333root 11241100x80000000000000003914780Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:50.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6f022908f3038262022-01-11 12:21:50.334root 11241100x80000000000000003914781Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:50.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2b3862e2fc016152022-01-11 12:21:50.334root 11241100x80000000000000003914782Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:50.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ffeca6781862fe1b2022-01-11 12:21:50.334root 11241100x80000000000000003914783Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:50.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44bb152092c32c822022-01-11 12:21:50.334root 11241100x80000000000000003914784Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:50.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21694b19823ca5592022-01-11 12:21:50.334root 11241100x80000000000000003914785Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:50.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef6aafedf7d3ab6c2022-01-11 12:21:50.334root 11241100x80000000000000003914786Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:50.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f12fde0c480c42b2022-01-11 12:21:50.334root 11241100x80000000000000003914787Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:50.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35d66bcd97c9f08a2022-01-11 12:21:50.334root 11241100x80000000000000003914788Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:50.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb4845ae916db9262022-01-11 12:21:50.334root 11241100x80000000000000003914789Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:50.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61b16262fcef4e8e2022-01-11 12:21:50.334root 11241100x80000000000000003914790Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:50.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8b4bab88c6299b62022-01-11 12:21:50.334root 11241100x80000000000000003914791Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:50.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d39636a373bcc5422022-01-11 12:21:50.833root 11241100x80000000000000003914792Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:50.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0be48926b71fd7a2022-01-11 12:21:50.834root 11241100x80000000000000003914793Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:50.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc98dde82361213d2022-01-11 12:21:50.834root 11241100x80000000000000003914794Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:50.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9bd05528c85384582022-01-11 12:21:50.834root 11241100x80000000000000003914795Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:50.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c06b4462d76f7542022-01-11 12:21:50.834root 11241100x80000000000000003914796Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:50.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f21e779f99641652022-01-11 12:21:50.834root 11241100x80000000000000003914797Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:50.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c4dda7b0c3b88402022-01-11 12:21:50.834root 11241100x80000000000000003914798Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:50.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab4604691b6e48012022-01-11 12:21:50.834root 11241100x80000000000000003914799Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:50.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32966fba5ce6c4c32022-01-11 12:21:50.834root 11241100x80000000000000003914800Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:50.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16c184ff9da882662022-01-11 12:21:50.834root 11241100x80000000000000003914801Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:50.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a11830f4194a264f2022-01-11 12:21:50.834root 11241100x80000000000000003914802Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:50.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f863d5e7da99b8c52022-01-11 12:21:50.834root 11241100x80000000000000003914803Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:51.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4273ce96779ec8542022-01-11 12:21:51.333root 11241100x80000000000000003914804Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:51.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91c9a9f2a125d1282022-01-11 12:21:51.333root 11241100x80000000000000003914805Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:51.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b69c02303dd8ebaa2022-01-11 12:21:51.334root 11241100x80000000000000003914806Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:51.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f3943ee748a95652022-01-11 12:21:51.334root 11241100x80000000000000003914807Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:51.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.038480e52d5dd8ca2022-01-11 12:21:51.334root 11241100x80000000000000003914808Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:51.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.512bc026bb38a9182022-01-11 12:21:51.334root 11241100x80000000000000003914809Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:51.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.509960b9a32375622022-01-11 12:21:51.334root 11241100x80000000000000003914810Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:51.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8d837ca30d692d42022-01-11 12:21:51.334root 11241100x80000000000000003914811Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:51.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5bd99d3ea7c5294c2022-01-11 12:21:51.334root 11241100x80000000000000003914812Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:51.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1fbb515526ac30d42022-01-11 12:21:51.335root 11241100x80000000000000003914813Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:51.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5272520d1e5ba4102022-01-11 12:21:51.335root 11241100x80000000000000003914814Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:51.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0573548ef2ee3c952022-01-11 12:21:51.335root 11241100x80000000000000003914815Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:51.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.762c765e60e3897e2022-01-11 12:21:51.833root 11241100x80000000000000003914816Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:51.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.71910b754f5479632022-01-11 12:21:51.834root 11241100x80000000000000003914817Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:51.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae519bee2edb4fe52022-01-11 12:21:51.834root 11241100x80000000000000003914818Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:51.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3baf2630748bb21f2022-01-11 12:21:51.834root 11241100x80000000000000003914819Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:51.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.98b1be924028da902022-01-11 12:21:51.834root 11241100x80000000000000003914820Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:51.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a63aa6b1c28715f2022-01-11 12:21:51.834root 11241100x80000000000000003914821Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:51.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95ada3605fade22f2022-01-11 12:21:51.834root 11241100x80000000000000003914822Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:51.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.967df4047d5a92772022-01-11 12:21:51.835root 11241100x80000000000000003914823Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:51.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53a7f91c6f585b582022-01-11 12:21:51.835root 11241100x80000000000000003914824Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:51.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0add3f7be490fd642022-01-11 12:21:51.835root 11241100x80000000000000003914825Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:51.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1047d0003cb3e5c2022-01-11 12:21:51.835root 11241100x80000000000000003914826Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:51.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.144d588d9a6ee9052022-01-11 12:21:51.835root 11241100x80000000000000003914827Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:52.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df47d5922e4042de2022-01-11 12:21:52.333root 11241100x80000000000000003914828Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:52.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f93f1a4fd47c40a12022-01-11 12:21:52.334root 11241100x80000000000000003914829Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:52.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d95ef81fb45d62e2022-01-11 12:21:52.334root 11241100x80000000000000003914830Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:52.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53316ce7f0efb4422022-01-11 12:21:52.334root 11241100x80000000000000003914831Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:52.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b3b1015ca029c2c2022-01-11 12:21:52.334root 11241100x80000000000000003914832Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:52.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.60d6d87e771079fc2022-01-11 12:21:52.334root 11241100x80000000000000003914833Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:52.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba08fa77e22f87602022-01-11 12:21:52.335root 11241100x80000000000000003914834Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:52.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95eab64ff91e7e3b2022-01-11 12:21:52.335root 11241100x80000000000000003914835Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:52.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49afcf53aacf70c52022-01-11 12:21:52.335root 11241100x80000000000000003914836Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:52.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91910b18080732e92022-01-11 12:21:52.335root 11241100x80000000000000003914837Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:52.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd9f5bf58dea90d12022-01-11 12:21:52.335root 11241100x80000000000000003914838Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:52.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c015e44ff422fbe2022-01-11 12:21:52.335root 11241100x80000000000000003914839Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:52.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0488f2c72da6b7e2022-01-11 12:21:52.833root 11241100x80000000000000003914840Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:52.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47635781752bfa872022-01-11 12:21:52.833root 11241100x80000000000000003914841Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:52.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3bae40ef0ede8db32022-01-11 12:21:52.833root 11241100x80000000000000003914842Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:52.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81f340f99cf929592022-01-11 12:21:52.834root 11241100x80000000000000003914843Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:52.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.85da3bcc13a82b892022-01-11 12:21:52.834root 11241100x80000000000000003914844Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:52.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.835ac5fa98c0b54b2022-01-11 12:21:52.834root 11241100x80000000000000003914845Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:52.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1712bb12a4bcf9d22022-01-11 12:21:52.834root 11241100x80000000000000003914846Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:52.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.090a39b625c690892022-01-11 12:21:52.834root 11241100x80000000000000003914847Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:52.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6cdfeff3cd2fa622022-01-11 12:21:52.834root 11241100x80000000000000003914848Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:52.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfb4f9fa540e142c2022-01-11 12:21:52.834root 11241100x80000000000000003914849Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:52.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.45ab35304ffbf8b12022-01-11 12:21:52.834root 11241100x80000000000000003914850Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:52.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f63c9836fad8b76b2022-01-11 12:21:52.834root 11241100x80000000000000003914851Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:53.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.edfb18f9193e6ff72022-01-11 12:21:53.333root 11241100x80000000000000003914852Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:53.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c451e0a18411f792022-01-11 12:21:53.333root 11241100x80000000000000003914853Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:53.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0682cebb3f32c6542022-01-11 12:21:53.334root 11241100x80000000000000003914854Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:53.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83dc473049900c8e2022-01-11 12:21:53.334root 11241100x80000000000000003914855Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:53.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.613ce36f0cb8e4c02022-01-11 12:21:53.334root 11241100x80000000000000003914856Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:53.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2482c149b04109382022-01-11 12:21:53.334root 11241100x80000000000000003914857Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:53.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.99d5a9b9bc91bba82022-01-11 12:21:53.334root 11241100x80000000000000003914858Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:53.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35f289f9f8d593512022-01-11 12:21:53.334root 11241100x80000000000000003914859Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:53.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d13d61402da0f09c2022-01-11 12:21:53.334root 11241100x80000000000000003914860Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:53.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d7728be315093a02022-01-11 12:21:53.334root 11241100x80000000000000003914861Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:53.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f701ebfd4a9d91d42022-01-11 12:21:53.334root 11241100x80000000000000003914862Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:53.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a0bf2581ee7a1f82022-01-11 12:21:53.334root 11241100x80000000000000003914863Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:53.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f19f71b3e91fb12a2022-01-11 12:21:53.833root 11241100x80000000000000003914864Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:53.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.27d38bad89f3f8b72022-01-11 12:21:53.834root 11241100x80000000000000003914865Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:53.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67db929c1ddbf1952022-01-11 12:21:53.834root 11241100x80000000000000003914866Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:53.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1382a86002cc2f82022-01-11 12:21:53.834root 11241100x80000000000000003914867Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:53.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d1674f0ac7932352022-01-11 12:21:53.834root 11241100x80000000000000003914868Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:53.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e300c1a353402e22022-01-11 12:21:53.834root 11241100x80000000000000003914869Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:53.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b373b7cdec6c01e2022-01-11 12:21:53.834root 11241100x80000000000000003914870Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:53.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa008f60c735ab8a2022-01-11 12:21:53.834root 11241100x80000000000000003914871Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:53.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.570e8a94480a6bf72022-01-11 12:21:53.834root 11241100x80000000000000003914872Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:53.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3bd6e75287c55a9c2022-01-11 12:21:53.834root 11241100x80000000000000003914873Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:53.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.64a86f8ee82a23aa2022-01-11 12:21:53.834root 11241100x80000000000000003914874Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:53.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0180e3cf82d478682022-01-11 12:21:53.834root 11241100x80000000000000003914875Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:54.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f9a07f5ce3a793ad2022-01-11 12:21:54.333root 11241100x80000000000000003914876Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:54.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d942ca7292eb43e2022-01-11 12:21:54.333root 11241100x80000000000000003914877Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:54.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3429f1542f366bf2022-01-11 12:21:54.333root 11241100x80000000000000003914878Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:54.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9fff3805c685a392022-01-11 12:21:54.333root 11241100x80000000000000003914879Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:54.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89c6246b91e1e9ce2022-01-11 12:21:54.333root 11241100x80000000000000003914880Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:54.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63bc385591bdd6872022-01-11 12:21:54.334root 11241100x80000000000000003914881Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:54.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f194fea29b2102102022-01-11 12:21:54.334root 11241100x80000000000000003914882Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:54.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09f41220fb5262032022-01-11 12:21:54.334root 11241100x80000000000000003914883Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:54.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a3507e0fe8ad00e2022-01-11 12:21:54.334root 11241100x80000000000000003914884Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:54.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c62f79edd8e46752022-01-11 12:21:54.334root 11241100x80000000000000003914885Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:54.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb554473936941912022-01-11 12:21:54.334root 11241100x80000000000000003914886Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:54.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f1ac2a4145092762022-01-11 12:21:54.334root 11241100x80000000000000003914887Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:54.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12c29637b40ff9be2022-01-11 12:21:54.833root 11241100x80000000000000003914888Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:54.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.831ee219032d63342022-01-11 12:21:54.833root 11241100x80000000000000003914889Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:54.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90503b95d62b77bb2022-01-11 12:21:54.833root 11241100x80000000000000003914890Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:54.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1272b6cc38bf1a672022-01-11 12:21:54.833root 11241100x80000000000000003914891Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:54.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.abc47507f19593282022-01-11 12:21:54.833root 11241100x80000000000000003914892Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:54.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.07defe158b9858c72022-01-11 12:21:54.834root 11241100x80000000000000003914893Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:54.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a32d7b372cfd58532022-01-11 12:21:54.834root 11241100x80000000000000003914894Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:54.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd6e0aa8b877ba512022-01-11 12:21:54.834root 11241100x80000000000000003914895Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:54.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b8ad11ecf43b971c2022-01-11 12:21:54.834root 11241100x80000000000000003914896Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:54.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7998b87c17708ecc2022-01-11 12:21:54.834root 11241100x80000000000000003914897Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:54.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4055b4dc61f7b5d32022-01-11 12:21:54.834root 11241100x80000000000000003914898Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:54.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.629661c7e7ef9bae2022-01-11 12:21:54.834root 11241100x80000000000000003914899Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:54.894{ec2d504d-f0f9-61db-30a8-2a40f5550000}5391/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log2022-01-11 12:21:54.894root 354300x80000000000000003914900Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:55.029{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56330-false10.0.1.12-8000- 11241100x80000000000000003914901Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0ee57195e1ddcd32022-01-11 12:21:55.334root 11241100x80000000000000003914902Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2cff7a3b39d2d18a2022-01-11 12:21:55.334root 11241100x80000000000000003914903Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.98b4165ee3ddce002022-01-11 12:21:55.334root 11241100x80000000000000003914904Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f70caf117011c40d2022-01-11 12:21:55.334root 11241100x80000000000000003914905Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc85d1fdfc2a58602022-01-11 12:21:55.334root 11241100x80000000000000003914906Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.946d39a7a01625c12022-01-11 12:21:55.334root 11241100x80000000000000003914907Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd13678f8b712dea2022-01-11 12:21:55.334root 11241100x80000000000000003914908Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb3b204d4b17cf9e2022-01-11 12:21:55.334root 11241100x80000000000000003914909Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ea1126da03807c92022-01-11 12:21:55.334root 11241100x80000000000000003914910Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b157fa4d39be51f2022-01-11 12:21:55.334root 11241100x80000000000000003914911Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.64c516ae5a3cf5ef2022-01-11 12:21:55.334root 11241100x80000000000000003914912Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce6b0b0658218c802022-01-11 12:21:55.334root 11241100x80000000000000003914913Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c16b089d7a08b30e2022-01-11 12:21:55.334root 11241100x80000000000000003914914Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:55.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc9089d0fba581832022-01-11 12:21:55.335root 11241100x80000000000000003914915Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:55.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa77b7e68c0b55092022-01-11 12:21:55.833root 11241100x80000000000000003914916Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f7b21804773275672022-01-11 12:21:55.834root 11241100x80000000000000003914917Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c41f0b75407fa34b2022-01-11 12:21:55.834root 11241100x80000000000000003914918Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eac74d32197a78e92022-01-11 12:21:55.834root 11241100x80000000000000003914919Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56002ad0e61dd1f12022-01-11 12:21:55.834root 11241100x80000000000000003914920Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.71d68b114a0f8c912022-01-11 12:21:55.834root 11241100x80000000000000003914921Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:55.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.947d075af0fea2022022-01-11 12:21:55.835root 11241100x80000000000000003914922Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:55.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f0a3f3b60198eed2022-01-11 12:21:55.835root 11241100x80000000000000003914923Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:55.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ea8f1dc745999a92022-01-11 12:21:55.835root 11241100x80000000000000003914924Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:55.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f7fb1c16577392602022-01-11 12:21:55.835root 11241100x80000000000000003914925Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:55.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1bfde59b2cde61f12022-01-11 12:21:55.835root 11241100x80000000000000003914926Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:55.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c97a86ce6511e1852022-01-11 12:21:55.835root 11241100x80000000000000003914927Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:55.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab771efbdfd4543c2022-01-11 12:21:55.836root 11241100x80000000000000003914928Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:55.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.188c95d07a22fa0b2022-01-11 12:21:55.836root 11241100x80000000000000003914929Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:56.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8ae63b09d5bac7a2022-01-11 12:21:56.334root 11241100x80000000000000003914930Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:56.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d1c91a2b5d009102022-01-11 12:21:56.334root 11241100x80000000000000003914931Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:56.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4603cfb124c611072022-01-11 12:21:56.334root 11241100x80000000000000003914932Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:56.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.07d8844cce375e9c2022-01-11 12:21:56.334root 11241100x80000000000000003914933Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:56.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.abd258114a16655f2022-01-11 12:21:56.334root 11241100x80000000000000003914934Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:56.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b857d8f7b4cef6a22022-01-11 12:21:56.334root 11241100x80000000000000003914935Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:56.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.724ffd88b36ef6bc2022-01-11 12:21:56.334root 11241100x80000000000000003914936Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:56.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cbf26ef92bbb9ba32022-01-11 12:21:56.334root 11241100x80000000000000003914937Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:56.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.622c2979e5bde40a2022-01-11 12:21:56.334root 11241100x80000000000000003914938Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:56.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb28d08b50bfcf982022-01-11 12:21:56.334root 11241100x80000000000000003914939Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:56.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1fa3373c6d5e75162022-01-11 12:21:56.334root 11241100x80000000000000003914940Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:56.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fcaa8abd8a87633d2022-01-11 12:21:56.334root 11241100x80000000000000003914941Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:56.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e19ba84ae5efff7c2022-01-11 12:21:56.334root 11241100x80000000000000003914942Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:56.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.99de82c84d64e1ee2022-01-11 12:21:56.335root 11241100x80000000000000003914943Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:56.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e003d0b4edfb1632022-01-11 12:21:56.834root 11241100x80000000000000003914944Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:56.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c2059601c8986052022-01-11 12:21:56.834root 11241100x80000000000000003914945Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:56.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed90fd09674b03c62022-01-11 12:21:56.834root 11241100x80000000000000003914946Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:56.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16abd62a81d5eaf62022-01-11 12:21:56.834root 11241100x80000000000000003914947Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:56.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af4135209f8343322022-01-11 12:21:56.834root 11241100x80000000000000003914948Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:56.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.768efb1ec94ab2372022-01-11 12:21:56.834root 11241100x80000000000000003914949Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:56.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.808f8ee055eb75f82022-01-11 12:21:56.834root 11241100x80000000000000003914950Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:56.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.832b43a91ab50b542022-01-11 12:21:56.834root 11241100x80000000000000003914951Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:56.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b232101a61f256e52022-01-11 12:21:56.834root 11241100x80000000000000003914952Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:56.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.857fe6385ca578242022-01-11 12:21:56.834root 11241100x80000000000000003914953Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:56.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0412e795a4e2f752022-01-11 12:21:56.834root 11241100x80000000000000003914954Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:56.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c723cfafdd2a21b92022-01-11 12:21:56.834root 11241100x80000000000000003914955Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:56.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4d7e5ccff079ada2022-01-11 12:21:56.834root 11241100x80000000000000003914956Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:56.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1255e45f09aa55bc2022-01-11 12:21:56.834root 11241100x80000000000000003914957Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:57.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.544f4bbcdee9c1eb2022-01-11 12:21:57.334root 11241100x80000000000000003914958Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:57.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91b16bd47dbf51232022-01-11 12:21:57.334root 11241100x80000000000000003914959Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:57.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2eb8f4f03699fc22022-01-11 12:21:57.334root 11241100x80000000000000003914960Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:57.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b24d91ceaafcda92022-01-11 12:21:57.334root 11241100x80000000000000003914961Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:57.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c18fe7a908d0c6a52022-01-11 12:21:57.334root 11241100x80000000000000003914962Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:57.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b01f0a2588df199f2022-01-11 12:21:57.334root 11241100x80000000000000003914963Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:57.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f641da8f5176a672022-01-11 12:21:57.334root 11241100x80000000000000003914964Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:57.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f0e6d7c02feac892022-01-11 12:21:57.334root 11241100x80000000000000003914965Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:57.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b4acbd5ef1624212022-01-11 12:21:57.334root 11241100x80000000000000003914966Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:57.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e144583993610f042022-01-11 12:21:57.334root 11241100x80000000000000003914967Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:57.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a32c38790f8d7082022-01-11 12:21:57.334root 11241100x80000000000000003914968Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:57.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a414e357e661f1932022-01-11 12:21:57.334root 11241100x80000000000000003914969Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:57.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50b08ff671e2ebd12022-01-11 12:21:57.334root 11241100x80000000000000003914970Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:57.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00152d98dea84f002022-01-11 12:21:57.334root 11241100x80000000000000003914971Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:57.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc90cb731aa3530d2022-01-11 12:21:57.834root 11241100x80000000000000003914972Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:57.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ebe1b05e160282632022-01-11 12:21:57.834root 11241100x80000000000000003914973Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:57.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a74b90c9a2710db2022-01-11 12:21:57.834root 11241100x80000000000000003914974Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:57.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f404b7504caa717f2022-01-11 12:21:57.834root 11241100x80000000000000003914975Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:57.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5082e37252b6cb2b2022-01-11 12:21:57.834root 11241100x80000000000000003914976Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:57.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd6f4d4a85d0197b2022-01-11 12:21:57.834root 11241100x80000000000000003914977Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:57.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da9eba46692da5fa2022-01-11 12:21:57.834root 11241100x80000000000000003914978Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:57.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9aae35301ea961592022-01-11 12:21:57.834root 11241100x80000000000000003914979Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:57.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aedc4b4069294d892022-01-11 12:21:57.834root 11241100x80000000000000003914980Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:57.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f933d541fffb6c32022-01-11 12:21:57.834root 11241100x80000000000000003914981Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:57.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.abf612de55353fdd2022-01-11 12:21:57.834root 11241100x80000000000000003914982Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:57.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec0cecc08b8da7822022-01-11 12:21:57.834root 11241100x80000000000000003914983Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:57.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7bc2931d860c4e462022-01-11 12:21:57.834root 11241100x80000000000000003914984Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:57.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.833e0bd467695ed22022-01-11 12:21:57.834root 23542300x80000000000000003914985Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:57.837{ec2d504d-f0f9-61db-30a8-2a40f5550000}5391root/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log--- 11241100x80000000000000003914986Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63581b265f2a27762022-01-11 12:21:58.334root 11241100x80000000000000003914987Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e16a1d8bbf2268e2022-01-11 12:21:58.334root 11241100x80000000000000003914988Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9e98ad7c26799862022-01-11 12:21:58.334root 11241100x80000000000000003914989Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00606fb2e8ac68f72022-01-11 12:21:58.334root 11241100x80000000000000003914990Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.686ec62876551dce2022-01-11 12:21:58.334root 11241100x80000000000000003914991Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1e0981f36316c82f2022-01-11 12:21:58.334root 11241100x80000000000000003914992Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12c0cff90902d7292022-01-11 12:21:58.334root 11241100x80000000000000003914993Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4897de15adc103682022-01-11 12:21:58.334root 11241100x80000000000000003914994Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dde48a0e5b28c52d2022-01-11 12:21:58.334root 11241100x80000000000000003914995Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56b8c89447fef48f2022-01-11 12:21:58.334root 11241100x80000000000000003914996Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a6c230157ea6d282022-01-11 12:21:58.334root 11241100x80000000000000003914997Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.75b4b38f8c49e7362022-01-11 12:21:58.334root 11241100x80000000000000003914998Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a444e35bd428c23d2022-01-11 12:21:58.334root 11241100x80000000000000003914999Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dfd243c79b242e222022-01-11 12:21:58.334root 11241100x80000000000000003915000Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:58.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5333d9517888b7d62022-01-11 12:21:58.335root 11241100x80000000000000003915001Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:58.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15161455319d58872022-01-11 12:21:58.833root 11241100x80000000000000003915002Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:58.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe4e3497cde021672022-01-11 12:21:58.833root 11241100x80000000000000003915003Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10ac087cfd7eda612022-01-11 12:21:58.834root 11241100x80000000000000003915004Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b99f32d9d87deac2022-01-11 12:21:58.834root 11241100x80000000000000003915005Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1bcb7747044bf42d2022-01-11 12:21:58.834root 11241100x80000000000000003915006Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.396f1d45cf722f692022-01-11 12:21:58.834root 11241100x80000000000000003915007Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6663dbeb1e89180a2022-01-11 12:21:58.834root 11241100x80000000000000003915008Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:58.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4d6e9a6b7adb6962022-01-11 12:21:58.835root 11241100x80000000000000003915009Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:58.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7ec94d1c6d336172022-01-11 12:21:58.835root 11241100x80000000000000003915010Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:58.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b47b86d2437389d2022-01-11 12:21:58.835root 11241100x80000000000000003915011Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:58.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62956273da8c512f2022-01-11 12:21:58.835root 11241100x80000000000000003915012Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:58.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32486a8ae7ddc17d2022-01-11 12:21:58.835root 11241100x80000000000000003915013Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:58.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca60b508b196e7442022-01-11 12:21:58.835root 11241100x80000000000000003915014Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:58.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.edb07398e8e97e722022-01-11 12:21:58.836root 11241100x80000000000000003915015Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:58.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b153091ad9a432122022-01-11 12:21:58.836root 11241100x80000000000000003915016Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b63d8bd34eb36c82022-01-11 12:21:59.334root 11241100x80000000000000003915017Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01664e42b35f9fbe2022-01-11 12:21:59.334root 11241100x80000000000000003915018Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.074de34e050d41492022-01-11 12:21:59.334root 11241100x80000000000000003915019Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.31a3e75a60ba22852022-01-11 12:21:59.334root 11241100x80000000000000003915020Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ffeaf123f5c9254f2022-01-11 12:21:59.334root 11241100x80000000000000003915021Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76fbadb8bbe272852022-01-11 12:21:59.334root 11241100x80000000000000003915022Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d7544b8a6cbc5f92022-01-11 12:21:59.334root 11241100x80000000000000003915023Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e00072471cba97802022-01-11 12:21:59.334root 11241100x80000000000000003915024Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f74a2221efff62722022-01-11 12:21:59.334root 11241100x80000000000000003915025Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50a3519ca0383bd62022-01-11 12:21:59.334root 11241100x80000000000000003915026Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.71166b460ae3deb62022-01-11 12:21:59.334root 11241100x80000000000000003915027Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.322faab9d8ebf7ef2022-01-11 12:21:59.334root 11241100x80000000000000003915028Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.71b6a4fa8867556f2022-01-11 12:21:59.334root 11241100x80000000000000003915029Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:59.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a6a762deeeaf7f92022-01-11 12:21:59.335root 11241100x80000000000000003915030Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:59.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7e40c02efb269c42022-01-11 12:21:59.335root 11241100x80000000000000003915031Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:59.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57dd47d305754dc82022-01-11 12:21:59.834root 11241100x80000000000000003915032Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:59.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e964f936f483fd62022-01-11 12:21:59.834root 11241100x80000000000000003915033Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:59.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.03440c7836e382dc2022-01-11 12:21:59.834root 11241100x80000000000000003915034Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:59.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.430ccdfe42d0bd7b2022-01-11 12:21:59.834root 11241100x80000000000000003915035Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:59.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9acd2b1c40fc2c7e2022-01-11 12:21:59.834root 11241100x80000000000000003915036Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:59.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2c25c5e6fdf3e1b2022-01-11 12:21:59.834root 11241100x80000000000000003915037Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:59.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d69d0014374485262022-01-11 12:21:59.834root 11241100x80000000000000003915038Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:59.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.974ae43ee55358062022-01-11 12:21:59.834root 11241100x80000000000000003915039Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:59.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9df1599b2f99d1402022-01-11 12:21:59.834root 11241100x80000000000000003915040Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:59.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e18d0d2a83c7d1b2022-01-11 12:21:59.834root 11241100x80000000000000003915041Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:59.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f7fa96307d543ade2022-01-11 12:21:59.835root 11241100x80000000000000003915042Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:59.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43f94bf80d15d40d2022-01-11 12:21:59.835root 11241100x80000000000000003915043Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:59.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.70708a4d70bf2b2d2022-01-11 12:21:59.835root 11241100x80000000000000003915044Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:59.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6ff19045110de1a2022-01-11 12:21:59.835root 11241100x80000000000000003915045Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:21:59.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ec79cd1b5d3ac6b2022-01-11 12:21:59.835root 354300x80000000000000003915046Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:00.034{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56332-false10.0.1.12-8000- 11241100x80000000000000003915047Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:00.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee47e9287621048d2022-01-11 12:22:00.333root 11241100x80000000000000003915048Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:00.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f4fbaa47f2438b302022-01-11 12:22:00.334root 11241100x80000000000000003915049Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:00.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a1d0f33362afee32022-01-11 12:22:00.334root 11241100x80000000000000003915050Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:00.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa97a34c43735a492022-01-11 12:22:00.334root 11241100x80000000000000003915051Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:00.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.345cfa1f267cfd1a2022-01-11 12:22:00.334root 11241100x80000000000000003915052Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3fdeda4304f7388c2022-01-11 12:22:00.335root 11241100x80000000000000003915053Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50167811a0b50b792022-01-11 12:22:00.335root 11241100x80000000000000003915054Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10d2af6dda522c802022-01-11 12:22:00.335root 11241100x80000000000000003915055Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51e129175e001f9d2022-01-11 12:22:00.335root 11241100x80000000000000003915056Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.817a569b5636b6e52022-01-11 12:22:00.335root 11241100x80000000000000003915057Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e5ac71b039e033d2022-01-11 12:22:00.335root 11241100x80000000000000003915058Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed9f5d91f5d6b3ea2022-01-11 12:22:00.335root 11241100x80000000000000003915059Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:00.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cffe40bcd148131c2022-01-11 12:22:00.335root 11241100x80000000000000003915060Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:00.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74bca7c87e5566e82022-01-11 12:22:00.336root 11241100x80000000000000003915061Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:00.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.64d2f618be8ecb492022-01-11 12:22:00.336root 11241100x80000000000000003915062Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:00.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1dac83121379f5e2022-01-11 12:22:00.336root 11241100x80000000000000003915063Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:00.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c45815792e4637b72022-01-11 12:22:00.834root 11241100x80000000000000003915064Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:00.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1c1f45eec740a212022-01-11 12:22:00.834root 11241100x80000000000000003915065Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:00.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f97d7a5e3f91144e2022-01-11 12:22:00.834root 11241100x80000000000000003915066Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:00.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f5a4cbc0923534f2022-01-11 12:22:00.834root 11241100x80000000000000003915067Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:00.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb8d43ecccba58eb2022-01-11 12:22:00.834root 11241100x80000000000000003915068Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:00.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3884538a0ccb78e82022-01-11 12:22:00.834root 11241100x80000000000000003915069Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:00.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e5320369ed4e9d22022-01-11 12:22:00.834root 11241100x80000000000000003915070Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:00.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40326602ba1d4e552022-01-11 12:22:00.834root 11241100x80000000000000003915071Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:00.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c6fce7c694dfcbc2022-01-11 12:22:00.834root 11241100x80000000000000003915072Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:00.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bde08eb94007680c2022-01-11 12:22:00.834root 11241100x80000000000000003915073Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:00.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7403b89069635f302022-01-11 12:22:00.834root 11241100x80000000000000003915074Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:00.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac7f4bd65704f1b82022-01-11 12:22:00.834root 11241100x80000000000000003915075Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:00.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4dba2d635e70c8722022-01-11 12:22:00.834root 11241100x80000000000000003915076Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:00.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da1b7878085c115b2022-01-11 12:22:00.835root 11241100x80000000000000003915077Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:00.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.14cd9613dd4415772022-01-11 12:22:00.835root 11241100x80000000000000003915078Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:00.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f7ff5b80d44d7d2b2022-01-11 12:22:00.835root 11241100x80000000000000003915079Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a32c1d7dbc01e93d2022-01-11 12:22:01.334root 11241100x80000000000000003915080Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.930ced72bf43433e2022-01-11 12:22:01.334root 11241100x80000000000000003915081Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.120e115b275fb6a62022-01-11 12:22:01.334root 11241100x80000000000000003915082Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5d660f06f8b63592022-01-11 12:22:01.334root 11241100x80000000000000003915083Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d83fb4d218a342f2022-01-11 12:22:01.334root 11241100x80000000000000003915084Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bae64618ebe9860c2022-01-11 12:22:01.334root 11241100x80000000000000003915085Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f34af291b45d3b42022-01-11 12:22:01.334root 11241100x80000000000000003915086Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d023cf6df809c482022-01-11 12:22:01.334root 11241100x80000000000000003915087Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53c5b12286eb9af22022-01-11 12:22:01.334root 11241100x80000000000000003915088Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47e8b68a3d887c952022-01-11 12:22:01.334root 11241100x80000000000000003915089Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa2b18613ce3934c2022-01-11 12:22:01.334root 11241100x80000000000000003915090Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:01.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f12abde0844ff3fc2022-01-11 12:22:01.334root 11241100x80000000000000003915091Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:01.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02ba47bc3e6131712022-01-11 12:22:01.335root 11241100x80000000000000003915092Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:01.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1be3eb45ba835202022-01-11 12:22:01.335root 11241100x80000000000000003915093Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:01.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f7f10d9b510489d2022-01-11 12:22:01.335root 11241100x80000000000000003915094Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:01.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b0c31114fa206612022-01-11 12:22:01.335root 11241100x80000000000000003915095Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:01.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6428b19090b82fc2022-01-11 12:22:01.834root 11241100x80000000000000003915096Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:01.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93268963a44f67202022-01-11 12:22:01.834root 11241100x80000000000000003915097Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:01.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17cbdd9c614d7f802022-01-11 12:22:01.834root 11241100x80000000000000003915098Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:01.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61c837163a9f6a9b2022-01-11 12:22:01.834root 11241100x80000000000000003915099Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:01.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ecdb612a112ba7b2022-01-11 12:22:01.834root 11241100x80000000000000003915100Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:01.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec29c604c411c6ce2022-01-11 12:22:01.835root 11241100x80000000000000003915101Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:01.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4617090d99e59bca2022-01-11 12:22:01.835root 11241100x80000000000000003915102Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:01.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f86834188fac8c0f2022-01-11 12:22:01.835root 11241100x80000000000000003915103Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:01.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b92e3eff1c1930e32022-01-11 12:22:01.835root 11241100x80000000000000003915104Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:01.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23cc4d156ed63b362022-01-11 12:22:01.835root 11241100x80000000000000003915105Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:01.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5fecc162a731c1b42022-01-11 12:22:01.835root 11241100x80000000000000003915106Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:01.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96b47ac83c9d08472022-01-11 12:22:01.835root 11241100x80000000000000003915107Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:01.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6211d4f391d4d0912022-01-11 12:22:01.835root 11241100x80000000000000003915108Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:01.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e5118bfb81c6fc42022-01-11 12:22:01.835root 11241100x80000000000000003915109Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:01.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.085502e0a6cef91b2022-01-11 12:22:01.835root 11241100x80000000000000003915110Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:01.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.92fa42e4aa8b4b6a2022-01-11 12:22:01.835root 11241100x80000000000000003915111Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:02.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02db43970cd2c2342022-01-11 12:22:02.333root 11241100x80000000000000003915112Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:02.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c4f414c3d76f6152022-01-11 12:22:02.333root 11241100x80000000000000003915113Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:02.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1dd81e683f0a445b2022-01-11 12:22:02.333root 11241100x80000000000000003915114Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:02.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6082daa6e2210292022-01-11 12:22:02.333root 11241100x80000000000000003915115Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:02.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a71549bfe5f6c522022-01-11 12:22:02.334root 11241100x80000000000000003915116Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:02.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.695188e73e3d7ddd2022-01-11 12:22:02.334root 11241100x80000000000000003915117Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:02.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.097b58bc0de169bd2022-01-11 12:22:02.334root 11241100x80000000000000003915118Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:02.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4d3b9706ec3a4e72022-01-11 12:22:02.334root 11241100x80000000000000003915119Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:02.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84cd9ff23cd13b302022-01-11 12:22:02.334root 11241100x80000000000000003915120Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:02.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8fb17ff5a062b1cc2022-01-11 12:22:02.334root 11241100x80000000000000003915121Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:02.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2d4a02722f543902022-01-11 12:22:02.334root 11241100x80000000000000003915122Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:02.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8bd38865686ae2102022-01-11 12:22:02.334root 11241100x80000000000000003915123Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:02.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb5b617b9dd41e2f2022-01-11 12:22:02.334root 11241100x80000000000000003915124Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:02.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f78f0d9eb7103f832022-01-11 12:22:02.334root 11241100x80000000000000003915125Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:02.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ab473daaf91aac72022-01-11 12:22:02.334root 11241100x80000000000000003915126Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:02.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.201f5c74b456892d2022-01-11 12:22:02.334root 11241100x80000000000000003915127Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:02.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3ab55b9c0712ee72022-01-11 12:22:02.833root 11241100x80000000000000003915128Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:02.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2bf56c992d3165f2022-01-11 12:22:02.834root 11241100x80000000000000003915129Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:02.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.60a187f968ca86de2022-01-11 12:22:02.834root 11241100x80000000000000003915130Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:02.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2cdd3fa4134b1cd22022-01-11 12:22:02.834root 11241100x80000000000000003915131Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:02.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d66662a35fed2d92022-01-11 12:22:02.834root 11241100x80000000000000003915132Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:02.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.27b8d24844cdd4832022-01-11 12:22:02.834root 11241100x80000000000000003915133Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:02.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed601b2ca2ab8dbf2022-01-11 12:22:02.834root 11241100x80000000000000003915134Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:02.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1dc0795b2f618b4d2022-01-11 12:22:02.834root 11241100x80000000000000003915135Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:02.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6befab420bc4fc712022-01-11 12:22:02.834root 11241100x80000000000000003915136Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:02.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d85009edbb3967612022-01-11 12:22:02.834root 11241100x80000000000000003915137Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:02.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.14defa213d1f8d5d2022-01-11 12:22:02.834root 11241100x80000000000000003915138Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:02.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b471e728b94cc9d2022-01-11 12:22:02.834root 11241100x80000000000000003915139Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:02.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c89517f3f5d3985c2022-01-11 12:22:02.834root 11241100x80000000000000003915140Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:02.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.24c63362615bcdec2022-01-11 12:22:02.834root 11241100x80000000000000003915141Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:02.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3de034cbc5643342022-01-11 12:22:02.835root 11241100x80000000000000003915142Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:02.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b0816b3588eb2912022-01-11 12:22:02.835root 11241100x80000000000000003915143Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:03.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6423abf64a5ebd512022-01-11 12:22:03.334root 11241100x80000000000000003915144Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:03.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ddc1d56636364e52022-01-11 12:22:03.334root 11241100x80000000000000003915145Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:03.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb9f12d1dd2458cf2022-01-11 12:22:03.334root 11241100x80000000000000003915146Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:03.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c000cba94f85c2dd2022-01-11 12:22:03.334root 11241100x80000000000000003915147Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:03.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86bb0c5aaf7f27382022-01-11 12:22:03.334root 11241100x80000000000000003915148Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:03.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41c7a2cd6bb45a6e2022-01-11 12:22:03.334root 11241100x80000000000000003915149Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:03.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed9499d6d35a2c842022-01-11 12:22:03.334root 11241100x80000000000000003915150Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:03.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1453b36d625be8292022-01-11 12:22:03.334root 11241100x80000000000000003915151Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:03.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.92570eec7ca671272022-01-11 12:22:03.334root 11241100x80000000000000003915152Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:03.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b46d0c6e0acd3da12022-01-11 12:22:03.334root 11241100x80000000000000003915153Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:03.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.808996e15df47cb52022-01-11 12:22:03.334root 11241100x80000000000000003915154Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:03.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.78807775d97acba72022-01-11 12:22:03.335root 11241100x80000000000000003915155Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:03.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f86698cbe32f81962022-01-11 12:22:03.335root 11241100x80000000000000003915156Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:03.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ac41fb88b9112462022-01-11 12:22:03.335root 11241100x80000000000000003915157Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:03.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a035e97f0842e9b12022-01-11 12:22:03.335root 11241100x80000000000000003915158Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:03.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.385c37ced35783862022-01-11 12:22:03.335root 11241100x80000000000000003915159Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:03.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43852fadf506be272022-01-11 12:22:03.833root 11241100x80000000000000003915160Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:03.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e877ac1e3016cc62022-01-11 12:22:03.834root 11241100x80000000000000003915161Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:03.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9f17ead5ee80e3f2022-01-11 12:22:03.834root 11241100x80000000000000003915162Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:03.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c09d073a27dbf442022-01-11 12:22:03.834root 11241100x80000000000000003915163Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:03.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd552675214b913e2022-01-11 12:22:03.834root 11241100x80000000000000003915164Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:03.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bcf7b0fd0ca51fc32022-01-11 12:22:03.834root 11241100x80000000000000003915165Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:03.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7faa4c3fdc19d0fd2022-01-11 12:22:03.834root 11241100x80000000000000003915166Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:03.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.543a32b56e70b0842022-01-11 12:22:03.834root 11241100x80000000000000003915167Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:03.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff1ddd8922b0d0a12022-01-11 12:22:03.834root 11241100x80000000000000003915168Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:03.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c3fb06cf28dd1f42022-01-11 12:22:03.834root 11241100x80000000000000003915169Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:03.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.424df00ca27947a02022-01-11 12:22:03.834root 11241100x80000000000000003915170Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:03.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5318f8042ddd3aa52022-01-11 12:22:03.834root 11241100x80000000000000003915171Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:03.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e3449735136632f2022-01-11 12:22:03.835root 11241100x80000000000000003915172Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:03.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.739fcf42272d0c2b2022-01-11 12:22:03.835root 11241100x80000000000000003915173Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:03.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4be15df31e8118f2022-01-11 12:22:03.835root 11241100x80000000000000003915174Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:03.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a3cb40ae01dcfb52022-01-11 12:22:03.835root 11241100x80000000000000003915175Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:04.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22d32b5dd0818a9c2022-01-11 12:22:04.334root 11241100x80000000000000003915176Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:04.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6900a77e543419f92022-01-11 12:22:04.334root 11241100x80000000000000003915177Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:04.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b8d01cfb8be8f162022-01-11 12:22:04.334root 11241100x80000000000000003915178Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:04.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c19e7da0e94575d52022-01-11 12:22:04.334root 11241100x80000000000000003915179Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:04.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f0d0cabdad5bbe92022-01-11 12:22:04.335root 11241100x80000000000000003915180Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:04.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d853ee243ec781da2022-01-11 12:22:04.335root 11241100x80000000000000003915181Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:04.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4823a630765b666d2022-01-11 12:22:04.335root 11241100x80000000000000003915182Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:04.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.257018d192a7926c2022-01-11 12:22:04.335root 11241100x80000000000000003915183Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:04.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b11be6a666b2365c2022-01-11 12:22:04.335root 11241100x80000000000000003915184Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:04.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b5fff453f5d528bb2022-01-11 12:22:04.336root 11241100x80000000000000003915185Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:04.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.074664412c9bd5092022-01-11 12:22:04.336root 11241100x80000000000000003915186Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:04.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.30b4167ed715b4522022-01-11 12:22:04.336root 11241100x80000000000000003915187Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:04.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f5b8e65328cabef02022-01-11 12:22:04.336root 11241100x80000000000000003915188Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:04.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f8bcd4b6dba2b462022-01-11 12:22:04.336root 11241100x80000000000000003915189Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:04.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf0b651e4006e0692022-01-11 12:22:04.336root 11241100x80000000000000003915190Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:04.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.470a23561e75e9c92022-01-11 12:22:04.336root 11241100x80000000000000003915191Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:04.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5dbd7edd677474bf2022-01-11 12:22:04.833root 11241100x80000000000000003915192Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:04.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b3b9e74066905fd2022-01-11 12:22:04.834root 11241100x80000000000000003915193Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:04.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5da5840816a4b80c2022-01-11 12:22:04.834root 11241100x80000000000000003915194Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:04.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.534ad9d1003414ac2022-01-11 12:22:04.834root 11241100x80000000000000003915195Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:04.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c1c49a7feb1c4a72022-01-11 12:22:04.834root 11241100x80000000000000003915196Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:04.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.018e083186fc33df2022-01-11 12:22:04.834root 11241100x80000000000000003915197Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:04.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd9694163e3e5d602022-01-11 12:22:04.834root 11241100x80000000000000003915198Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:04.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.043483adbc45c1212022-01-11 12:22:04.834root 11241100x80000000000000003915199Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:04.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.13efb5d1c7fbd4b72022-01-11 12:22:04.834root 11241100x80000000000000003915200Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:04.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc524814768c8df52022-01-11 12:22:04.834root 11241100x80000000000000003915201Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:04.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5e041991d56f7c32022-01-11 12:22:04.834root 11241100x80000000000000003915202Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:04.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1a5fc943817db422022-01-11 12:22:04.835root 11241100x80000000000000003915203Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:04.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb030ef8765474fd2022-01-11 12:22:04.835root 11241100x80000000000000003915204Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:04.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d1c32fa96c2d9c42022-01-11 12:22:04.835root 11241100x80000000000000003915205Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:04.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39c0221345fb751a2022-01-11 12:22:04.835root 11241100x80000000000000003915206Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:04.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05307f0ebb75c3a82022-01-11 12:22:04.835root 354300x80000000000000003915207Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:05.052{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56334-false10.0.1.12-8000- 11241100x80000000000000003915208Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:05.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa42c4edb8aafaad2022-01-11 12:22:05.333root 11241100x80000000000000003915209Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:05.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b30965363ad5ad12022-01-11 12:22:05.334root 11241100x80000000000000003915210Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:05.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9bc047d50bc59e502022-01-11 12:22:05.334root 11241100x80000000000000003915211Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:05.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.445e038ae0e8556f2022-01-11 12:22:05.334root 11241100x80000000000000003915212Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:05.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f01b7d75ce774a42022-01-11 12:22:05.334root 11241100x80000000000000003915213Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:05.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.14904372ed0f64842022-01-11 12:22:05.335root 11241100x80000000000000003915214Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:05.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54142882f41957ae2022-01-11 12:22:05.335root 11241100x80000000000000003915215Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:05.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ee0d3640de458912022-01-11 12:22:05.335root 11241100x80000000000000003915216Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:05.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e08778fdf655f7882022-01-11 12:22:05.335root 11241100x80000000000000003915217Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:05.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c73b0a3e47a72ab2022-01-11 12:22:05.336root 11241100x80000000000000003915218Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:05.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12d662718d2a3b492022-01-11 12:22:05.336root 11241100x80000000000000003915219Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:05.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d2cee93a450ef882022-01-11 12:22:05.336root 11241100x80000000000000003915220Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:05.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c668a51bbd44f202022-01-11 12:22:05.336root 11241100x80000000000000003915221Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:05.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf10e0fb2a8b5e032022-01-11 12:22:05.336root 11241100x80000000000000003915222Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:05.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a7c41a5a47d5ee12022-01-11 12:22:05.336root 11241100x80000000000000003915223Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:05.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35f0f10f108a56ab2022-01-11 12:22:05.336root 11241100x80000000000000003915224Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:05.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d9445934ed25a492022-01-11 12:22:05.337root 534500x80000000000000003915225Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:05.380{ec2d504d-ed40-61db-c8ca-f08c12560000}459/lib/systemd/systemd-journaldroot 11241100x80000000000000003915226Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:05.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a382e6a3e571b66d2022-01-11 12:22:05.833root 11241100x80000000000000003915227Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:05.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08afe2987bc313b32022-01-11 12:22:05.834root 11241100x80000000000000003915228Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:05.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f20d1212b92661a32022-01-11 12:22:05.834root 11241100x80000000000000003915229Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:05.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c5079753cbe0db72022-01-11 12:22:05.834root 11241100x80000000000000003915230Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:05.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c2a5e1985a784932022-01-11 12:22:05.834root 11241100x80000000000000003915231Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:05.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4bbb332a955b45682022-01-11 12:22:05.834root 11241100x80000000000000003915232Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:05.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d0d27da045818292022-01-11 12:22:05.834root 11241100x80000000000000003915233Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:05.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3aa5461c445b5162022-01-11 12:22:05.834root 11241100x80000000000000003915234Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:05.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7049aea24b59fc8c2022-01-11 12:22:05.834root 11241100x80000000000000003915235Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:05.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7525648076fcbba12022-01-11 12:22:05.834root 11241100x80000000000000003915236Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:05.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a768ec2392b4f60f2022-01-11 12:22:05.834root 11241100x80000000000000003915237Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:05.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.559e5606680cbf562022-01-11 12:22:05.835root 11241100x80000000000000003915238Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:05.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.edaec4ea0678deab2022-01-11 12:22:05.835root 11241100x80000000000000003915239Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:05.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00fb8b744b3581492022-01-11 12:22:05.835root 11241100x80000000000000003915240Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:05.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7c93398dedf308a2022-01-11 12:22:05.835root 11241100x80000000000000003915241Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:05.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d9ff0a907fc4f0b02022-01-11 12:22:05.835root 11241100x80000000000000003915242Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:05.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.044235b5ad94cc7e2022-01-11 12:22:05.835root 11241100x80000000000000003915243Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:05.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12442560ce16c45b2022-01-11 12:22:05.835root 11241100x80000000000000003915244Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:06.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bed9560598bca5d22022-01-11 12:22:06.334root 11241100x80000000000000003915245Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:06.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f9b823f573f76452022-01-11 12:22:06.334root 11241100x80000000000000003915246Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:06.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7136fe935913a4ae2022-01-11 12:22:06.334root 11241100x80000000000000003915247Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:06.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.523f796be79e878e2022-01-11 12:22:06.334root 11241100x80000000000000003915248Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:06.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4636de3f78bfdfd22022-01-11 12:22:06.335root 11241100x80000000000000003915249Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:06.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.637ded2c70fe482e2022-01-11 12:22:06.335root 11241100x80000000000000003915250Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:06.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41bca80775a53bf62022-01-11 12:22:06.335root 11241100x80000000000000003915251Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:06.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0dd12367dd8cb2e42022-01-11 12:22:06.335root 11241100x80000000000000003915252Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:06.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d67c77cb0dfb61b2022-01-11 12:22:06.335root 11241100x80000000000000003915253Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:06.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3fa192f6851a1b482022-01-11 12:22:06.335root 11241100x80000000000000003915254Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:06.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ffd98a732b84392a2022-01-11 12:22:06.335root 11241100x80000000000000003915255Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:06.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a654cf4145697232022-01-11 12:22:06.335root 11241100x80000000000000003915256Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:06.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.653ef2128a969f382022-01-11 12:22:06.336root 11241100x80000000000000003915257Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:06.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0cb603e00be93a422022-01-11 12:22:06.336root 11241100x80000000000000003915258Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:06.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e5bd729ca678a822022-01-11 12:22:06.336root 11241100x80000000000000003915259Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:06.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.349287d47b9383342022-01-11 12:22:06.336root 11241100x80000000000000003915260Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:06.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c3757d8f06bd419f2022-01-11 12:22:06.336root 11241100x80000000000000003915261Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:06.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae7d64a12c4ddaf52022-01-11 12:22:06.336root 11241100x80000000000000003915262Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:06.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3e1f3b1ce41becb2022-01-11 12:22:06.834root 11241100x80000000000000003915263Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:06.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74f4261117e933c12022-01-11 12:22:06.834root 11241100x80000000000000003915264Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:06.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97073dbdc5027f9a2022-01-11 12:22:06.834root 11241100x80000000000000003915265Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:06.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b735f5ff4eeae23f2022-01-11 12:22:06.834root 11241100x80000000000000003915266Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:06.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d9e9acd48dffa4c2022-01-11 12:22:06.834root 11241100x80000000000000003915267Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:06.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.484622676038aec62022-01-11 12:22:06.834root 11241100x80000000000000003915268Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:06.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8fdfafb705250812022-01-11 12:22:06.834root 11241100x80000000000000003915269Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:06.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7be233e1d26d0fb2022-01-11 12:22:06.835root 11241100x80000000000000003915270Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:06.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a264a36a2f1c80e2022-01-11 12:22:06.835root 11241100x80000000000000003915271Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:06.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dfab93f340b229e02022-01-11 12:22:06.835root 11241100x80000000000000003915272Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:06.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1cac7884398b26da2022-01-11 12:22:06.835root 11241100x80000000000000003915273Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:06.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cebcea892e508fac2022-01-11 12:22:06.835root 11241100x80000000000000003915274Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:06.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d3666651fd0550c2022-01-11 12:22:06.835root 11241100x80000000000000003915275Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:06.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.997dfbcb796da7c62022-01-11 12:22:06.835root 11241100x80000000000000003915276Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:06.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.426a57fd4668b1b32022-01-11 12:22:06.835root 11241100x80000000000000003915277Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:06.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d02ea5e1702594c2022-01-11 12:22:06.835root 11241100x80000000000000003915278Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:06.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c90abe220020e282022-01-11 12:22:06.835root 11241100x80000000000000003915279Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:06.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2342965133958672022-01-11 12:22:06.835root 11241100x80000000000000003915280Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:07.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.945d3492e82e0c7a2022-01-11 12:22:07.334root 11241100x80000000000000003915281Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:07.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4eeb84f508ece5bc2022-01-11 12:22:07.334root 11241100x80000000000000003915282Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:07.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66c2f8acd666d1d42022-01-11 12:22:07.334root 11241100x80000000000000003915283Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:07.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f193d955f62ac81e2022-01-11 12:22:07.334root 11241100x80000000000000003915284Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:07.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fad0d6580b4a3f2f2022-01-11 12:22:07.334root 11241100x80000000000000003915285Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:07.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d1ecb832c98992a2022-01-11 12:22:07.334root 11241100x80000000000000003915286Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:07.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.afae139fccad149d2022-01-11 12:22:07.334root 11241100x80000000000000003915287Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:07.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a82a94f4fcad2ce2022-01-11 12:22:07.334root 11241100x80000000000000003915288Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:07.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c52a4d3c4f0d9f02022-01-11 12:22:07.334root 11241100x80000000000000003915289Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:07.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.94d2fa5a675a6ab22022-01-11 12:22:07.334root 11241100x80000000000000003915290Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:07.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5fc100a05d8b6ff2022-01-11 12:22:07.334root 11241100x80000000000000003915291Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:07.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32c19ed28ae7657b2022-01-11 12:22:07.334root 11241100x80000000000000003915292Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:07.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e474bd4868f3ef0c2022-01-11 12:22:07.335root 11241100x80000000000000003915293Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:07.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a35c580ea16949bf2022-01-11 12:22:07.335root 11241100x80000000000000003915294Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:07.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.057d2b051ea683d42022-01-11 12:22:07.335root 11241100x80000000000000003915295Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:07.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d4f466841a5b6bf2022-01-11 12:22:07.335root 11241100x80000000000000003915296Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:07.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e508a6cdadf65e452022-01-11 12:22:07.335root 11241100x80000000000000003915297Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:07.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d593b3ea541b188e2022-01-11 12:22:07.335root 11241100x80000000000000003915298Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:07.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50e3cdb76478c07d2022-01-11 12:22:07.834root 11241100x80000000000000003915299Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:07.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d820de9329914252022-01-11 12:22:07.834root 11241100x80000000000000003915300Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:07.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e295b100f33262302022-01-11 12:22:07.834root 11241100x80000000000000003915301Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:07.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a189314cc841f332022-01-11 12:22:07.834root 11241100x80000000000000003915302Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:07.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.026ae8e88a9ed50f2022-01-11 12:22:07.834root 11241100x80000000000000003915303Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:07.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.14cf9a5c5c4de8282022-01-11 12:22:07.834root 11241100x80000000000000003915304Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:07.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c532364054ddad382022-01-11 12:22:07.834root 11241100x80000000000000003915305Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:07.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba8f1c4982ff3b0e2022-01-11 12:22:07.834root 11241100x80000000000000003915306Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:07.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66a8e0eeb4b83d992022-01-11 12:22:07.834root 11241100x80000000000000003915307Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:07.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b8b0dbe9f56387e2022-01-11 12:22:07.834root 11241100x80000000000000003915308Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:07.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a41bef271f38f21a2022-01-11 12:22:07.834root 11241100x80000000000000003915309Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:07.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8f22219626f2ece2022-01-11 12:22:07.834root 11241100x80000000000000003915310Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:07.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1ad456bd15376dd2022-01-11 12:22:07.835root 11241100x80000000000000003915311Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:07.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8869e5071af42712022-01-11 12:22:07.835root 11241100x80000000000000003915312Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:07.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d262fc9b827f67b32022-01-11 12:22:07.835root 11241100x80000000000000003915313Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:07.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0a4e8e006b0d4172022-01-11 12:22:07.835root 11241100x80000000000000003915314Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:07.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb5239273c52e76e2022-01-11 12:22:07.835root 11241100x80000000000000003915315Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:07.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ab5fe2698164b6a2022-01-11 12:22:07.835root 11241100x80000000000000003915316Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:08.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.27929ea91ed414572022-01-11 12:22:08.334root 11241100x80000000000000003915317Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:08.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f03f125bd8558242022-01-11 12:22:08.334root 11241100x80000000000000003915318Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:08.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee0b89fcd82057b12022-01-11 12:22:08.334root 11241100x80000000000000003915319Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:08.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22be6969d6f3ad5a2022-01-11 12:22:08.334root 11241100x80000000000000003915320Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:08.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0864fc2f13e04c7b2022-01-11 12:22:08.334root 11241100x80000000000000003915321Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:08.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11355cca81b5e8e92022-01-11 12:22:08.334root 11241100x80000000000000003915322Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:08.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3dcf1fa0937ed1f32022-01-11 12:22:08.334root 11241100x80000000000000003915323Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:08.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1471f69f0cf32392022-01-11 12:22:08.334root 11241100x80000000000000003915324Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:08.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.623e1f47d3360de12022-01-11 12:22:08.334root 11241100x80000000000000003915325Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:08.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd1d11301d29bf862022-01-11 12:22:08.334root 11241100x80000000000000003915326Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:08.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c651a4ebc92511c42022-01-11 12:22:08.335root 11241100x80000000000000003915327Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:08.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.71b7cb13e26e051f2022-01-11 12:22:08.335root 11241100x80000000000000003915328Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:08.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff17e9458166f9a22022-01-11 12:22:08.335root 11241100x80000000000000003915329Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:08.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.064892901c1bd25f2022-01-11 12:22:08.335root 11241100x80000000000000003915330Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:08.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d417c2bb783fcc502022-01-11 12:22:08.335root 11241100x80000000000000003915331Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:08.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc26f0b2fcd549242022-01-11 12:22:08.335root 11241100x80000000000000003915332Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:08.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01c221e64240ba772022-01-11 12:22:08.335root 11241100x80000000000000003915333Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:08.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.100665a6dd2ec7f82022-01-11 12:22:08.335root 11241100x80000000000000003915334Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:08.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b612b595d7b040ee2022-01-11 12:22:08.833root 11241100x80000000000000003915335Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:08.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a2de14a4975944f2022-01-11 12:22:08.833root 11241100x80000000000000003915336Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:08.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8bba8738d2400422022-01-11 12:22:08.833root 11241100x80000000000000003915337Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:08.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.333ea546828d2d862022-01-11 12:22:08.834root 11241100x80000000000000003915338Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:08.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f12d63179ae6f3262022-01-11 12:22:08.834root 11241100x80000000000000003915339Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:08.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a2ba0b9982949a22022-01-11 12:22:08.834root 11241100x80000000000000003915340Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:08.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76dd832c05c830a12022-01-11 12:22:08.834root 11241100x80000000000000003915341Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:08.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de06981b3922737f2022-01-11 12:22:08.834root 11241100x80000000000000003915342Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:08.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.29db673eb4e1fc642022-01-11 12:22:08.834root 11241100x80000000000000003915343Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:08.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d607a32033b981322022-01-11 12:22:08.834root 11241100x80000000000000003915344Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:08.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9828b315aaf9450d2022-01-11 12:22:08.834root 11241100x80000000000000003915345Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:08.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b09c0e1e1a214be52022-01-11 12:22:08.834root 11241100x80000000000000003915346Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:08.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d1ccb0ad4523ce12022-01-11 12:22:08.834root 11241100x80000000000000003915347Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:08.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49f06ea8e0cdda472022-01-11 12:22:08.834root 11241100x80000000000000003915348Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:08.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c014973ed2d58042022-01-11 12:22:08.835root 11241100x80000000000000003915349Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:08.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f70edb45543ea1892022-01-11 12:22:08.835root 11241100x80000000000000003915350Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:08.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67578b7ffcab1ce72022-01-11 12:22:08.835root 11241100x80000000000000003915351Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:08.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad413bf65738f6492022-01-11 12:22:08.835root 11241100x80000000000000003915352Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:09.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6b5c6c1704ab7062022-01-11 12:22:09.333root 11241100x80000000000000003915353Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:09.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ea743e34a5ff4562022-01-11 12:22:09.333root 11241100x80000000000000003915354Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:09.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10feb56d5922fe292022-01-11 12:22:09.333root 11241100x80000000000000003915355Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:09.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f00bdbca8a9e757b2022-01-11 12:22:09.333root 11241100x80000000000000003915356Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:09.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7883fe31f91d4d562022-01-11 12:22:09.333root 11241100x80000000000000003915357Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:09.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a10b3f216422c372022-01-11 12:22:09.333root 11241100x80000000000000003915358Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:09.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.137c27ada994335b2022-01-11 12:22:09.334root 11241100x80000000000000003915359Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:09.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5718e0bca413c1802022-01-11 12:22:09.334root 11241100x80000000000000003915360Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:09.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0a1f8c9059593f42022-01-11 12:22:09.334root 11241100x80000000000000003915361Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:09.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea74e793aba140902022-01-11 12:22:09.334root 11241100x80000000000000003915362Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:09.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.260da2b4b6c48c192022-01-11 12:22:09.334root 11241100x80000000000000003915363Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:09.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.042db7a45016efb82022-01-11 12:22:09.334root 11241100x80000000000000003915364Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:09.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.385a73804a9cab412022-01-11 12:22:09.334root 11241100x80000000000000003915365Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:09.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4ebe27d1abf47312022-01-11 12:22:09.334root 11241100x80000000000000003915366Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:09.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb8505a2a5c1d64d2022-01-11 12:22:09.334root 11241100x80000000000000003915367Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:09.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a02fe857d5537c422022-01-11 12:22:09.334root 11241100x80000000000000003915368Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:09.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7eab45ec827d3d52022-01-11 12:22:09.335root 11241100x80000000000000003915369Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:09.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.040c348c2ffa2f842022-01-11 12:22:09.335root 11241100x80000000000000003915370Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:09.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ced352c0bed303b62022-01-11 12:22:09.335root 11241100x80000000000000003915371Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:09.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.006a88d6be30d2cf2022-01-11 12:22:09.833root 11241100x80000000000000003915372Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:09.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ebb4e44c1ad42cce2022-01-11 12:22:09.833root 11241100x80000000000000003915373Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:09.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77321d3e18a003c72022-01-11 12:22:09.834root 11241100x80000000000000003915374Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:09.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a8b3c15ca5e2b4e2022-01-11 12:22:09.834root 11241100x80000000000000003915375Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:09.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0bfe0fd8ad4cfbd2022-01-11 12:22:09.834root 11241100x80000000000000003915376Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:09.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e3ec98c3b2c5f2c2022-01-11 12:22:09.834root 11241100x80000000000000003915377Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:09.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e759a4145f2898692022-01-11 12:22:09.834root 11241100x80000000000000003915378Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:09.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b2d41802d79e6322022-01-11 12:22:09.834root 11241100x80000000000000003915379Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:09.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53e19231d41591472022-01-11 12:22:09.834root 11241100x80000000000000003915380Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:09.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea9574575384230d2022-01-11 12:22:09.834root 11241100x80000000000000003915381Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:09.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cce131e3ed385c2d2022-01-11 12:22:09.834root 11241100x80000000000000003915382Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:09.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ebe77a483bf0e8a82022-01-11 12:22:09.834root 11241100x80000000000000003915383Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:09.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c589d714d89ed8b72022-01-11 12:22:09.834root 11241100x80000000000000003915384Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:09.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.638970dce8f3b8e92022-01-11 12:22:09.834root 11241100x80000000000000003915385Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:09.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63bf7124453b99152022-01-11 12:22:09.835root 11241100x80000000000000003915386Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:09.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a09390dea04632b52022-01-11 12:22:09.835root 11241100x80000000000000003915387Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:09.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5979680be11f210d2022-01-11 12:22:09.835root 11241100x80000000000000003915388Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:09.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f23ce1cfa856b36c2022-01-11 12:22:09.835root 354300x80000000000000003915389Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:10.075{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56336-false10.0.1.12-8000- 11241100x80000000000000003915390Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:10.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2a59fc797ce28ab2022-01-11 12:22:10.333root 11241100x80000000000000003915391Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:10.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa6e922ad424f1862022-01-11 12:22:10.334root 11241100x80000000000000003915392Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:10.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dbaee47032dff5a92022-01-11 12:22:10.334root 11241100x80000000000000003915393Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:10.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc6bc8186d35f9c72022-01-11 12:22:10.334root 11241100x80000000000000003915394Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:10.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c894774ce18569612022-01-11 12:22:10.334root 11241100x80000000000000003915395Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:10.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4a92d2395c9c1862022-01-11 12:22:10.334root 11241100x80000000000000003915396Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:10.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c19f792fa1f6a0772022-01-11 12:22:10.334root 11241100x80000000000000003915397Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:10.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.517e531a4a3570cc2022-01-11 12:22:10.334root 11241100x80000000000000003915398Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:10.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8660dc3019b0c4962022-01-11 12:22:10.334root 11241100x80000000000000003915399Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:10.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ca253e70c544a7f2022-01-11 12:22:10.335root 11241100x80000000000000003915400Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:10.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.439cf044e995ed262022-01-11 12:22:10.335root 11241100x80000000000000003915401Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:10.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9aa46bbded305b12022-01-11 12:22:10.335root 11241100x80000000000000003915402Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:10.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.85b0a7dd6209d1092022-01-11 12:22:10.335root 11241100x80000000000000003915403Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:10.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bfafa74ed1031ca62022-01-11 12:22:10.335root 11241100x80000000000000003915404Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:10.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2334eb25e88cc1e12022-01-11 12:22:10.335root 11241100x80000000000000003915405Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:10.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9325b205eba4a6622022-01-11 12:22:10.335root 11241100x80000000000000003915406Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:10.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e199401323852d32022-01-11 12:22:10.335root 11241100x80000000000000003915407Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:10.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f7815cd0d2845ee2022-01-11 12:22:10.335root 11241100x80000000000000003915408Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:10.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f555655c0be31c4c2022-01-11 12:22:10.335root 11241100x80000000000000003915409Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:10.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66e6b5221310b4c72022-01-11 12:22:10.833root 11241100x80000000000000003915410Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:10.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56931e4c4a90b56c2022-01-11 12:22:10.833root 11241100x80000000000000003915411Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:10.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9bae5cf1e1ef60de2022-01-11 12:22:10.833root 11241100x80000000000000003915412Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:10.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.70abc373b7b1bbad2022-01-11 12:22:10.833root 11241100x80000000000000003915413Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:10.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f492e59c159cb1592022-01-11 12:22:10.833root 11241100x80000000000000003915414Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:10.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ddd2d2a2182e7caa2022-01-11 12:22:10.834root 11241100x80000000000000003915415Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:10.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.228ae631a1ad49432022-01-11 12:22:10.834root 11241100x80000000000000003915416Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:10.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e112ec737505ef332022-01-11 12:22:10.834root 11241100x80000000000000003915417Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:10.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54342f2af77f89f62022-01-11 12:22:10.834root 11241100x80000000000000003915418Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:10.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33211a5e700bd5fd2022-01-11 12:22:10.834root 11241100x80000000000000003915419Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:10.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d69423537cd4b3852022-01-11 12:22:10.834root 11241100x80000000000000003915420Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:10.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af95a031e4e8e0c62022-01-11 12:22:10.834root 11241100x80000000000000003915421Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:10.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6999285b6f8839d22022-01-11 12:22:10.834root 11241100x80000000000000003915422Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:10.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.931b4c43c29ddec42022-01-11 12:22:10.834root 11241100x80000000000000003915423Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:10.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8004949f19a2ec02022-01-11 12:22:10.834root 11241100x80000000000000003915424Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:10.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a84de2690f4023ce2022-01-11 12:22:10.835root 11241100x80000000000000003915425Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:10.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab472559e3062e762022-01-11 12:22:10.835root 11241100x80000000000000003915426Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:10.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.adc57b07151b16612022-01-11 12:22:10.835root 11241100x80000000000000003915427Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:10.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.03fa8d30538bc8a32022-01-11 12:22:10.835root 11241100x80000000000000003915428Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:10.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.071530e22eafd7012022-01-11 12:22:10.835root 11241100x80000000000000003915429Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:10.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ee86b9bb7ce3ded2022-01-11 12:22:10.835root 11241100x80000000000000003915430Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:10.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e674704311ab9f562022-01-11 12:22:10.835root 11241100x80000000000000003915431Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:10.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9288d52e4959e1d32022-01-11 12:22:10.835root 11241100x80000000000000003915432Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:10.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb0dfa4de3f3bb262022-01-11 12:22:10.835root 11241100x80000000000000003915433Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:11.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.486b6e1eceb910f42022-01-11 12:22:11.334root 11241100x80000000000000003915434Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:11.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c8fb781522527c42022-01-11 12:22:11.334root 11241100x80000000000000003915435Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:11.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.294d487431a1ed732022-01-11 12:22:11.334root 11241100x80000000000000003915436Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:11.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1e199dddaf6466412022-01-11 12:22:11.334root 11241100x80000000000000003915437Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:11.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd9e5d8259233bb42022-01-11 12:22:11.334root 11241100x80000000000000003915438Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:11.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0fe7372b585dd66f2022-01-11 12:22:11.334root 11241100x80000000000000003915439Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:11.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5eb9b088c01b956f2022-01-11 12:22:11.334root 11241100x80000000000000003915440Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:11.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a81298d665118c5d2022-01-11 12:22:11.334root 11241100x80000000000000003915441Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:11.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b912ef32f5391ba12022-01-11 12:22:11.334root 11241100x80000000000000003915442Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:11.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0ffaf370a90465b2022-01-11 12:22:11.335root 11241100x80000000000000003915443Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:11.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c8a41245dc916d02022-01-11 12:22:11.335root 11241100x80000000000000003915444Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:11.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.24f9fa10775c4bc92022-01-11 12:22:11.335root 11241100x80000000000000003915445Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:11.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0ba65fa86bcb5bc2022-01-11 12:22:11.335root 11241100x80000000000000003915446Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:11.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89434785991c25012022-01-11 12:22:11.335root 11241100x80000000000000003915447Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:11.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81b463be04d4b5102022-01-11 12:22:11.335root 11241100x80000000000000003915448Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:11.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb94c80d8dd109f52022-01-11 12:22:11.335root 11241100x80000000000000003915449Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:11.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6699ae3d4cc004372022-01-11 12:22:11.335root 11241100x80000000000000003915450Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:11.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9f291bc4fb4b97e2022-01-11 12:22:11.335root 11241100x80000000000000003915451Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:11.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c98af490115d6132022-01-11 12:22:11.335root 11241100x80000000000000003915452Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:11.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50c7381618115d232022-01-11 12:22:11.834root 11241100x80000000000000003915453Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:11.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.913df851105f0a8d2022-01-11 12:22:11.834root 11241100x80000000000000003915454Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:11.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.416e7ab3f93fa1d82022-01-11 12:22:11.834root 11241100x80000000000000003915455Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:11.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d0e5b658df0704db2022-01-11 12:22:11.834root 11241100x80000000000000003915456Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:11.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f9a604847db521722022-01-11 12:22:11.834root 11241100x80000000000000003915457Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:11.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bec7067e01ff8bad2022-01-11 12:22:11.834root 11241100x80000000000000003915458Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:11.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7046bc80a918117f2022-01-11 12:22:11.834root 11241100x80000000000000003915459Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:11.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83ec3a3c4a74b3472022-01-11 12:22:11.834root 11241100x80000000000000003915460Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:11.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8bf3392a3f90c1872022-01-11 12:22:11.834root 11241100x80000000000000003915461Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:11.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f871452939d5890e2022-01-11 12:22:11.835root 11241100x80000000000000003915462Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:11.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10fc3abf1571807b2022-01-11 12:22:11.835root 11241100x80000000000000003915463Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:11.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.27c2ab4b326e1c092022-01-11 12:22:11.835root 11241100x80000000000000003915464Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:11.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b4c8d6f2e81d63a2022-01-11 12:22:11.835root 11241100x80000000000000003915465Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:11.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f56321b8f65d2c062022-01-11 12:22:11.835root 11241100x80000000000000003915466Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:11.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.607bc80fc572479e2022-01-11 12:22:11.835root 11241100x80000000000000003915467Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:11.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9202d64e73ba4d572022-01-11 12:22:11.835root 11241100x80000000000000003915468Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:11.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f25c12c7210544e02022-01-11 12:22:11.835root 11241100x80000000000000003915469Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:11.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2ab1cb9877f0c6f2022-01-11 12:22:11.835root 11241100x80000000000000003915470Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:11.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90cef32ae6c4ee192022-01-11 12:22:11.836root 11241100x80000000000000003915471Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:12.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2faa7a9334bf2b022022-01-11 12:22:12.334root 11241100x80000000000000003915472Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:12.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.081aa5b30fab55e32022-01-11 12:22:12.334root 11241100x80000000000000003915473Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:12.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.92c9636e25406d0e2022-01-11 12:22:12.334root 11241100x80000000000000003915474Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:12.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a7f90df1cb0995e2022-01-11 12:22:12.334root 11241100x80000000000000003915475Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:12.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c485ce2a303c1a02022-01-11 12:22:12.334root 11241100x80000000000000003915476Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:12.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0f2f791f2027dba2022-01-11 12:22:12.334root 11241100x80000000000000003915477Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:12.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5103f4c628096ab42022-01-11 12:22:12.334root 11241100x80000000000000003915478Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:12.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1dba3c3ecec0adf2022-01-11 12:22:12.334root 11241100x80000000000000003915479Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:12.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.881cd8a686286b332022-01-11 12:22:12.334root 11241100x80000000000000003915480Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:12.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fce7d120b6d26f882022-01-11 12:22:12.335root 11241100x80000000000000003915481Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:12.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf68a0bce56545322022-01-11 12:22:12.335root 11241100x80000000000000003915482Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:12.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.27efb4089544ef552022-01-11 12:22:12.335root 11241100x80000000000000003915483Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:12.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.542a5c85fd37d5d32022-01-11 12:22:12.335root 11241100x80000000000000003915484Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:12.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8cc678bf62342ce32022-01-11 12:22:12.335root 11241100x80000000000000003915485Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:12.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1e9a216f378e265e2022-01-11 12:22:12.335root 11241100x80000000000000003915486Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:12.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.432a8754885645fd2022-01-11 12:22:12.335root 11241100x80000000000000003915487Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:12.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bacaa9fa224f32992022-01-11 12:22:12.335root 11241100x80000000000000003915488Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:12.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ceee2e877a462ac42022-01-11 12:22:12.335root 11241100x80000000000000003915489Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:12.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6b39a0c5449feb02022-01-11 12:22:12.335root 11241100x80000000000000003915490Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:12.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32723bf366e45dc12022-01-11 12:22:12.833root 11241100x80000000000000003915491Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:12.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d8154b64d54f2c62022-01-11 12:22:12.833root 11241100x80000000000000003915492Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:12.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ad6752428f1c13f2022-01-11 12:22:12.834root 11241100x80000000000000003915493Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:12.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f844b0ac192849432022-01-11 12:22:12.834root 11241100x80000000000000003915494Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:12.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c9f327d52b25a402022-01-11 12:22:12.834root 11241100x80000000000000003915495Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:12.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d66214aee7df88082022-01-11 12:22:12.834root 11241100x80000000000000003915496Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:12.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd03015be9ae695a2022-01-11 12:22:12.834root 11241100x80000000000000003915497Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:12.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee28629bc8c28f5d2022-01-11 12:22:12.834root 11241100x80000000000000003915498Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:12.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb32898ffd752c5d2022-01-11 12:22:12.834root 11241100x80000000000000003915499Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:12.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.edf5510a2fbba0c42022-01-11 12:22:12.834root 11241100x80000000000000003915500Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:12.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7585431209dec3bd2022-01-11 12:22:12.834root 11241100x80000000000000003915501Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:12.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1db95b9bdd691e42022-01-11 12:22:12.834root 11241100x80000000000000003915502Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:12.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2324ffc72664c692022-01-11 12:22:12.834root 11241100x80000000000000003915503Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:12.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7147e67145d55e032022-01-11 12:22:12.835root 11241100x80000000000000003915504Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:12.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8266fe8e557546f2022-01-11 12:22:12.835root 11241100x80000000000000003915505Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:12.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e50a3d49edcc4742022-01-11 12:22:12.835root 11241100x80000000000000003915506Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:12.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4aa850ec610a0b7a2022-01-11 12:22:12.835root 11241100x80000000000000003915507Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:12.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec2b89874157b4482022-01-11 12:22:12.835root 11241100x80000000000000003915508Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:12.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f568fdb7d04c5fa42022-01-11 12:22:12.835root 11241100x80000000000000003915509Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:13.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d0b1798593e62c132022-01-11 12:22:13.333root 11241100x80000000000000003915510Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:13.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89aef12dba48afaf2022-01-11 12:22:13.334root 11241100x80000000000000003915511Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:13.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69f1f5a416f148c72022-01-11 12:22:13.334root 11241100x80000000000000003915512Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:13.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18b002da18ffd1752022-01-11 12:22:13.334root 11241100x80000000000000003915513Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:13.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5fa764f87848bdbe2022-01-11 12:22:13.334root 11241100x80000000000000003915514Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:13.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.918b01597abbc9412022-01-11 12:22:13.334root 11241100x80000000000000003915515Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:13.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d9797fa07eb23f182022-01-11 12:22:13.334root 11241100x80000000000000003915516Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:13.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad07fb59dee1e77e2022-01-11 12:22:13.335root 11241100x80000000000000003915517Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:13.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd2ad1af7e0568222022-01-11 12:22:13.335root 11241100x80000000000000003915518Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:13.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7183841f30320892022-01-11 12:22:13.335root 11241100x80000000000000003915519Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:13.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8154251e20cbb0ea2022-01-11 12:22:13.335root 11241100x80000000000000003915520Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:13.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06c44e3a260642232022-01-11 12:22:13.335root 11241100x80000000000000003915521Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:13.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b03845c3668ccbe2022-01-11 12:22:13.335root 11241100x80000000000000003915522Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:13.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22b40ae402c5cc0e2022-01-11 12:22:13.335root 11241100x80000000000000003915523Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:13.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.92b2043cd8f5303f2022-01-11 12:22:13.335root 11241100x80000000000000003915524Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:13.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c79c1c6b25a38c62022-01-11 12:22:13.336root 11241100x80000000000000003915525Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:13.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d086e259ec632d8b2022-01-11 12:22:13.336root 11241100x80000000000000003915526Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:13.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.142c5fc0bdc6e3692022-01-11 12:22:13.336root 11241100x80000000000000003915527Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:13.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d573ae33df693c02022-01-11 12:22:13.336root 11241100x80000000000000003915528Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:13.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef430f75aedb01dd2022-01-11 12:22:13.834root 11241100x80000000000000003915529Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:13.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61b1cbfcbf214aff2022-01-11 12:22:13.834root 11241100x80000000000000003915530Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:13.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e10c3588a61bef4a2022-01-11 12:22:13.834root 11241100x80000000000000003915531Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:13.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b52a9a69b1758962022-01-11 12:22:13.834root 11241100x80000000000000003915532Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:13.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c69e38646ad98b102022-01-11 12:22:13.834root 11241100x80000000000000003915533Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:13.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b24b5a978c794702022-01-11 12:22:13.834root 11241100x80000000000000003915534Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:13.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f803d09c93851152022-01-11 12:22:13.834root 11241100x80000000000000003915535Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:13.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db6ef9e67bca34782022-01-11 12:22:13.834root 11241100x80000000000000003915536Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:13.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db428740b7dc62472022-01-11 12:22:13.834root 11241100x80000000000000003915537Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:13.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.675e46c21296556a2022-01-11 12:22:13.834root 11241100x80000000000000003915538Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:13.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3cfcb27d3e202d022022-01-11 12:22:13.834root 11241100x80000000000000003915539Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:13.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4dffb2c9e8c10572022-01-11 12:22:13.834root 11241100x80000000000000003915540Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:13.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b2ff4fa0f8562a62022-01-11 12:22:13.835root 11241100x80000000000000003915541Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:13.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0e17377c30fffb82022-01-11 12:22:13.835root 11241100x80000000000000003915542Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:13.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56e4d35953f96d272022-01-11 12:22:13.835root 11241100x80000000000000003915543Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:13.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f5bf5bcc624ccc2c2022-01-11 12:22:13.835root 11241100x80000000000000003915544Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:13.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c684913a73a9e2d22022-01-11 12:22:13.835root 11241100x80000000000000003915545Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:13.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67a846ef0d84da2e2022-01-11 12:22:13.835root 11241100x80000000000000003915546Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:13.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.935ba0a4ba1bd6b82022-01-11 12:22:13.835root 11241100x80000000000000003915547Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:14.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b23255a6f3064852022-01-11 12:22:14.333root 11241100x80000000000000003915548Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:14.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b8bb6a751586978b2022-01-11 12:22:14.333root 11241100x80000000000000003915549Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:14.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb04284adc4e9e102022-01-11 12:22:14.333root 11241100x80000000000000003915550Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:14.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7214c1afb651478f2022-01-11 12:22:14.333root 11241100x80000000000000003915551Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:14.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be9cdbdd2c4f96f82022-01-11 12:22:14.333root 11241100x80000000000000003915552Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:14.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0beebe50e4c8a4b32022-01-11 12:22:14.334root 11241100x80000000000000003915553Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:14.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd1dae984bb4d48f2022-01-11 12:22:14.334root 11241100x80000000000000003915554Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:14.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbcda1ad861b35b82022-01-11 12:22:14.334root 11241100x80000000000000003915555Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:14.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1912d33b1c16e4cb2022-01-11 12:22:14.334root 11241100x80000000000000003915556Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:14.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a32dfd294a63b472022-01-11 12:22:14.334root 11241100x80000000000000003915557Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:14.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cbede76f11ef8a022022-01-11 12:22:14.334root 11241100x80000000000000003915558Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:14.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.78a5ed29eef729032022-01-11 12:22:14.334root 11241100x80000000000000003915559Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:14.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d594584e9896e8f2022-01-11 12:22:14.334root 11241100x80000000000000003915560Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:14.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3f603a74e3020ba2022-01-11 12:22:14.334root 11241100x80000000000000003915561Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:14.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e4a3c0efdec3c2f2022-01-11 12:22:14.334root 11241100x80000000000000003915562Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:14.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1f95ec1cb70729b2022-01-11 12:22:14.334root 11241100x80000000000000003915563Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:14.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4121b7877d9c35e62022-01-11 12:22:14.334root 11241100x80000000000000003915564Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:14.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f2b14fd44c565892022-01-11 12:22:14.334root 11241100x80000000000000003915565Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:14.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3cc1e5cf4a9c1282022-01-11 12:22:14.334root 11241100x80000000000000003915566Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:14.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1059ad6a3f6122302022-01-11 12:22:14.834root 11241100x80000000000000003915567Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:14.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6351c8c0e106728e2022-01-11 12:22:14.834root 11241100x80000000000000003915568Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:14.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.27bc9d2aaff93aa02022-01-11 12:22:14.834root 11241100x80000000000000003915569Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:14.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.412dfc01262538ad2022-01-11 12:22:14.834root 11241100x80000000000000003915570Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:14.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad327108b26600762022-01-11 12:22:14.834root 11241100x80000000000000003915571Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:14.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f69479fca108b8b2022-01-11 12:22:14.834root 11241100x80000000000000003915572Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:14.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f5df7d6ba0d9217c2022-01-11 12:22:14.834root 11241100x80000000000000003915573Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:14.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a4800fe2348f3f62022-01-11 12:22:14.834root 11241100x80000000000000003915574Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:14.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11203d8ceeafbf8b2022-01-11 12:22:14.834root 11241100x80000000000000003915575Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:14.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8eee446fb509e7822022-01-11 12:22:14.834root 11241100x80000000000000003915576Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:14.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf929c98e62d167c2022-01-11 12:22:14.834root 11241100x80000000000000003915577Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:14.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9abb070a606b375b2022-01-11 12:22:14.834root 11241100x80000000000000003915578Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:14.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef36f78adc3d2ea92022-01-11 12:22:14.835root 11241100x80000000000000003915579Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:14.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76fa3b86f5ef65e62022-01-11 12:22:14.835root 11241100x80000000000000003915580Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:14.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.463eeb4e7838bb292022-01-11 12:22:14.835root 11241100x80000000000000003915581Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:14.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4db26656b4bc9fa2022-01-11 12:22:14.835root 11241100x80000000000000003915582Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:14.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d71c97b09a5c247d2022-01-11 12:22:14.835root 11241100x80000000000000003915583Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:14.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9483bd60c6aa559f2022-01-11 12:22:14.835root 11241100x80000000000000003915584Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:14.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a17f8baafa1d04b2022-01-11 12:22:14.835root 11241100x80000000000000003915585Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:15.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e56199c3421a59602022-01-11 12:22:15.334root 11241100x80000000000000003915586Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:15.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4fa5351b6aa2c6d2022-01-11 12:22:15.334root 11241100x80000000000000003915587Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:15.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1cb28b851c852be52022-01-11 12:22:15.334root 11241100x80000000000000003915588Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:15.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b2ff8319304cfae2022-01-11 12:22:15.334root 11241100x80000000000000003915589Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:15.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb58810bf44957a02022-01-11 12:22:15.334root 11241100x80000000000000003915590Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:15.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d6cfbe2029012ac2022-01-11 12:22:15.334root 11241100x80000000000000003915591Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:15.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e42b98945f512622022-01-11 12:22:15.334root 11241100x80000000000000003915592Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:15.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3275fcc9821515c82022-01-11 12:22:15.334root 11241100x80000000000000003915593Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:15.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a937e7537aa831692022-01-11 12:22:15.334root 11241100x80000000000000003915594Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:15.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fcd00086e87efc7d2022-01-11 12:22:15.334root 11241100x80000000000000003915595Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:15.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5df03815ab5ef5692022-01-11 12:22:15.334root 11241100x80000000000000003915596Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:15.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.60fa4d5712f14b982022-01-11 12:22:15.335root 11241100x80000000000000003915597Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:15.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d599c1f75010501f2022-01-11 12:22:15.335root 11241100x80000000000000003915598Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:15.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.578b41492796e3c22022-01-11 12:22:15.335root 11241100x80000000000000003915599Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:15.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.483722c523073cf52022-01-11 12:22:15.335root 11241100x80000000000000003915600Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:15.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f1f3b0d7e88af602022-01-11 12:22:15.335root 11241100x80000000000000003915601Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:15.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.412ddd5789e0d4a22022-01-11 12:22:15.335root 11241100x80000000000000003915602Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:15.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b77073b9126772dd2022-01-11 12:22:15.335root 11241100x80000000000000003915603Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:15.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ae3fa3569a6a4d92022-01-11 12:22:15.335root 11241100x80000000000000003915604Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:15.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c20fb97d2decab72022-01-11 12:22:15.833root 11241100x80000000000000003915605Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:15.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ca2a11a43ae89e12022-01-11 12:22:15.833root 11241100x80000000000000003915606Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:15.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6911fe37d60de62f2022-01-11 12:22:15.834root 11241100x80000000000000003915607Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:15.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8810831580687552022-01-11 12:22:15.834root 11241100x80000000000000003915608Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:15.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.262b06d71641be252022-01-11 12:22:15.834root 11241100x80000000000000003915609Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:15.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7cb7b80e4d8bf1312022-01-11 12:22:15.834root 11241100x80000000000000003915610Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:15.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7c547aad182fc8a2022-01-11 12:22:15.834root 11241100x80000000000000003915611Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:15.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f48f648135b117462022-01-11 12:22:15.834root 11241100x80000000000000003915612Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:15.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f081481ba38067c2022-01-11 12:22:15.834root 11241100x80000000000000003915613Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:15.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5742e5f8b9fed71c2022-01-11 12:22:15.834root 11241100x80000000000000003915614Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:15.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.70bf67395c8c1d722022-01-11 12:22:15.834root 11241100x80000000000000003915615Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:15.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4b5c1039823d63d2022-01-11 12:22:15.834root 11241100x80000000000000003915616Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:15.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b642f73549796802022-01-11 12:22:15.834root 11241100x80000000000000003915617Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:15.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b39d486ce8da60c92022-01-11 12:22:15.834root 11241100x80000000000000003915618Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:15.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21bad895d9887a292022-01-11 12:22:15.835root 11241100x80000000000000003915619Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:15.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6df458322f3a032e2022-01-11 12:22:15.835root 11241100x80000000000000003915620Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:15.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0a2411eef7764752022-01-11 12:22:15.835root 11241100x80000000000000003915621Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:15.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.178ee280651e4ad32022-01-11 12:22:15.835root 11241100x80000000000000003915622Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:15.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0dff64bfe0ec2e52022-01-11 12:22:15.835root 354300x80000000000000003915623Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:16.068{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56338-false10.0.1.12-8000- 11241100x80000000000000003915624Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:16.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44146d5af745f3b32022-01-11 12:22:16.334root 11241100x80000000000000003915625Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:16.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1929c308063b64a2022-01-11 12:22:16.334root 11241100x80000000000000003915626Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:16.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01e5d34083146ce12022-01-11 12:22:16.334root 11241100x80000000000000003915627Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:16.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.453cf4085e0a00e62022-01-11 12:22:16.334root 11241100x80000000000000003915628Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:16.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3739b9fd1111c4d62022-01-11 12:22:16.334root 11241100x80000000000000003915629Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:16.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4a8cda1de405d4b2022-01-11 12:22:16.334root 11241100x80000000000000003915630Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:16.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.751c3fafae2fadf92022-01-11 12:22:16.334root 11241100x80000000000000003915631Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:16.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea976fc2809e2c5a2022-01-11 12:22:16.334root 11241100x80000000000000003915632Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:16.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93e0702ef9b2869e2022-01-11 12:22:16.334root 11241100x80000000000000003915633Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:16.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.566a593a6a7c246e2022-01-11 12:22:16.334root 11241100x80000000000000003915634Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:16.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f95c8c142d9414dc2022-01-11 12:22:16.334root 11241100x80000000000000003915635Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:16.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ecb0228c40646092022-01-11 12:22:16.334root 11241100x80000000000000003915636Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:16.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f29f197e061f07c42022-01-11 12:22:16.335root 11241100x80000000000000003915637Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:16.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0142438ff04e1a422022-01-11 12:22:16.335root 11241100x80000000000000003915638Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:16.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15103aea0012508b2022-01-11 12:22:16.335root 11241100x80000000000000003915639Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:16.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.073e3f70ef093dc92022-01-11 12:22:16.335root 11241100x80000000000000003915640Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:16.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad2b8ff1d02f597e2022-01-11 12:22:16.335root 11241100x80000000000000003915641Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:16.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a95b869c11ab8a212022-01-11 12:22:16.335root 11241100x80000000000000003915642Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:16.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11d69bf53972854c2022-01-11 12:22:16.335root 11241100x80000000000000003915643Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:16.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b585498388241e882022-01-11 12:22:16.335root 11241100x80000000000000003915644Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:16.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.359fd8898bd5093f2022-01-11 12:22:16.834root 11241100x80000000000000003915645Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:16.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5557403514d78e0f2022-01-11 12:22:16.834root 11241100x80000000000000003915646Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:16.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f65a5cd403a1177b2022-01-11 12:22:16.834root 11241100x80000000000000003915647Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:16.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f117e6bbe8aa75fa2022-01-11 12:22:16.834root 11241100x80000000000000003915648Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:16.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e002590039d3cfb52022-01-11 12:22:16.834root 11241100x80000000000000003915649Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:16.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61657d2a1719b12d2022-01-11 12:22:16.834root 11241100x80000000000000003915650Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:16.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2325d1cfd917564f2022-01-11 12:22:16.834root 11241100x80000000000000003915651Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:16.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.87c9d9d3c507156b2022-01-11 12:22:16.834root 11241100x80000000000000003915652Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:16.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a4f79e885f443e72022-01-11 12:22:16.834root 11241100x80000000000000003915653Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:16.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0160b8b2f8b78522022-01-11 12:22:16.834root 11241100x80000000000000003915654Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:16.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0629f48069d81a132022-01-11 12:22:16.835root 11241100x80000000000000003915655Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:16.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.345b02a4c198f6592022-01-11 12:22:16.835root 11241100x80000000000000003915656Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:16.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f74f4137107304582022-01-11 12:22:16.835root 11241100x80000000000000003915657Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:16.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f32446254704ee92022-01-11 12:22:16.835root 11241100x80000000000000003915658Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:16.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7cb15a77916734722022-01-11 12:22:16.835root 11241100x80000000000000003915659Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:16.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.266e1c7e0962147e2022-01-11 12:22:16.835root 11241100x80000000000000003915660Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:16.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a56df437e671da6d2022-01-11 12:22:16.835root 11241100x80000000000000003915661Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:16.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6dfb036247fbfd682022-01-11 12:22:16.835root 11241100x80000000000000003915662Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:16.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2974fe870293b4b2022-01-11 12:22:16.835root 11241100x80000000000000003915663Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:16.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4407928da69d4a122022-01-11 12:22:16.835root 11241100x80000000000000003915664Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:17.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7cbcf161b5c83dad2022-01-11 12:22:17.333root 11241100x80000000000000003915665Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:17.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21c100359b864eb72022-01-11 12:22:17.333root 11241100x80000000000000003915666Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:17.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee493711d53021102022-01-11 12:22:17.333root 11241100x80000000000000003915667Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:17.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.799f72401056780a2022-01-11 12:22:17.334root 11241100x80000000000000003915668Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:17.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d991dcbe554a6cc42022-01-11 12:22:17.334root 11241100x80000000000000003915669Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:17.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9dfbc1064f646a042022-01-11 12:22:17.334root 11241100x80000000000000003915670Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:17.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b22ebc447d449022022-01-11 12:22:17.334root 11241100x80000000000000003915671Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:17.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b12f05e24c679dd62022-01-11 12:22:17.334root 11241100x80000000000000003915672Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:17.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2fb5c7d6603c2dfc2022-01-11 12:22:17.334root 11241100x80000000000000003915673Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:17.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50b5832e72eff25b2022-01-11 12:22:17.334root 11241100x80000000000000003915674Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:17.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.765f4e1d1d0537442022-01-11 12:22:17.334root 11241100x80000000000000003915675Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:17.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a02e699fc828f21c2022-01-11 12:22:17.334root 11241100x80000000000000003915676Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:17.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b8fed1728cefdd02022-01-11 12:22:17.334root 11241100x80000000000000003915677Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:17.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4db36ad68648c5cc2022-01-11 12:22:17.334root 11241100x80000000000000003915678Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:17.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b5e3564ec215e97b2022-01-11 12:22:17.334root 11241100x80000000000000003915679Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:17.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd1867d5dfc377a82022-01-11 12:22:17.334root 11241100x80000000000000003915680Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:17.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f32f7877a82c2902022-01-11 12:22:17.334root 11241100x80000000000000003915681Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:17.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cde0962cbe15f5082022-01-11 12:22:17.334root 11241100x80000000000000003915682Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:17.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4835e9a2a40105642022-01-11 12:22:17.335root 11241100x80000000000000003915683Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:17.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.915e98e0ec8e549f2022-01-11 12:22:17.335root 11241100x80000000000000003915684Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:17.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91e62b6241a332d42022-01-11 12:22:17.834root 11241100x80000000000000003915685Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:17.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.772043d9a396d8542022-01-11 12:22:17.834root 11241100x80000000000000003915686Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:17.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e0e7f44394e51cc2022-01-11 12:22:17.834root 11241100x80000000000000003915687Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:17.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a9e95ca3a145b152022-01-11 12:22:17.834root 11241100x80000000000000003915688Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:17.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a74b56fdddea6972022-01-11 12:22:17.834root 11241100x80000000000000003915689Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:17.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb7db4f0dc293de32022-01-11 12:22:17.834root 11241100x80000000000000003915690Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:17.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d44977d1737e6102022-01-11 12:22:17.834root 11241100x80000000000000003915691Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:17.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ceb003383c250c342022-01-11 12:22:17.834root 11241100x80000000000000003915692Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:17.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b12f092f011fa6a52022-01-11 12:22:17.834root 11241100x80000000000000003915693Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:17.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f67b5b83224d2afa2022-01-11 12:22:17.834root 11241100x80000000000000003915694Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:17.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5192f0a1ab82f9512022-01-11 12:22:17.835root 11241100x80000000000000003915695Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:17.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef78a91975d3d1892022-01-11 12:22:17.835root 11241100x80000000000000003915696Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:17.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.833ed6ca41cf5ba32022-01-11 12:22:17.835root 11241100x80000000000000003915697Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:17.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf3fb5889c6540bb2022-01-11 12:22:17.835root 11241100x80000000000000003915698Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:17.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.594f7c1c0ce958812022-01-11 12:22:17.835root 11241100x80000000000000003915699Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:17.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a204d67a567bd662022-01-11 12:22:17.835root 11241100x80000000000000003915700Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:17.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1813465f2a72a2a2022-01-11 12:22:17.835root 11241100x80000000000000003915701Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:17.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe9ef94b5bcaf53d2022-01-11 12:22:17.835root 11241100x80000000000000003915702Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:17.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34b33d29d1fb1beb2022-01-11 12:22:17.835root 11241100x80000000000000003915703Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:17.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b849e391a5c208402022-01-11 12:22:17.835root 11241100x80000000000000003915704Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:18.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d08d3837cccf3d22022-01-11 12:22:18.333root 11241100x80000000000000003915705Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:18.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.194c3f435e6c52102022-01-11 12:22:18.333root 11241100x80000000000000003915706Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:18.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f9d9a58abcf14e282022-01-11 12:22:18.334root 11241100x80000000000000003915707Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:18.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b05f629f9322355a2022-01-11 12:22:18.334root 11241100x80000000000000003915708Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:18.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6c7f05bb591c92f2022-01-11 12:22:18.334root 11241100x80000000000000003915709Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:18.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a898a8dd1817d152022-01-11 12:22:18.334root 11241100x80000000000000003915710Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:18.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9dee08b79d9ce6b02022-01-11 12:22:18.334root 11241100x80000000000000003915711Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:18.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.234b04b8eaa564142022-01-11 12:22:18.334root 11241100x80000000000000003915712Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:18.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b67e5caa47d18be02022-01-11 12:22:18.334root 11241100x80000000000000003915713Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:18.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e333a64e3e6d35c2022-01-11 12:22:18.334root 11241100x80000000000000003915714Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:18.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.adcfe0e03d7992bc2022-01-11 12:22:18.334root 11241100x80000000000000003915715Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:18.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.78f1eed5b3b6e8732022-01-11 12:22:18.334root 11241100x80000000000000003915716Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:18.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.382a683fb191958d2022-01-11 12:22:18.334root 11241100x80000000000000003915717Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:18.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c519f21ce939b8a2022-01-11 12:22:18.334root 11241100x80000000000000003915718Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:18.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f84ed304c21ebc02022-01-11 12:22:18.334root 11241100x80000000000000003915719Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:18.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.842db2c842fee33c2022-01-11 12:22:18.334root 11241100x80000000000000003915720Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:18.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26eeb887ac457a052022-01-11 12:22:18.334root 11241100x80000000000000003915721Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:18.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.184fbddc90585e702022-01-11 12:22:18.334root 11241100x80000000000000003915722Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:18.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0173af5069b031c2022-01-11 12:22:18.335root 11241100x80000000000000003915723Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:18.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89b3a07a3296e6d12022-01-11 12:22:18.335root 11241100x80000000000000003915724Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:18.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05373bd8d334b0172022-01-11 12:22:18.834root 11241100x80000000000000003915725Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:18.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb17675f0f8dc58a2022-01-11 12:22:18.834root 11241100x80000000000000003915726Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:18.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.99849ecef17488962022-01-11 12:22:18.834root 11241100x80000000000000003915727Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:18.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a5721a2c9beca072022-01-11 12:22:18.834root 11241100x80000000000000003915728Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:18.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.58d2f72f4f68ffa82022-01-11 12:22:18.834root 11241100x80000000000000003915729Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:18.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da9bf8154b258ef82022-01-11 12:22:18.834root 11241100x80000000000000003915730Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:18.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cbfd45d35d927f6a2022-01-11 12:22:18.834root 11241100x80000000000000003915731Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:18.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f14c1a9d95b659c02022-01-11 12:22:18.834root 11241100x80000000000000003915732Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:18.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d0b6f5153471c472022-01-11 12:22:18.834root 11241100x80000000000000003915733Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:18.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6713a01ec92d25bb2022-01-11 12:22:18.834root 11241100x80000000000000003915734Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:18.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.45b3d6d8389319ed2022-01-11 12:22:18.835root 11241100x80000000000000003915735Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:18.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8cf4886ef4a0b5e82022-01-11 12:22:18.835root 11241100x80000000000000003915736Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:18.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.506f79a34e9d37442022-01-11 12:22:18.835root 11241100x80000000000000003915737Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:18.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9096c954669d0dc2022-01-11 12:22:18.835root 11241100x80000000000000003915738Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:18.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89f464451f55e0fd2022-01-11 12:22:18.835root 11241100x80000000000000003915739Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:18.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33da01f2cc778e672022-01-11 12:22:18.835root 11241100x80000000000000003915740Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:18.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aabdae6744d767682022-01-11 12:22:18.835root 11241100x80000000000000003915741Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:18.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.939dc8c08d0b37772022-01-11 12:22:18.835root 11241100x80000000000000003915742Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:18.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.963e3b2db482b6f82022-01-11 12:22:18.835root 11241100x80000000000000003915743Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:18.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0cdea3f1c4ac2c622022-01-11 12:22:18.835root 11241100x80000000000000003915744Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:19.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2802958cd0a80272022-01-11 12:22:19.334root 11241100x80000000000000003915745Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:19.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d90edc1e248dc1d12022-01-11 12:22:19.334root 11241100x80000000000000003915746Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:19.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39593809642c57ad2022-01-11 12:22:19.334root 11241100x80000000000000003915747Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:19.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.020a5766ad84507b2022-01-11 12:22:19.334root 11241100x80000000000000003915748Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:19.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74ba64688407db792022-01-11 12:22:19.334root 11241100x80000000000000003915749Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:19.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a0010ed150043222022-01-11 12:22:19.334root 11241100x80000000000000003915750Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:19.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff71b80b63bd9e182022-01-11 12:22:19.334root 11241100x80000000000000003915751Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:19.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ad320bba0da81af2022-01-11 12:22:19.335root 11241100x80000000000000003915752Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:19.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac8ac7ccd1efc5022022-01-11 12:22:19.335root 11241100x80000000000000003915753Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:19.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.756c33c97b4011692022-01-11 12:22:19.335root 11241100x80000000000000003915754Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:19.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15426c30064852472022-01-11 12:22:19.335root 11241100x80000000000000003915755Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:19.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20be1e6e4028bc262022-01-11 12:22:19.335root 11241100x80000000000000003915756Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:19.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a72ef3c73c929602022-01-11 12:22:19.335root 11241100x80000000000000003915757Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:19.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69ef86f6e97ed5062022-01-11 12:22:19.335root 11241100x80000000000000003915758Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:19.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34d56f8dc332ff632022-01-11 12:22:19.335root 11241100x80000000000000003915759Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:19.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2375faea9c888d992022-01-11 12:22:19.335root 11241100x80000000000000003915760Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:19.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1e9011327c1db12c2022-01-11 12:22:19.335root 11241100x80000000000000003915761Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:19.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4df9f9beaeaf23ca2022-01-11 12:22:19.335root 11241100x80000000000000003915762Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:19.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c417d08e0d7f78f62022-01-11 12:22:19.336root 11241100x80000000000000003915763Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:19.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67851a4f0947d4e72022-01-11 12:22:19.336root 11241100x80000000000000003915764Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:19.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41d1cd47336143e12022-01-11 12:22:19.833root 11241100x80000000000000003915765Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:19.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c21678fa76053afb2022-01-11 12:22:19.833root 11241100x80000000000000003915766Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:19.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fad426f942fe0ece2022-01-11 12:22:19.833root 11241100x80000000000000003915767Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:19.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c896a25f0e3b2742022-01-11 12:22:19.834root 11241100x80000000000000003915768Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:19.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de871aaa7b9ae7a72022-01-11 12:22:19.834root 11241100x80000000000000003915769Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:19.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.001d27f0ea9b20242022-01-11 12:22:19.834root 11241100x80000000000000003915770Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:19.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.263d4ced2f9dfd642022-01-11 12:22:19.834root 11241100x80000000000000003915771Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:19.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.350e61d66d544cec2022-01-11 12:22:19.834root 11241100x80000000000000003915772Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:19.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.684f12b8b4304bb42022-01-11 12:22:19.834root 11241100x80000000000000003915773Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:19.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0fa42fd0aae897e2022-01-11 12:22:19.834root 11241100x80000000000000003915774Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:19.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6bc2c64febd12f8e2022-01-11 12:22:19.834root 11241100x80000000000000003915775Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:19.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32324358b9a4ea802022-01-11 12:22:19.834root 11241100x80000000000000003915776Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:19.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c48b2668d654f67f2022-01-11 12:22:19.834root 11241100x80000000000000003915777Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:19.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.626e21b25eba85ee2022-01-11 12:22:19.834root 11241100x80000000000000003915778Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:19.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c7223b82f1b97012022-01-11 12:22:19.835root 11241100x80000000000000003915779Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:19.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05e882702a39595c2022-01-11 12:22:19.835root 11241100x80000000000000003915780Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:19.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95d206b7916759122022-01-11 12:22:19.835root 11241100x80000000000000003915781Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:19.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.080c3cf9c17dbeaa2022-01-11 12:22:19.835root 11241100x80000000000000003915782Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:19.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7a43904b25a159c2022-01-11 12:22:19.835root 11241100x80000000000000003915783Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:19.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.834a3063b2fbdeb62022-01-11 12:22:19.835root 11241100x80000000000000003915784Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:20.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b8669ff6d49a02bb2022-01-11 12:22:20.334root 11241100x80000000000000003915785Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:20.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab13c0f0ca27a1692022-01-11 12:22:20.334root 11241100x80000000000000003915786Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:20.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5bea9744f9612afe2022-01-11 12:22:20.334root 11241100x80000000000000003915787Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:20.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e139b674789a5f62022-01-11 12:22:20.334root 11241100x80000000000000003915788Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:20.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3991d2110cbe80f22022-01-11 12:22:20.334root 11241100x80000000000000003915789Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:20.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6feb380daf1ddaa2022-01-11 12:22:20.334root 11241100x80000000000000003915790Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:20.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e37f8ca763feb8b2022-01-11 12:22:20.334root 11241100x80000000000000003915791Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:20.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02c42d376db7f39a2022-01-11 12:22:20.334root 11241100x80000000000000003915792Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:20.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e30e015496912ae2022-01-11 12:22:20.335root 11241100x80000000000000003915793Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:20.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b812ced0e28fec022022-01-11 12:22:20.335root 11241100x80000000000000003915794Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:20.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3320f0c1c87edec82022-01-11 12:22:20.335root 11241100x80000000000000003915795Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:20.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8751acbd064081432022-01-11 12:22:20.335root 11241100x80000000000000003915796Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:20.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22e6256078afc4062022-01-11 12:22:20.335root 11241100x80000000000000003915797Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:20.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a325456dbf75507d2022-01-11 12:22:20.335root 11241100x80000000000000003915798Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:20.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb1f075fdebff0c92022-01-11 12:22:20.335root 11241100x80000000000000003915799Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:20.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ea395ba817d16952022-01-11 12:22:20.335root 11241100x80000000000000003915800Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:20.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7bd325d5a17b51932022-01-11 12:22:20.335root 11241100x80000000000000003915801Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:20.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.960e6b4da6261a3d2022-01-11 12:22:20.335root 11241100x80000000000000003915802Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:20.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3af9ff1373c7a33b2022-01-11 12:22:20.336root 11241100x80000000000000003915803Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:20.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba967a65e09749022022-01-11 12:22:20.336root 11241100x80000000000000003915804Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:20.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f790b58aa77b0d72022-01-11 12:22:20.834root 11241100x80000000000000003915805Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:20.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b689c8ec3e0a0f62022-01-11 12:22:20.834root 11241100x80000000000000003915806Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:20.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0faa9770475782b02022-01-11 12:22:20.834root 11241100x80000000000000003915807Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:20.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.24b2bd6792e170702022-01-11 12:22:20.834root 11241100x80000000000000003915808Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:20.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e46013398fb4dbb52022-01-11 12:22:20.834root 11241100x80000000000000003915809Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:20.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63f982fd61622c662022-01-11 12:22:20.834root 11241100x80000000000000003915810Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:20.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f6d94c916fd68342022-01-11 12:22:20.834root 11241100x80000000000000003915811Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:20.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.587cde84ee3499c12022-01-11 12:22:20.834root 11241100x80000000000000003915812Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:20.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a13a3ea2d07e72642022-01-11 12:22:20.835root 11241100x80000000000000003915813Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:20.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b11cf49ac5affb7b2022-01-11 12:22:20.835root 11241100x80000000000000003915814Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:20.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0cbbc9e592928df82022-01-11 12:22:20.835root 11241100x80000000000000003915815Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:20.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa37868a6faace9f2022-01-11 12:22:20.835root 11241100x80000000000000003915816Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:20.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80d9b3e0146ed9b42022-01-11 12:22:20.835root 11241100x80000000000000003915817Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:20.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6da346e87ab51eea2022-01-11 12:22:20.835root 11241100x80000000000000003915818Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:20.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0b4efbf1b4ae0be2022-01-11 12:22:20.835root 11241100x80000000000000003915819Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:20.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72d17eeb73e6b41b2022-01-11 12:22:20.835root 11241100x80000000000000003915820Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:20.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3d4c6d46188b7b12022-01-11 12:22:20.835root 11241100x80000000000000003915821Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:20.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48a9b34a333aa7fa2022-01-11 12:22:20.835root 11241100x80000000000000003915822Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:20.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2088e28223e932dc2022-01-11 12:22:20.836root 11241100x80000000000000003915823Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:20.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6bfdd6a7298981e2022-01-11 12:22:20.836root 354300x80000000000000003915824Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.160{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56340-false10.0.1.12-8000- 11241100x80000000000000003915825Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.161{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4a7c058c08ed2702022-01-11 12:22:21.161root 11241100x80000000000000003915826Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.161{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16b9283d8feb0b282022-01-11 12:22:21.161root 11241100x80000000000000003915827Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.161{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2026719285f98e352022-01-11 12:22:21.161root 11241100x80000000000000003915828Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.161{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.200cbf4e3e63775a2022-01-11 12:22:21.161root 11241100x80000000000000003915829Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.161{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb2554558996f1122022-01-11 12:22:21.161root 11241100x80000000000000003915830Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.161{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1802693cd21f682a2022-01-11 12:22:21.161root 11241100x80000000000000003915831Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.161{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ecf3ae1d93e62df2022-01-11 12:22:21.161root 11241100x80000000000000003915832Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.161{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6273a5ea718a51d12022-01-11 12:22:21.161root 11241100x80000000000000003915833Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.161{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0ac6d8145e256ca2022-01-11 12:22:21.161root 11241100x80000000000000003915834Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.161{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34cae0591d6934902022-01-11 12:22:21.161root 11241100x80000000000000003915835Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.161{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ed2b6df880231e62022-01-11 12:22:21.161root 11241100x80000000000000003915836Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.162{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f4abfd06dbafe5072022-01-11 12:22:21.162root 11241100x80000000000000003915837Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.162{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbca1c913bfc87bc2022-01-11 12:22:21.162root 11241100x80000000000000003915838Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.162{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b36ad13f96a781c2022-01-11 12:22:21.162root 11241100x80000000000000003915839Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.162{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b97cd272cf4b9ad2022-01-11 12:22:21.162root 11241100x80000000000000003915840Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.162{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f91e8c0811c8ddfe2022-01-11 12:22:21.162root 11241100x80000000000000003915841Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.162{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.257e988fe194d7212022-01-11 12:22:21.162root 11241100x80000000000000003915842Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.162{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b6d25191cee73ce2022-01-11 12:22:21.162root 11241100x80000000000000003915843Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.162{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72c17498a27a027b2022-01-11 12:22:21.162root 11241100x80000000000000003915844Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.162{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1cadbc0d350db6da2022-01-11 12:22:21.162root 11241100x80000000000000003915845Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.162{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7b5f1e9fce8972d2022-01-11 12:22:21.162root 11241100x80000000000000003915846Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.162{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0bab3512d41c59e22022-01-11 12:22:21.162root 11241100x80000000000000003915847Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.162{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b20c7bae096b1fe72022-01-11 12:22:21.162root 11241100x80000000000000003915848Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.163{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dcf9d8d51e694e582022-01-11 12:22:21.163root 11241100x80000000000000003915849Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.163{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.901f7384ad1ba8992022-01-11 12:22:21.163root 11241100x80000000000000003915850Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.163{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f2287982dce80842022-01-11 12:22:21.163root 11241100x80000000000000003915851Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.163{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3297e8c28f7745e82022-01-11 12:22:21.163root 11241100x80000000000000003915852Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.163{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.005628544d82e31b2022-01-11 12:22:21.163root 11241100x80000000000000003915853Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0cdb3e71692c61272022-01-11 12:22:21.584root 11241100x80000000000000003915854Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7ccef966c3dc31e2022-01-11 12:22:21.584root 11241100x80000000000000003915855Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5dac5e6b211ebff72022-01-11 12:22:21.584root 11241100x80000000000000003915856Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e27bda30d2ae7a8b2022-01-11 12:22:21.584root 11241100x80000000000000003915857Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26f38dee93d366c62022-01-11 12:22:21.584root 11241100x80000000000000003915858Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f615338bb8d02f792022-01-11 12:22:21.584root 11241100x80000000000000003915859Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.768080777df758342022-01-11 12:22:21.584root 11241100x80000000000000003915860Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe211e8521d340f62022-01-11 12:22:21.584root 11241100x80000000000000003915861Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd84bf8de82027d32022-01-11 12:22:21.584root 11241100x80000000000000003915862Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55556c20e87f85382022-01-11 12:22:21.584root 11241100x80000000000000003915863Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8bcb4dff9cfb4f842022-01-11 12:22:21.584root 11241100x80000000000000003915864Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.faaad160ca479c452022-01-11 12:22:21.584root 11241100x80000000000000003915865Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aea3161d69225f082022-01-11 12:22:21.585root 11241100x80000000000000003915866Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7205809973cf8e132022-01-11 12:22:21.585root 11241100x80000000000000003915867Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4d8e852bc2892d012022-01-11 12:22:21.585root 11241100x80000000000000003915868Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8196f41f848c5e42022-01-11 12:22:21.585root 11241100x80000000000000003915869Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc9ce60e464d15902022-01-11 12:22:21.585root 11241100x80000000000000003915870Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4f50fd006e2555e2022-01-11 12:22:21.585root 11241100x80000000000000003915871Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.99a3423bc53572512022-01-11 12:22:21.585root 11241100x80000000000000003915872Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1b591a1714c66892022-01-11 12:22:21.585root 11241100x80000000000000003915873Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:21.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b22c94a2fe05e6792022-01-11 12:22:21.585root 11241100x80000000000000003915874Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:22.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d95e12c92f60a6fc2022-01-11 12:22:22.084root 11241100x80000000000000003915875Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:22.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.472e3e9560870b302022-01-11 12:22:22.084root 11241100x80000000000000003915876Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:22.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.31e119e15b6f79b42022-01-11 12:22:22.084root 11241100x80000000000000003915877Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:22.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b18e0eed2b8e2cda2022-01-11 12:22:22.084root 11241100x80000000000000003915878Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:22.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd67a6556b74f3112022-01-11 12:22:22.084root 11241100x80000000000000003915879Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:22.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68b463a3f8b5f9fc2022-01-11 12:22:22.084root 11241100x80000000000000003915880Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:22.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4640375ace99768a2022-01-11 12:22:22.084root 11241100x80000000000000003915881Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:22.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.665cdc64eac557a22022-01-11 12:22:22.084root 11241100x80000000000000003915882Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:22.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4baae74d3302d002022-01-11 12:22:22.084root 11241100x80000000000000003915883Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:22.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3434a6e7f909362f2022-01-11 12:22:22.085root 11241100x80000000000000003915884Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:22.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e3cc0fa1555991f2022-01-11 12:22:22.085root 11241100x80000000000000003915885Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:22.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.771c010ed0e31b7f2022-01-11 12:22:22.085root 11241100x80000000000000003915886Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:22.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bfd4182e330c473c2022-01-11 12:22:22.085root 11241100x80000000000000003915887Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:22.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47949c0a48dc199a2022-01-11 12:22:22.085root 11241100x80000000000000003915888Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:22.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d762561e169610692022-01-11 12:22:22.085root 11241100x80000000000000003915889Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:22.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.75b19aa3ab964d9e2022-01-11 12:22:22.085root 11241100x80000000000000003915890Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:22.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca19d71d23bad2502022-01-11 12:22:22.085root 11241100x80000000000000003915891Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:22.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d3f697251ab58f02022-01-11 12:22:22.085root 11241100x80000000000000003915892Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:22.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a8ab71a0a1117562022-01-11 12:22:22.085root 11241100x80000000000000003915893Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:22.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.358f0cf5b48209962022-01-11 12:22:22.085root 11241100x80000000000000003915894Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:22.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.201fe25dae209acd2022-01-11 12:22:22.086root 11241100x80000000000000003915895Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:22.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b510f635c22ba252022-01-11 12:22:22.583root 11241100x80000000000000003915896Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:22.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd1bf73a7e4570fc2022-01-11 12:22:22.583root 11241100x80000000000000003915897Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:22.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c93f14a3d058c7912022-01-11 12:22:22.583root 11241100x80000000000000003915898Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:22.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e74443f0a11b2ac72022-01-11 12:22:22.583root 11241100x80000000000000003915899Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:22.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f652ab6ac1c1d412022-01-11 12:22:22.583root 11241100x80000000000000003915900Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:22.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c2745176f3ef7d42022-01-11 12:22:22.583root 11241100x80000000000000003915901Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:22.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3bf6a41be330cd262022-01-11 12:22:22.584root 11241100x80000000000000003915902Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:22.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.98832edc213dea262022-01-11 12:22:22.584root 11241100x80000000000000003915903Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:22.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.289a02a6de500fb02022-01-11 12:22:22.584root 11241100x80000000000000003915904Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:22.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c016212599375d82022-01-11 12:22:22.584root 11241100x80000000000000003915905Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:22.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d9d97e646b041072022-01-11 12:22:22.584root 11241100x80000000000000003915906Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:22.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48fb1c175e2d4f9a2022-01-11 12:22:22.584root 11241100x80000000000000003915907Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:22.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.500cf548693f83222022-01-11 12:22:22.584root 11241100x80000000000000003915908Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:22.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0734a2bf0f2b605a2022-01-11 12:22:22.584root 11241100x80000000000000003915909Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:22.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e78bbd5dcb54ebb92022-01-11 12:22:22.584root 11241100x80000000000000003915910Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:22.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f42e1e597dac4dc62022-01-11 12:22:22.584root 11241100x80000000000000003915911Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:22.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4fc640603c382e7f2022-01-11 12:22:22.584root 11241100x80000000000000003915912Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:22.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f38d3f987f6dd862022-01-11 12:22:22.584root 11241100x80000000000000003915913Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:22.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e82c1635f340aab2022-01-11 12:22:22.584root 11241100x80000000000000003915914Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:22.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1af5324776c377e62022-01-11 12:22:22.584root 11241100x80000000000000003915915Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:22.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68381189199b8fd42022-01-11 12:22:22.584root 11241100x80000000000000003915916Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:23.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17077a9b4bf9420d2022-01-11 12:22:23.083root 11241100x80000000000000003915917Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:23.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38e7a0e99e1aa0492022-01-11 12:22:23.084root 11241100x80000000000000003915918Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:23.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.861eef9c24c5c27a2022-01-11 12:22:23.084root 11241100x80000000000000003915919Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:23.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf9bda2497007e462022-01-11 12:22:23.084root 11241100x80000000000000003915920Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:23.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c6148c14bae5c432022-01-11 12:22:23.085root 11241100x80000000000000003915921Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:23.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b61cec4253aec0322022-01-11 12:22:23.085root 11241100x80000000000000003915922Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:23.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8c32195c93b4d332022-01-11 12:22:23.085root 11241100x80000000000000003915923Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:23.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.03fa838a4b1aa7172022-01-11 12:22:23.085root 11241100x80000000000000003915924Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:23.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c7fc69f7b400ca72022-01-11 12:22:23.085root 11241100x80000000000000003915925Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:23.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69000dd86174ffac2022-01-11 12:22:23.085root 11241100x80000000000000003915926Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:23.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4aa6865169cbef32022-01-11 12:22:23.086root 11241100x80000000000000003915927Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:23.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db6afb0785e343002022-01-11 12:22:23.086root 11241100x80000000000000003915928Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:23.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe1b23007e3631502022-01-11 12:22:23.086root 11241100x80000000000000003915929Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:23.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e45228c79167b4242022-01-11 12:22:23.086root 11241100x80000000000000003915930Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:23.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37fa35cb8e7d784c2022-01-11 12:22:23.086root 11241100x80000000000000003915931Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:23.094{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42932627fe23da8b2022-01-11 12:22:23.094root 11241100x80000000000000003915932Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:23.094{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ed8c5369e443fdf2022-01-11 12:22:23.094root 11241100x80000000000000003915933Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:23.094{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.501355f73611c5332022-01-11 12:22:23.094root 11241100x80000000000000003915934Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:23.094{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4dbbeb1e02282a52022-01-11 12:22:23.094root 11241100x80000000000000003915935Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:23.094{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.350f21961eb985872022-01-11 12:22:23.094root 11241100x80000000000000003915936Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:23.094{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be108f355695b5042022-01-11 12:22:23.094root 11241100x80000000000000003915937Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:23.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.257aaf90c6d953992022-01-11 12:22:23.584root 11241100x80000000000000003915938Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:23.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.434e145309d67f122022-01-11 12:22:23.584root 11241100x80000000000000003915939Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:23.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f36ad1c2f71db3c22022-01-11 12:22:23.584root 11241100x80000000000000003915940Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:23.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.162d70ba665298102022-01-11 12:22:23.584root 11241100x80000000000000003915941Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:23.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8149c15dffb94f212022-01-11 12:22:23.584root 11241100x80000000000000003915942Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:23.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81b1dccf05774bed2022-01-11 12:22:23.584root 11241100x80000000000000003915943Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:23.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a887a1a43c715972022-01-11 12:22:23.584root 11241100x80000000000000003915944Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:23.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.85d3076ef2dd0b032022-01-11 12:22:23.585root 11241100x80000000000000003915945Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:23.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1cf075a196f32ea2022-01-11 12:22:23.585root 11241100x80000000000000003915946Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:23.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ecb6667e2b70d07e2022-01-11 12:22:23.585root 11241100x80000000000000003915947Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:23.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ef6ccd9fad2f31e2022-01-11 12:22:23.585root 11241100x80000000000000003915948Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:23.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6252fbd42a0b09d2022-01-11 12:22:23.585root 11241100x80000000000000003915949Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:23.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f5b60ae382f4052d2022-01-11 12:22:23.585root 11241100x80000000000000003915950Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:23.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb62345b79d952f72022-01-11 12:22:23.585root 11241100x80000000000000003915951Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:23.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dadcb5e78c1766152022-01-11 12:22:23.585root 11241100x80000000000000003915952Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:23.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2517347603924d5f2022-01-11 12:22:23.585root 11241100x80000000000000003915953Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:23.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e617a4f5fef59cfc2022-01-11 12:22:23.586root 11241100x80000000000000003915954Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:23.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.477a0dc2e917039c2022-01-11 12:22:23.586root 11241100x80000000000000003915955Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:23.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38dd9fa63e2b8d472022-01-11 12:22:23.586root 11241100x80000000000000003915956Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:23.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d10c9631ddd817822022-01-11 12:22:23.586root 11241100x80000000000000003915957Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:23.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d0d6b390db42fbba2022-01-11 12:22:23.586root 11241100x80000000000000003915958Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1648846bdb4415872022-01-11 12:22:24.084root 11241100x80000000000000003915959Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.043b91ad7b717ebc2022-01-11 12:22:24.084root 11241100x80000000000000003915960Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d8f824225886af52022-01-11 12:22:24.084root 11241100x80000000000000003915961Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ab717cbf88bdaa62022-01-11 12:22:24.084root 11241100x80000000000000003915962Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8214ddc6eeb323d32022-01-11 12:22:24.084root 11241100x80000000000000003915963Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.30c36351505652832022-01-11 12:22:24.084root 11241100x80000000000000003915964Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6719e66578ad5d42022-01-11 12:22:24.084root 11241100x80000000000000003915965Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7e3ef43b3007a892022-01-11 12:22:24.084root 11241100x80000000000000003915966Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8bd8f49769d197192022-01-11 12:22:24.084root 11241100x80000000000000003915967Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c2166ad9f5c0ae72022-01-11 12:22:24.085root 11241100x80000000000000003915968Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c8e52c9c4dcbb722022-01-11 12:22:24.085root 11241100x80000000000000003915969Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cee1846b779d5dfe2022-01-11 12:22:24.085root 11241100x80000000000000003915970Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b1ac55653839cca2022-01-11 12:22:24.085root 11241100x80000000000000003915971Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2bd259a9ab004162022-01-11 12:22:24.085root 11241100x80000000000000003915972Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.553a6ed09d2977cb2022-01-11 12:22:24.085root 11241100x80000000000000003915973Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f29093357d8dfa82022-01-11 12:22:24.085root 11241100x80000000000000003915974Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b8bfd99ec30c9292022-01-11 12:22:24.085root 11241100x80000000000000003915975Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88d66dc2287e7c2d2022-01-11 12:22:24.085root 11241100x80000000000000003915976Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.706001d507a113b22022-01-11 12:22:24.085root 11241100x80000000000000003915977Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39e0164c124d9b512022-01-11 12:22:24.085root 11241100x80000000000000003915978Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.317e56ee3de6413e2022-01-11 12:22:24.085root 11241100x80000000000000003915979Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a14d41a2bcf9a92f2022-01-11 12:22:24.583root 11241100x80000000000000003915980Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.905d654eee7b807f2022-01-11 12:22:24.583root 11241100x80000000000000003915981Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ab570678eb16ca22022-01-11 12:22:24.583root 11241100x80000000000000003915982Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.03916a90e53882de2022-01-11 12:22:24.584root 11241100x80000000000000003915983Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8e05db8663063e42022-01-11 12:22:24.584root 11241100x80000000000000003915984Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bccf494539edcc142022-01-11 12:22:24.584root 11241100x80000000000000003915985Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cabb77316bbb42db2022-01-11 12:22:24.584root 11241100x80000000000000003915986Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a048af560e2bb7c2022-01-11 12:22:24.584root 11241100x80000000000000003915987Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dcaf0ad06119f2592022-01-11 12:22:24.584root 11241100x80000000000000003915988Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.137150380d6eceba2022-01-11 12:22:24.584root 11241100x80000000000000003915989Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33d07c1cacdeabce2022-01-11 12:22:24.584root 11241100x80000000000000003915990Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b449f92a00b907e62022-01-11 12:22:24.584root 11241100x80000000000000003915991Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.656015f0329052102022-01-11 12:22:24.585root 11241100x80000000000000003915992Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5238ca30e1b5435c2022-01-11 12:22:24.585root 11241100x80000000000000003915993Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37e052e407ca003c2022-01-11 12:22:24.585root 11241100x80000000000000003915994Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b084d3c16483f352022-01-11 12:22:24.585root 11241100x80000000000000003915995Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f478fea7770f04a02022-01-11 12:22:24.585root 11241100x80000000000000003915996Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4011b0b027b8de9f2022-01-11 12:22:24.585root 11241100x80000000000000003915997Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d76e32efc3681282022-01-11 12:22:24.585root 11241100x80000000000000003915998Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72407f90cd68682a2022-01-11 12:22:24.585root 11241100x80000000000000003915999Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f7950fbb0c6e29ee2022-01-11 12:22:24.586root 11241100x80000000000000003916000Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.868348309b0eb23d2022-01-11 12:22:24.586root 11241100x80000000000000003916001Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.24881071e7ea8c512022-01-11 12:22:24.586root 11241100x80000000000000003916002Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.893{ec2d504d-f0f9-61db-30a8-2a40f5550000}5391/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log2022-01-11 12:22:24.893root 11241100x80000000000000003916003Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.894{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34ce63c169613e1b2022-01-11 12:22:24.894root 11241100x80000000000000003916004Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.894{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aca3abd1f187fddc2022-01-11 12:22:24.894root 11241100x80000000000000003916005Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.894{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6bc0c4be59ba2b92022-01-11 12:22:24.894root 11241100x80000000000000003916006Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.894{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.337ba7a4170777422022-01-11 12:22:24.894root 11241100x80000000000000003916007Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.894{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0b73c49939cc74e2022-01-11 12:22:24.894root 11241100x80000000000000003916008Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.894{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f32db14bb65cf0782022-01-11 12:22:24.894root 11241100x80000000000000003916009Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.895{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4af6573eb772dfe82022-01-11 12:22:24.895root 11241100x80000000000000003916010Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.895{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a29a6fb8a2326ec2022-01-11 12:22:24.895root 11241100x80000000000000003916011Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.895{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.923e9ba86f2796372022-01-11 12:22:24.895root 11241100x80000000000000003916012Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.895{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fb54d0c91c3ffd82022-01-11 12:22:24.895root 11241100x80000000000000003916013Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.895{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.adafb408d722fb7a2022-01-11 12:22:24.895root 11241100x80000000000000003916014Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.895{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.459a6422e05612e12022-01-11 12:22:24.895root 11241100x80000000000000003916015Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.895{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b33919ae83f59f732022-01-11 12:22:24.895root 11241100x80000000000000003916016Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.895{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1511b6bb977a4a52022-01-11 12:22:24.895root 11241100x80000000000000003916017Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.895{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7378d10bb56473692022-01-11 12:22:24.895root 11241100x80000000000000003916018Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.895{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b77a4a23a77e28b02022-01-11 12:22:24.895root 11241100x80000000000000003916019Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.895{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ee1fbe8d0b0852a2022-01-11 12:22:24.895root 11241100x80000000000000003916020Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.895{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.595388721fb3bf7d2022-01-11 12:22:24.895root 11241100x80000000000000003916021Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.895{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37c6072447b363992022-01-11 12:22:24.895root 11241100x80000000000000003916022Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.895{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.456cc36dba8b129f2022-01-11 12:22:24.895root 11241100x80000000000000003916023Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d280f396556ff5232022-01-11 12:22:24.896root 11241100x80000000000000003916024Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.13690470eeef01da2022-01-11 12:22:24.896root 11241100x80000000000000003916025Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a15512e1eac7fcdb2022-01-11 12:22:24.896root 11241100x80000000000000003916026Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46d9549a815ce35e2022-01-11 12:22:24.896root 354300x80000000000000003916027Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:24.961{ec2d504d-f0f9-61db-30a8-2a40f5550000}5391/opt/splunkforwarder/bin/splunkdroottcptruefalse10.0.1.25-34274-false10.0.1.12-8089- 11241100x80000000000000003916028Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:25.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5982ad90af2d5eac2022-01-11 12:22:25.334root 11241100x80000000000000003916029Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:25.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6c9b0111f74bb3f2022-01-11 12:22:25.334root 11241100x80000000000000003916030Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:25.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e56444313aa090e92022-01-11 12:22:25.334root 11241100x80000000000000003916031Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:25.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3fcf889c4bc12f732022-01-11 12:22:25.334root 11241100x80000000000000003916032Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:25.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22787860e53e37b02022-01-11 12:22:25.334root 11241100x80000000000000003916033Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:25.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be90cee2fb337fd72022-01-11 12:22:25.334root 11241100x80000000000000003916034Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:25.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fd73c77bd14e2ec2022-01-11 12:22:25.334root 11241100x80000000000000003916035Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:25.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49d1db2800c6ffd62022-01-11 12:22:25.334root 11241100x80000000000000003916036Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:25.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c685675343d94712022-01-11 12:22:25.334root 11241100x80000000000000003916037Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:25.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c7d8caf089572a72022-01-11 12:22:25.334root 11241100x80000000000000003916038Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:25.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2bda26892d126362022-01-11 12:22:25.334root 11241100x80000000000000003916039Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:25.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d8d1622c2dd98d12022-01-11 12:22:25.334root 11241100x80000000000000003916040Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:25.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.205b0e699d29d9c42022-01-11 12:22:25.334root 11241100x80000000000000003916041Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:25.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2a2217b9b9bafb62022-01-11 12:22:25.334root 11241100x80000000000000003916042Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:25.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6192e487c2ff1af52022-01-11 12:22:25.335root 11241100x80000000000000003916043Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:25.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0030680ffd9c76ce2022-01-11 12:22:25.335root 11241100x80000000000000003916044Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:25.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.308599334e64b2c62022-01-11 12:22:25.335root 11241100x80000000000000003916045Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:25.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f15352f3c54716002022-01-11 12:22:25.335root 11241100x80000000000000003916046Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:25.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7dd770adf592bf862022-01-11 12:22:25.335root 11241100x80000000000000003916047Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:25.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.191754de427240482022-01-11 12:22:25.335root 11241100x80000000000000003916048Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:25.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d86887ad02a8b1772022-01-11 12:22:25.335root 11241100x80000000000000003916049Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:25.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d26aee68475ed45e2022-01-11 12:22:25.335root 11241100x80000000000000003916050Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:25.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c968d1d7162bb4a72022-01-11 12:22:25.335root 11241100x80000000000000003916051Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:25.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2cb39874433a808b2022-01-11 12:22:25.834root 11241100x80000000000000003916052Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:25.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9919a85cb8ded0132022-01-11 12:22:25.834root 11241100x80000000000000003916053Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:25.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91dd21132f592f122022-01-11 12:22:25.834root 11241100x80000000000000003916054Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:25.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d0ecf44e3bdae2322022-01-11 12:22:25.834root 11241100x80000000000000003916055Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:25.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5526aae8862435b32022-01-11 12:22:25.834root 11241100x80000000000000003916056Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:25.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04918d04605a56c52022-01-11 12:22:25.834root 11241100x80000000000000003916057Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:25.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fad84527268250fb2022-01-11 12:22:25.834root 11241100x80000000000000003916058Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:25.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f3597a3b543dce222022-01-11 12:22:25.834root 11241100x80000000000000003916059Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:25.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c2f91c075d1c0a42022-01-11 12:22:25.834root 11241100x80000000000000003916060Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:25.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9bd7054d7b8cf4272022-01-11 12:22:25.834root 11241100x80000000000000003916061Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:25.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a44593d0ec4b6502022-01-11 12:22:25.834root 11241100x80000000000000003916062Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:25.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2ea0eb88fef70902022-01-11 12:22:25.834root 11241100x80000000000000003916063Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:25.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.733053b56e924f302022-01-11 12:22:25.835root 11241100x80000000000000003916064Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:25.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.45dd5fd0539f2bc62022-01-11 12:22:25.835root 11241100x80000000000000003916065Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:25.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad35ce1fd3b8c3572022-01-11 12:22:25.835root 11241100x80000000000000003916066Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:25.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c315c65eeda30102022-01-11 12:22:25.835root 11241100x80000000000000003916067Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:25.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a505d94ff2651be2022-01-11 12:22:25.835root 11241100x80000000000000003916068Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:25.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a92df83d768b1c62022-01-11 12:22:25.835root 11241100x80000000000000003916069Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:25.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95792c6c6356fcf12022-01-11 12:22:25.835root 11241100x80000000000000003916070Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:25.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34fc6add5c70abf12022-01-11 12:22:25.835root 11241100x80000000000000003916071Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4ed00080591074d2022-01-11 12:22:25.836root 11241100x80000000000000003916072Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38127806ca43f2a92022-01-11 12:22:25.836root 11241100x80000000000000003916073Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37906818e54d1a122022-01-11 12:22:25.836root 11241100x80000000000000003916074Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.252fbd2af676e6ec2022-01-11 12:22:26.334root 11241100x80000000000000003916075Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cbc0ed581b679d6f2022-01-11 12:22:26.334root 11241100x80000000000000003916076Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.767ce03e3364d3432022-01-11 12:22:26.334root 11241100x80000000000000003916077Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26f40544b731d9a62022-01-11 12:22:26.334root 11241100x80000000000000003916078Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5647ad0e9abacb8b2022-01-11 12:22:26.334root 11241100x80000000000000003916079Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7ff6eaabe2f51fe2022-01-11 12:22:26.334root 11241100x80000000000000003916080Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.59cbc1f1612582d32022-01-11 12:22:26.334root 11241100x80000000000000003916081Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a704bc9eb6562a172022-01-11 12:22:26.334root 11241100x80000000000000003916082Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d9861cc461bcfa22022-01-11 12:22:26.334root 11241100x80000000000000003916083Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:26.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d128ad117977e2092022-01-11 12:22:26.335root 11241100x80000000000000003916084Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:26.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.163f3e69c33df5a02022-01-11 12:22:26.335root 11241100x80000000000000003916085Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:26.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.896c96c10be83c7b2022-01-11 12:22:26.335root 11241100x80000000000000003916086Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:26.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0da1b8e02f92da9d2022-01-11 12:22:26.335root 11241100x80000000000000003916087Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:26.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee446a2482a456012022-01-11 12:22:26.335root 11241100x80000000000000003916088Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:26.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a93b99d8b2db3012022-01-11 12:22:26.335root 11241100x80000000000000003916089Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:26.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2065a1cb8258ce22022-01-11 12:22:26.335root 11241100x80000000000000003916090Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:26.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10d337919f1464be2022-01-11 12:22:26.335root 11241100x80000000000000003916091Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:26.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba50922b5cbb30f22022-01-11 12:22:26.335root 11241100x80000000000000003916092Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:26.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06229b09947d3d982022-01-11 12:22:26.335root 11241100x80000000000000003916093Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:26.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f08d33f362949d532022-01-11 12:22:26.335root 11241100x80000000000000003916094Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:26.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b85d5a725878944d2022-01-11 12:22:26.335root 11241100x80000000000000003916095Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:26.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b59b5ab82b068f52022-01-11 12:22:26.335root 11241100x80000000000000003916096Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:26.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04223f40ee3ece2a2022-01-11 12:22:26.335root 11241100x80000000000000003916097Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:26.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cca004cd9fac7f252022-01-11 12:22:26.833root 11241100x80000000000000003916098Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd270569a9b6ae752022-01-11 12:22:26.834root 11241100x80000000000000003916099Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a0ca8e455d968af2022-01-11 12:22:26.834root 11241100x80000000000000003916100Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ea76cf4a8ca76772022-01-11 12:22:26.834root 11241100x80000000000000003916101Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb5543622aec3b4f2022-01-11 12:22:26.834root 11241100x80000000000000003916102Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6ea90fb74d86b5e2022-01-11 12:22:26.834root 11241100x80000000000000003916103Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.414d7e55d7ef5bf82022-01-11 12:22:26.834root 11241100x80000000000000003916104Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3616be165028af472022-01-11 12:22:26.834root 11241100x80000000000000003916105Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f48ebe4a5d6a4472022-01-11 12:22:26.834root 11241100x80000000000000003916106Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.faa296fa4ad3210c2022-01-11 12:22:26.834root 11241100x80000000000000003916107Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12fccc6afd58fb532022-01-11 12:22:26.834root 11241100x80000000000000003916108Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f628896b0e63a112022-01-11 12:22:26.834root 11241100x80000000000000003916109Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fcc461c91479161a2022-01-11 12:22:26.834root 11241100x80000000000000003916110Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1f8524b35d2017b2022-01-11 12:22:26.834root 11241100x80000000000000003916111Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.58324cb5225e1fa42022-01-11 12:22:26.834root 11241100x80000000000000003916112Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:26.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8187a2a54493365d2022-01-11 12:22:26.835root 11241100x80000000000000003916113Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:26.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6116d703111a0c92022-01-11 12:22:26.835root 11241100x80000000000000003916114Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:26.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa96377d5a2d2f812022-01-11 12:22:26.835root 11241100x80000000000000003916115Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:26.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3d60884fb7e05852022-01-11 12:22:26.835root 11241100x80000000000000003916116Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:26.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fff18a66201257c02022-01-11 12:22:26.835root 11241100x80000000000000003916117Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:26.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ebeb9725d36859992022-01-11 12:22:26.835root 11241100x80000000000000003916118Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:26.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d89b55be927eb5322022-01-11 12:22:26.835root 11241100x80000000000000003916119Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:26.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f7a5e803030b3172022-01-11 12:22:26.835root 354300x80000000000000003916120Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.064{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56344-false10.0.1.12-8000- 11241100x80000000000000003916121Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e33966fe135a379b2022-01-11 12:22:27.333root 11241100x80000000000000003916122Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.464a8fc9f80c4bc32022-01-11 12:22:27.334root 11241100x80000000000000003916123Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9325360debb485fb2022-01-11 12:22:27.334root 11241100x80000000000000003916124Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09ebcc4c0383e9452022-01-11 12:22:27.334root 11241100x80000000000000003916125Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.becd5e955a8ace172022-01-11 12:22:27.334root 11241100x80000000000000003916126Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.900771683b22299c2022-01-11 12:22:27.335root 11241100x80000000000000003916127Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e53caea2e11edbde2022-01-11 12:22:27.335root 11241100x80000000000000003916128Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de82068aa14471862022-01-11 12:22:27.335root 11241100x80000000000000003916129Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88526b34c0b338b92022-01-11 12:22:27.335root 11241100x80000000000000003916130Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.607bf434c9cca81b2022-01-11 12:22:27.335root 11241100x80000000000000003916131Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2446790a6e4fcf4e2022-01-11 12:22:27.335root 11241100x80000000000000003916132Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cbdfa7a8620a38b12022-01-11 12:22:27.335root 11241100x80000000000000003916133Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.954e8e2edb9cdb832022-01-11 12:22:27.335root 11241100x80000000000000003916134Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6eee921c43ae75c2022-01-11 12:22:27.335root 11241100x80000000000000003916135Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.843e392e1e7ec5ad2022-01-11 12:22:27.336root 11241100x80000000000000003916136Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6253d98ed9cfc82c2022-01-11 12:22:27.336root 11241100x80000000000000003916137Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.313ebc090dcbb6df2022-01-11 12:22:27.336root 11241100x80000000000000003916138Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b59b4dda7a6ed4302022-01-11 12:22:27.336root 11241100x80000000000000003916139Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c33b9ef2684b36112022-01-11 12:22:27.336root 11241100x80000000000000003916140Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95d1f649b49828472022-01-11 12:22:27.336root 11241100x80000000000000003916141Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a11bc47dd6d3a2132022-01-11 12:22:27.336root 11241100x80000000000000003916142Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a99d00632f4dc5f42022-01-11 12:22:27.336root 11241100x80000000000000003916143Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.168cb59221468d772022-01-11 12:22:27.336root 11241100x80000000000000003916144Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3fb598851cf95162022-01-11 12:22:27.336root 23542300x80000000000000003916145Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.738{ec2d504d-f0f9-61db-30a8-2a40f5550000}5391root/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log--- 11241100x80000000000000003916146Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.739{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df1f29630347cc132022-01-11 12:22:27.739root 11241100x80000000000000003916147Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.739{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.120cb7d5afc093902022-01-11 12:22:27.739root 11241100x80000000000000003916148Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.739{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd1d90e18f1d0a292022-01-11 12:22:27.739root 11241100x80000000000000003916149Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.740{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d61945ca32f6cf82022-01-11 12:22:27.740root 11241100x80000000000000003916150Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.740{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c586d2f73eb40b42022-01-11 12:22:27.740root 11241100x80000000000000003916151Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.740{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b5db6407f8869d22022-01-11 12:22:27.740root 11241100x80000000000000003916152Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.740{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8625e2775c081cd2022-01-11 12:22:27.740root 11241100x80000000000000003916153Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.740{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c54ecea37c3e66dc2022-01-11 12:22:27.740root 11241100x80000000000000003916154Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.740{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be19cf42d3d4fa932022-01-11 12:22:27.740root 11241100x80000000000000003916155Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.740{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0463ac41875027d2022-01-11 12:22:27.740root 11241100x80000000000000003916156Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.741{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc057b947108281f2022-01-11 12:22:27.741root 11241100x80000000000000003916157Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.741{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b97c67b951a64e92022-01-11 12:22:27.741root 11241100x80000000000000003916158Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.741{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53b8a7f37ee34fe02022-01-11 12:22:27.741root 11241100x80000000000000003916159Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.741{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7e13f1bfedb60b32022-01-11 12:22:27.741root 11241100x80000000000000003916160Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.741{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7cce9eb01c0cd43c2022-01-11 12:22:27.741root 11241100x80000000000000003916161Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.741{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15d9c48c64a484922022-01-11 12:22:27.741root 11241100x80000000000000003916162Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.741{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a6ea3e7e0594b562022-01-11 12:22:27.741root 11241100x80000000000000003916163Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.741{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d22d7cc5078fd90f2022-01-11 12:22:27.741root 11241100x80000000000000003916164Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.741{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.99fb2ef71de3f4d82022-01-11 12:22:27.741root 11241100x80000000000000003916165Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.741{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0da533837412d14a2022-01-11 12:22:27.741root 11241100x80000000000000003916166Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.741{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.425480412ebf4cab2022-01-11 12:22:27.741root 11241100x80000000000000003916167Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.741{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48bf96bd3432c6e02022-01-11 12:22:27.741root 11241100x80000000000000003916168Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.741{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1075a192617845932022-01-11 12:22:27.741root 11241100x80000000000000003916169Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.742{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0cef89630661ce42022-01-11 12:22:27.742root 11241100x80000000000000003916170Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.742{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfbffdab694cb9172022-01-11 12:22:27.742root 11241100x80000000000000003916171Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.742{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7df1b2afc87a898a2022-01-11 12:22:27.742root 11241100x80000000000000003916172Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.742{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d226b96bc47ed9f2022-01-11 12:22:27.742root 11241100x80000000000000003916173Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.742{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2676ce1e7bf3021b2022-01-11 12:22:27.742root 11241100x80000000000000003916174Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.742{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84e29662ff9be83e2022-01-11 12:22:27.742root 11241100x80000000000000003916175Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.742{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2eb05d199da23e012022-01-11 12:22:27.742root 11241100x80000000000000003916176Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:27.742{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8750680646967b12022-01-11 12:22:27.742root 11241100x80000000000000003916177Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.52740375976bc4fa2022-01-11 12:22:28.083root 11241100x80000000000000003916178Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc417b86e30388082022-01-11 12:22:28.083root 11241100x80000000000000003916179Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4f98f6a639aa6dd2022-01-11 12:22:28.083root 11241100x80000000000000003916180Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.889396cc2ae3baa22022-01-11 12:22:28.083root 11241100x80000000000000003916181Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6547d1ed0173071b2022-01-11 12:22:28.083root 11241100x80000000000000003916182Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b8ed23ca435c5842022-01-11 12:22:28.083root 11241100x80000000000000003916183Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4efe9283a00a93f92022-01-11 12:22:28.084root 11241100x80000000000000003916184Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e72e717da1b32ed2022-01-11 12:22:28.084root 11241100x80000000000000003916185Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.344770a8998809e82022-01-11 12:22:28.084root 11241100x80000000000000003916186Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e33fc68c9fd51ab02022-01-11 12:22:28.084root 11241100x80000000000000003916187Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f78c4d7f9a8a23a2022-01-11 12:22:28.084root 11241100x80000000000000003916188Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bbaddd9c9c8cfc7e2022-01-11 12:22:28.084root 11241100x80000000000000003916189Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96fe0d37ef09d0da2022-01-11 12:22:28.084root 11241100x80000000000000003916190Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c62d16f18e75c5ca2022-01-11 12:22:28.084root 11241100x80000000000000003916191Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0b7524173f1c7522022-01-11 12:22:28.084root 11241100x80000000000000003916192Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51beaac8b4afb9b22022-01-11 12:22:28.084root 11241100x80000000000000003916193Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44d0acabdd21da242022-01-11 12:22:28.084root 11241100x80000000000000003916194Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c8f6cebf9fe42252022-01-11 12:22:28.085root 11241100x80000000000000003916195Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1189586e5a2109ae2022-01-11 12:22:28.085root 11241100x80000000000000003916196Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed7fcdc4134da0672022-01-11 12:22:28.085root 11241100x80000000000000003916197Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6cb3dcecc70fe8292022-01-11 12:22:28.085root 11241100x80000000000000003916198Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c2f5aad6c7f28e12022-01-11 12:22:28.085root 11241100x80000000000000003916199Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.319896d9557b867b2022-01-11 12:22:28.085root 11241100x80000000000000003916200Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3d1ed9348c356102022-01-11 12:22:28.086root 11241100x80000000000000003916201Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00bb0446285339542022-01-11 12:22:28.086root 11241100x80000000000000003916202Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a164df389750a9862022-01-11 12:22:28.584root 11241100x80000000000000003916203Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.30a3a9a3156aabd82022-01-11 12:22:28.584root 11241100x80000000000000003916204Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d572070197aa7dce2022-01-11 12:22:28.584root 11241100x80000000000000003916205Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.904c82788f70e7d32022-01-11 12:22:28.584root 11241100x80000000000000003916206Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c77684fd9fd5a562022-01-11 12:22:28.584root 11241100x80000000000000003916207Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.701491b06e219afe2022-01-11 12:22:28.585root 11241100x80000000000000003916208Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33b4826082de69a32022-01-11 12:22:28.585root 11241100x80000000000000003916209Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8982c3e6c40b17272022-01-11 12:22:28.585root 11241100x80000000000000003916210Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b5f3b425965f9c6c2022-01-11 12:22:28.585root 11241100x80000000000000003916211Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0e5545a9e1634fa2022-01-11 12:22:28.585root 11241100x80000000000000003916212Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.64f936eec372a7c92022-01-11 12:22:28.585root 11241100x80000000000000003916213Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00e4da64079805a12022-01-11 12:22:28.585root 11241100x80000000000000003916214Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84ad7f5a67f6dc6f2022-01-11 12:22:28.585root 11241100x80000000000000003916215Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6924037706737d072022-01-11 12:22:28.585root 11241100x80000000000000003916216Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5349db804ba04d952022-01-11 12:22:28.585root 11241100x80000000000000003916217Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc3bb360bde885952022-01-11 12:22:28.586root 11241100x80000000000000003916218Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e840e734df426ef92022-01-11 12:22:28.586root 11241100x80000000000000003916219Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.630e48e5c1384cf52022-01-11 12:22:28.586root 11241100x80000000000000003916220Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a726bfb5dc1149922022-01-11 12:22:28.586root 11241100x80000000000000003916221Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f7aa10ad0e8f530f2022-01-11 12:22:28.586root 11241100x80000000000000003916222Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.85d8aee7033e95092022-01-11 12:22:28.586root 11241100x80000000000000003916223Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f789f734177d71dd2022-01-11 12:22:28.586root 11241100x80000000000000003916224Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f49b9d6e3a5b0c32022-01-11 12:22:28.586root 11241100x80000000000000003916225Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d319a5b4afa4e2652022-01-11 12:22:28.586root 11241100x80000000000000003916226Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:28.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aeb77d6a9b2fc1562022-01-11 12:22:28.586root 11241100x80000000000000003916227Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df35cbe305d0e7812022-01-11 12:22:29.083root 11241100x80000000000000003916228Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef23d4d9665819d52022-01-11 12:22:29.083root 11241100x80000000000000003916229Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e031951c29ddad9b2022-01-11 12:22:29.083root 11241100x80000000000000003916230Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08f370284276524e2022-01-11 12:22:29.084root 11241100x80000000000000003916231Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.839fa058d0db93662022-01-11 12:22:29.084root 11241100x80000000000000003916232Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c13ecea52176d4ef2022-01-11 12:22:29.084root 11241100x80000000000000003916233Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.654a2aee1d88dc132022-01-11 12:22:29.084root 11241100x80000000000000003916234Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5212a1e8420e9dc72022-01-11 12:22:29.084root 11241100x80000000000000003916235Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6667a6c2702c99f42022-01-11 12:22:29.084root 11241100x80000000000000003916236Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa87c4047b99c6dd2022-01-11 12:22:29.084root 11241100x80000000000000003916237Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff0038d89d5b29232022-01-11 12:22:29.085root 11241100x80000000000000003916238Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39a75ee876889bc32022-01-11 12:22:29.085root 11241100x80000000000000003916239Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f9a2b91be75a9142022-01-11 12:22:29.085root 11241100x80000000000000003916240Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ff04bb8a72d45f42022-01-11 12:22:29.085root 11241100x80000000000000003916241Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.411455f9be4248062022-01-11 12:22:29.085root 11241100x80000000000000003916242Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.29c9cd847aabe99e2022-01-11 12:22:29.085root 11241100x80000000000000003916243Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d59f2d045927dab2022-01-11 12:22:29.086root 11241100x80000000000000003916244Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.597200df62d59f3f2022-01-11 12:22:29.086root 11241100x80000000000000003916245Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21a57a562a2803be2022-01-11 12:22:29.086root 11241100x80000000000000003916246Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dff1a46e35694ae42022-01-11 12:22:29.086root 11241100x80000000000000003916247Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18aafcd08ec8fc202022-01-11 12:22:29.087root 11241100x80000000000000003916248Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7adee0760b3af38c2022-01-11 12:22:29.087root 11241100x80000000000000003916249Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ac3061d44a1837f2022-01-11 12:22:29.087root 11241100x80000000000000003916250Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dff286d107b362802022-01-11 12:22:29.087root 11241100x80000000000000003916251Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25039e1aa61930c92022-01-11 12:22:29.087root 11241100x80000000000000003916252Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6fb26f44ac9860ba2022-01-11 12:22:29.087root 11241100x80000000000000003916253Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1bbc1b63f08a56d2022-01-11 12:22:29.583root 11241100x80000000000000003916254Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce9ffd4ff0dc28fa2022-01-11 12:22:29.583root 11241100x80000000000000003916255Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab17af23f0cef0f62022-01-11 12:22:29.583root 11241100x80000000000000003916256Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a188dd3961819aef2022-01-11 12:22:29.583root 11241100x80000000000000003916257Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20454c0ef45f5a062022-01-11 12:22:29.584root 11241100x80000000000000003916258Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5acb9577646a41992022-01-11 12:22:29.584root 11241100x80000000000000003916259Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.517274759b214e502022-01-11 12:22:29.584root 11241100x80000000000000003916260Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f48f75ca0551825a2022-01-11 12:22:29.584root 11241100x80000000000000003916261Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4fdd8ee06c5265962022-01-11 12:22:29.584root 11241100x80000000000000003916262Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.497e37df4c5bd4932022-01-11 12:22:29.584root 11241100x80000000000000003916263Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee55c1d1c6b985fc2022-01-11 12:22:29.584root 11241100x80000000000000003916264Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.189df5118192ba122022-01-11 12:22:29.584root 11241100x80000000000000003916265Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.998c7eb0363ba1ff2022-01-11 12:22:29.584root 11241100x80000000000000003916266Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41bbea5db260e8e62022-01-11 12:22:29.585root 11241100x80000000000000003916267Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e4c036d75555ffb2022-01-11 12:22:29.585root 11241100x80000000000000003916268Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3165beb874439282022-01-11 12:22:29.585root 11241100x80000000000000003916269Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7360e894479db312022-01-11 12:22:29.585root 11241100x80000000000000003916270Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.872713b80e7955da2022-01-11 12:22:29.585root 11241100x80000000000000003916271Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47c1b8f9e10819ab2022-01-11 12:22:29.585root 11241100x80000000000000003916272Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.732857e7ef3d82f32022-01-11 12:22:29.585root 11241100x80000000000000003916273Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.196905cf67542f7b2022-01-11 12:22:29.585root 11241100x80000000000000003916274Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.27e64d49aef7ee162022-01-11 12:22:29.585root 11241100x80000000000000003916275Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ac91d9520ab6a702022-01-11 12:22:29.585root 11241100x80000000000000003916276Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.891952743670e5b52022-01-11 12:22:29.586root 11241100x80000000000000003916277Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2fdbca8b19c7c702022-01-11 12:22:29.586root 11241100x80000000000000003916278Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:29.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b410d6958db37af22022-01-11 12:22:29.586root 11241100x80000000000000003916279Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2e79125c710317b2022-01-11 12:22:30.083root 11241100x80000000000000003916280Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40024d3c422adfae2022-01-11 12:22:30.083root 11241100x80000000000000003916281Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.679398365f713f752022-01-11 12:22:30.083root 11241100x80000000000000003916282Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f15be9a7aa72c582022-01-11 12:22:30.084root 11241100x80000000000000003916283Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2f978df171dc5772022-01-11 12:22:30.084root 11241100x80000000000000003916284Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.220d88184aa5d7902022-01-11 12:22:30.084root 11241100x80000000000000003916285Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1735f2d23779d87e2022-01-11 12:22:30.084root 11241100x80000000000000003916286Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1fe601ba9131b7d02022-01-11 12:22:30.085root 11241100x80000000000000003916287Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.92e0bb8d74a0e0c12022-01-11 12:22:30.085root 11241100x80000000000000003916288Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4eea85df08eff302022-01-11 12:22:30.085root 11241100x80000000000000003916289Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26bc7f7f10629ec52022-01-11 12:22:30.086root 11241100x80000000000000003916290Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3ddc56150ba17282022-01-11 12:22:30.086root 11241100x80000000000000003916291Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a92d8ad5624350952022-01-11 12:22:30.086root 11241100x80000000000000003916292Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a77cf56b43c3bdea2022-01-11 12:22:30.086root 11241100x80000000000000003916293Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93941ae5f3e150a52022-01-11 12:22:30.086root 11241100x80000000000000003916294Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af2cfd8b7be3ad5a2022-01-11 12:22:30.086root 11241100x80000000000000003916295Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8c6cd702a80b88e2022-01-11 12:22:30.086root 11241100x80000000000000003916296Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db638267f08125cc2022-01-11 12:22:30.086root 11241100x80000000000000003916297Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f62f3281d3f559ab2022-01-11 12:22:30.086root 11241100x80000000000000003916298Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc5aa29ae6bf79db2022-01-11 12:22:30.086root 11241100x80000000000000003916299Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f941ff12f5601ab2022-01-11 12:22:30.086root 11241100x80000000000000003916300Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8a158ae435598812022-01-11 12:22:30.086root 11241100x80000000000000003916301Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bbbc29fc208c02182022-01-11 12:22:30.086root 11241100x80000000000000003916302Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7bb41a9b0cf08282022-01-11 12:22:30.086root 11241100x80000000000000003916303Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b67e85f2acdfe6b2022-01-11 12:22:30.087root 11241100x80000000000000003916304Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac20f442c7198c0f2022-01-11 12:22:30.087root 11241100x80000000000000003916305Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f6702f535e5507c2022-01-11 12:22:30.087root 11241100x80000000000000003916306Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68e4fc0f9b8f52d22022-01-11 12:22:30.087root 11241100x80000000000000003916307Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a82ddbaa14c419c2022-01-11 12:22:30.087root 11241100x80000000000000003916308Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00081edb1b5c285d2022-01-11 12:22:30.583root 11241100x80000000000000003916309Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f62f102e4aa43172022-01-11 12:22:30.583root 11241100x80000000000000003916310Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ca95d2f92c3e26a2022-01-11 12:22:30.583root 11241100x80000000000000003916311Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f124bc8258ed6c82022-01-11 12:22:30.583root 11241100x80000000000000003916312Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a71935ee8bb510b12022-01-11 12:22:30.583root 11241100x80000000000000003916313Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49ef502689ced55c2022-01-11 12:22:30.583root 11241100x80000000000000003916314Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d65f07a969ae7272022-01-11 12:22:30.584root 11241100x80000000000000003916315Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2bbad4415fc5df852022-01-11 12:22:30.584root 11241100x80000000000000003916316Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0ae450d869bc2c52022-01-11 12:22:30.584root 11241100x80000000000000003916317Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8148a7bf7efbfc82022-01-11 12:22:30.584root 11241100x80000000000000003916318Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6766986d5e155072022-01-11 12:22:30.584root 11241100x80000000000000003916319Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8566184437397862022-01-11 12:22:30.584root 11241100x80000000000000003916320Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e86f1c63d1e3db712022-01-11 12:22:30.584root 11241100x80000000000000003916321Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38ca1e84e82bee672022-01-11 12:22:30.584root 11241100x80000000000000003916322Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12b5b47458aba2452022-01-11 12:22:30.584root 11241100x80000000000000003916323Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1073eca68c46ce182022-01-11 12:22:30.584root 11241100x80000000000000003916324Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ff5bcdcfe5374bf2022-01-11 12:22:30.584root 11241100x80000000000000003916325Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a44c4f72afd76aac2022-01-11 12:22:30.584root 11241100x80000000000000003916326Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.632710f27bb0491e2022-01-11 12:22:30.584root 11241100x80000000000000003916327Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38ef55799fe8588e2022-01-11 12:22:30.584root 11241100x80000000000000003916328Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4f1c428ea663bd82022-01-11 12:22:30.584root 11241100x80000000000000003916329Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9da5e399d2ff34a42022-01-11 12:22:30.584root 11241100x80000000000000003916330Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.acd806b4a81523762022-01-11 12:22:30.585root 11241100x80000000000000003916331Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c393938e77960ec72022-01-11 12:22:30.585root 11241100x80000000000000003916332Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:30.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.31abcdebf80f6c1b2022-01-11 12:22:30.585root 11241100x80000000000000003916333Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a5ed61dfb3f800b2022-01-11 12:22:31.083root 11241100x80000000000000003916334Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f1543bdea3181df2022-01-11 12:22:31.083root 11241100x80000000000000003916335Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fcd03da60a822c3a2022-01-11 12:22:31.083root 11241100x80000000000000003916336Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e75cef8b45f427aa2022-01-11 12:22:31.084root 11241100x80000000000000003916337Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8196cf8f5324dd62022-01-11 12:22:31.084root 11241100x80000000000000003916338Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0730adc44b462362022-01-11 12:22:31.084root 11241100x80000000000000003916339Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd5749139390aa9f2022-01-11 12:22:31.084root 11241100x80000000000000003916340Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a96f9e03816b53812022-01-11 12:22:31.084root 11241100x80000000000000003916341Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e25946e36e4ab8a2022-01-11 12:22:31.084root 11241100x80000000000000003916342Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9732b85c21198532022-01-11 12:22:31.084root 11241100x80000000000000003916343Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac25b018f1a49d512022-01-11 12:22:31.084root 11241100x80000000000000003916344Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.870ece8ae98a5c8e2022-01-11 12:22:31.085root 11241100x80000000000000003916345Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42c0b9f08af5f6902022-01-11 12:22:31.085root 11241100x80000000000000003916346Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3030c9b7c373bf352022-01-11 12:22:31.085root 11241100x80000000000000003916347Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1cdac6932424c35b2022-01-11 12:22:31.085root 11241100x80000000000000003916348Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e38356f6eb749c982022-01-11 12:22:31.085root 11241100x80000000000000003916349Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.313ba5df29fb93612022-01-11 12:22:31.086root 11241100x80000000000000003916350Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f960a91f74789f8f2022-01-11 12:22:31.086root 11241100x80000000000000003916351Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ada1156f30e024a2022-01-11 12:22:31.086root 11241100x80000000000000003916352Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7fd9b30499b0419e2022-01-11 12:22:31.086root 11241100x80000000000000003916353Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c708c69a86243ddb2022-01-11 12:22:31.087root 11241100x80000000000000003916354Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3284caf5b265f0962022-01-11 12:22:31.087root 11241100x80000000000000003916355Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17e886523ac7208d2022-01-11 12:22:31.088root 11241100x80000000000000003916356Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41696b7bf2c426762022-01-11 12:22:31.088root 11241100x80000000000000003916357Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.30152d2de166d32a2022-01-11 12:22:31.088root 11241100x80000000000000003916358Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c97ab7b3612443c32022-01-11 12:22:31.088root 11241100x80000000000000003916359Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7426b6e21f2ee6c2022-01-11 12:22:31.088root 11241100x80000000000000003916360Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39c8c1841c2a2cb82022-01-11 12:22:31.088root 11241100x80000000000000003916361Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b5293963d6bf422a2022-01-11 12:22:31.088root 11241100x80000000000000003916362Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e51af6f25afa2f92022-01-11 12:22:31.089root 11241100x80000000000000003916363Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9304e91ae1beeed42022-01-11 12:22:31.583root 11241100x80000000000000003916364Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.987b9feacf83fdbb2022-01-11 12:22:31.583root 11241100x80000000000000003916365Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33c21af4d67103b82022-01-11 12:22:31.584root 11241100x80000000000000003916366Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.709e88e22007e55b2022-01-11 12:22:31.584root 11241100x80000000000000003916367Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04714c70bf6a2b6c2022-01-11 12:22:31.584root 11241100x80000000000000003916368Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c5d50218a6c5c282022-01-11 12:22:31.584root 11241100x80000000000000003916369Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4bbd86306b444ee2022-01-11 12:22:31.584root 11241100x80000000000000003916370Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48269609a57dfc9a2022-01-11 12:22:31.584root 11241100x80000000000000003916371Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0fa0c1c820248bc52022-01-11 12:22:31.584root 11241100x80000000000000003916372Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.945d4541f68592232022-01-11 12:22:31.584root 11241100x80000000000000003916373Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb2925e3a7550b572022-01-11 12:22:31.584root 11241100x80000000000000003916374Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67b745607cc3d3062022-01-11 12:22:31.584root 11241100x80000000000000003916375Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c771e314c44b2e42022-01-11 12:22:31.584root 11241100x80000000000000003916376Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb718f3281bf7ef32022-01-11 12:22:31.584root 11241100x80000000000000003916377Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1a38fb313ac7f8c2022-01-11 12:22:31.584root 11241100x80000000000000003916378Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b9fca74605068ff2022-01-11 12:22:31.584root 11241100x80000000000000003916379Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db531304f7ceeeea2022-01-11 12:22:31.585root 11241100x80000000000000003916380Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be46308bc1c8a3722022-01-11 12:22:31.585root 11241100x80000000000000003916381Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.764b3e9f112514af2022-01-11 12:22:31.585root 11241100x80000000000000003916382Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6c7c13cd0d0a64b2022-01-11 12:22:31.585root 11241100x80000000000000003916383Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4690fcc3a09ddff2022-01-11 12:22:31.585root 11241100x80000000000000003916384Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e49d0833735b91202022-01-11 12:22:31.585root 11241100x80000000000000003916385Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53699dc6d3159d9c2022-01-11 12:22:31.585root 11241100x80000000000000003916386Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25c7c9ac01c51aa22022-01-11 12:22:31.585root 11241100x80000000000000003916387Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ca3504c0e3d4ac02022-01-11 12:22:31.585root 11241100x80000000000000003916388Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3afecfbd8de147ab2022-01-11 12:22:31.585root 11241100x80000000000000003916389Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:31.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74e52cc2098084c42022-01-11 12:22:31.585root 11241100x80000000000000003916390Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d9552ad4f0013af2022-01-11 12:22:32.083root 11241100x80000000000000003916391Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e81d1f9ddf508812022-01-11 12:22:32.083root 11241100x80000000000000003916392Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e94a1e29312abf32022-01-11 12:22:32.083root 11241100x80000000000000003916393Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.45ecf6dc04cfbb0b2022-01-11 12:22:32.083root 11241100x80000000000000003916394Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.14b9eb53dbc794462022-01-11 12:22:32.084root 11241100x80000000000000003916395Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65a7f9bb5c11405c2022-01-11 12:22:32.084root 11241100x80000000000000003916396Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f436ace8666340752022-01-11 12:22:32.084root 11241100x80000000000000003916397Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac44a9869a02dd3f2022-01-11 12:22:32.084root 11241100x80000000000000003916398Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc03b138c52e129c2022-01-11 12:22:32.084root 11241100x80000000000000003916399Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.edcca5d73a59247c2022-01-11 12:22:32.084root 11241100x80000000000000003916400Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05b8d95d0a9e99bb2022-01-11 12:22:32.084root 11241100x80000000000000003916401Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b328d2fb03702b702022-01-11 12:22:32.084root 11241100x80000000000000003916402Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e5ff43da4a1c28b42022-01-11 12:22:32.084root 11241100x80000000000000003916403Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2403262b48e396702022-01-11 12:22:32.084root 11241100x80000000000000003916404Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46d155bd406b1d132022-01-11 12:22:32.085root 11241100x80000000000000003916405Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.107b9f38a8fcbf602022-01-11 12:22:32.085root 11241100x80000000000000003916406Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f53bd187e4acc30c2022-01-11 12:22:32.085root 11241100x80000000000000003916407Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08f6942f5e087f0b2022-01-11 12:22:32.085root 11241100x80000000000000003916408Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53f17889ac429b8c2022-01-11 12:22:32.085root 11241100x80000000000000003916409Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e616fd930032feb2022-01-11 12:22:32.085root 11241100x80000000000000003916410Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b877811cde28d0e42022-01-11 12:22:32.085root 11241100x80000000000000003916411Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15b92571bd0cef202022-01-11 12:22:32.085root 11241100x80000000000000003916412Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ce17d87b1869ca72022-01-11 12:22:32.086root 11241100x80000000000000003916413Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8c48942fcf5160e2022-01-11 12:22:32.086root 11241100x80000000000000003916414Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22b4783196d47a382022-01-11 12:22:32.086root 11241100x80000000000000003916415Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7070332c6e1dddf32022-01-11 12:22:32.086root 11241100x80000000000000003916416Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3831fd86efc120db2022-01-11 12:22:32.086root 11241100x80000000000000003916417Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b7cbd14df2026da2022-01-11 12:22:32.086root 354300x80000000000000003916418Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.247{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56346-false10.0.1.12-8000- 11241100x80000000000000003916419Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3bfec7c2fac5cba52022-01-11 12:22:32.583root 11241100x80000000000000003916420Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d5fad93d8c6ebef2022-01-11 12:22:32.584root 11241100x80000000000000003916421Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.555ad97599f86e5a2022-01-11 12:22:32.584root 11241100x80000000000000003916422Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae83ed49ccab29f62022-01-11 12:22:32.585root 11241100x80000000000000003916423Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7c8be7e3df6ae072022-01-11 12:22:32.585root 11241100x80000000000000003916424Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e899fe38c57278b2022-01-11 12:22:32.585root 11241100x80000000000000003916425Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ffb87132fcba5f32022-01-11 12:22:32.585root 11241100x80000000000000003916426Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3275c85ec10b3ea72022-01-11 12:22:32.585root 11241100x80000000000000003916427Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b194a1e581381b852022-01-11 12:22:32.586root 11241100x80000000000000003916428Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5405591f7ecef762022-01-11 12:22:32.586root 11241100x80000000000000003916429Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4539d12dfef257182022-01-11 12:22:32.586root 11241100x80000000000000003916430Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f1c0f71fa11a2bf2022-01-11 12:22:32.586root 11241100x80000000000000003916431Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5fdf449f342189db2022-01-11 12:22:32.586root 11241100x80000000000000003916432Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a279431139948afa2022-01-11 12:22:32.586root 11241100x80000000000000003916433Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41a21e1371d9d1d02022-01-11 12:22:32.586root 11241100x80000000000000003916434Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4c6ca6e21f85ec62022-01-11 12:22:32.586root 11241100x80000000000000003916435Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f7ec5e538d7417232022-01-11 12:22:32.586root 11241100x80000000000000003916436Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6bf932d4911edb702022-01-11 12:22:32.586root 11241100x80000000000000003916437Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f7a27cf541e98aaa2022-01-11 12:22:32.586root 11241100x80000000000000003916438Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04238fee206895832022-01-11 12:22:32.586root 11241100x80000000000000003916439Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c115ef8ae3a43a202022-01-11 12:22:32.587root 11241100x80000000000000003916440Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ad7b11f2bad1f162022-01-11 12:22:32.587root 11241100x80000000000000003916441Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6f370bdb18693912022-01-11 12:22:32.587root 11241100x80000000000000003916442Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.437b10a587c059452022-01-11 12:22:32.587root 11241100x80000000000000003916443Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c95a01d1e6b454e92022-01-11 12:22:32.587root 11241100x80000000000000003916444Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4ed45836b01dc342022-01-11 12:22:32.587root 11241100x80000000000000003916445Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:32.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.afd4badeed30a2002022-01-11 12:22:32.587root 11241100x80000000000000003916446Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f96c88446ba035fa2022-01-11 12:22:33.084root 11241100x80000000000000003916447Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4d4e0636d677fb562022-01-11 12:22:33.084root 11241100x80000000000000003916448Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74781ad75fc12dba2022-01-11 12:22:33.084root 11241100x80000000000000003916449Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a96c278d160d92842022-01-11 12:22:33.084root 11241100x80000000000000003916450Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f049c4c9c73f31102022-01-11 12:22:33.084root 11241100x80000000000000003916451Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0285eeec1979e9452022-01-11 12:22:33.084root 11241100x80000000000000003916452Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73890bed091de5302022-01-11 12:22:33.084root 11241100x80000000000000003916453Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50a7c064c9c771c02022-01-11 12:22:33.084root 11241100x80000000000000003916454Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11defa85103899dd2022-01-11 12:22:33.085root 11241100x80000000000000003916455Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1dd3a67e80d1059c2022-01-11 12:22:33.085root 11241100x80000000000000003916456Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6700da45cc4b5ea2022-01-11 12:22:33.085root 11241100x80000000000000003916457Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fdfe76c4139d6efe2022-01-11 12:22:33.085root 11241100x80000000000000003916458Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d10afcd3440d88be2022-01-11 12:22:33.085root 11241100x80000000000000003916459Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96a7cc3ab06cfb8e2022-01-11 12:22:33.085root 11241100x80000000000000003916460Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c8c3c6b3ae9fe9b2022-01-11 12:22:33.085root 11241100x80000000000000003916461Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97b48a81a28ba26e2022-01-11 12:22:33.085root 11241100x80000000000000003916462Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e247e9f82250aeb2022-01-11 12:22:33.085root 11241100x80000000000000003916463Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.531a84e98ddda5f92022-01-11 12:22:33.085root 11241100x80000000000000003916464Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d0aed3967e2c3dd2022-01-11 12:22:33.085root 11241100x80000000000000003916465Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c1589e4c59520f62022-01-11 12:22:33.085root 11241100x80000000000000003916466Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c371961e8f1d49d52022-01-11 12:22:33.085root 11241100x80000000000000003916467Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dad0b2f44c98f6452022-01-11 12:22:33.085root 11241100x80000000000000003916468Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33739c049d4ac7672022-01-11 12:22:33.085root 11241100x80000000000000003916469Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.611f4543f12533072022-01-11 12:22:33.085root 11241100x80000000000000003916470Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.477f910aa9b51a802022-01-11 12:22:33.086root 11241100x80000000000000003916471Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aab527d664bfaab22022-01-11 12:22:33.086root 11241100x80000000000000003916472Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32e535ef0d860c392022-01-11 12:22:33.584root 11241100x80000000000000003916473Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.384c241f0d02edbe2022-01-11 12:22:33.584root 11241100x80000000000000003916474Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c76811116edee9f2022-01-11 12:22:33.584root 11241100x80000000000000003916475Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50776be9ade0a6192022-01-11 12:22:33.584root 11241100x80000000000000003916476Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54c5ceb85a3227fc2022-01-11 12:22:33.584root 11241100x80000000000000003916477Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5de5a3ae4d8cdd02022-01-11 12:22:33.584root 11241100x80000000000000003916478Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.494fdd1ee9ed12722022-01-11 12:22:33.584root 11241100x80000000000000003916479Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6487b6a151bd4972022-01-11 12:22:33.584root 11241100x80000000000000003916480Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fba2829ae89238862022-01-11 12:22:33.584root 11241100x80000000000000003916481Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5571c74bee7da30f2022-01-11 12:22:33.585root 11241100x80000000000000003916482Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f9f92051172ca362022-01-11 12:22:33.585root 11241100x80000000000000003916483Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c28b2dcdaeb64d82022-01-11 12:22:33.585root 11241100x80000000000000003916484Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5a63d4dcf05b3ef2022-01-11 12:22:33.585root 11241100x80000000000000003916485Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21c065ad6d22ef472022-01-11 12:22:33.585root 11241100x80000000000000003916486Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63e87277a9b439f52022-01-11 12:22:33.585root 11241100x80000000000000003916487Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad1d75a1987464e52022-01-11 12:22:33.585root 11241100x80000000000000003916488Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d4d98437e1fce1e2022-01-11 12:22:33.585root 11241100x80000000000000003916489Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.abddbc0f089ca0a72022-01-11 12:22:33.585root 11241100x80000000000000003916490Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec13c4e4529ec2b62022-01-11 12:22:33.585root 11241100x80000000000000003916491Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0a24bac83d58ce82022-01-11 12:22:33.585root 11241100x80000000000000003916492Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9082801ddf6eeb92022-01-11 12:22:33.585root 11241100x80000000000000003916493Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bcd334238a0fc9782022-01-11 12:22:33.585root 11241100x80000000000000003916494Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04f08f095f5354362022-01-11 12:22:33.585root 11241100x80000000000000003916495Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9eb0d42b6cddd6b32022-01-11 12:22:33.585root 11241100x80000000000000003916496Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad95824301b4a0852022-01-11 12:22:33.585root 11241100x80000000000000003916497Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:33.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f9a4ad2d317943272022-01-11 12:22:33.586root 11241100x80000000000000003916498Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5add185d016c4dab2022-01-11 12:22:34.084root 11241100x80000000000000003916499Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.070fd88df4cfb4f32022-01-11 12:22:34.084root 11241100x80000000000000003916500Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.962a51786965f1132022-01-11 12:22:34.084root 11241100x80000000000000003916501Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0794e89383b52e82022-01-11 12:22:34.084root 11241100x80000000000000003916502Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f746aa0c13e938452022-01-11 12:22:34.084root 11241100x80000000000000003916503Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6190f044db71d8d2022-01-11 12:22:34.084root 11241100x80000000000000003916504Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3dc2f940ba14f4882022-01-11 12:22:34.084root 11241100x80000000000000003916505Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db5a8445e0bc08542022-01-11 12:22:34.084root 11241100x80000000000000003916506Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bee2563ebd4169fe2022-01-11 12:22:34.084root 11241100x80000000000000003916507Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae627d49cebc8b092022-01-11 12:22:34.085root 11241100x80000000000000003916508Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3a6b6ea25d59aa22022-01-11 12:22:34.085root 11241100x80000000000000003916509Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.85e8f6b4c0b1a9872022-01-11 12:22:34.085root 11241100x80000000000000003916510Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2f2263175f2bfb82022-01-11 12:22:34.085root 11241100x80000000000000003916511Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8438c1751668aeb02022-01-11 12:22:34.085root 11241100x80000000000000003916512Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0659353aadf24932022-01-11 12:22:34.085root 11241100x80000000000000003916513Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbe3416118c74ed12022-01-11 12:22:34.085root 11241100x80000000000000003916514Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.954b89706dc855df2022-01-11 12:22:34.085root 11241100x80000000000000003916515Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.933a9730a6dac9ec2022-01-11 12:22:34.085root 11241100x80000000000000003916516Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df230925d01d5e6d2022-01-11 12:22:34.085root 11241100x80000000000000003916517Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3c6ac7f58d040a22022-01-11 12:22:34.085root 11241100x80000000000000003916518Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.52aaedd5279e9fea2022-01-11 12:22:34.085root 11241100x80000000000000003916519Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da4aa11acef91bb12022-01-11 12:22:34.085root 11241100x80000000000000003916520Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5cf7e0b163024402022-01-11 12:22:34.085root 11241100x80000000000000003916521Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2148800ec012b6132022-01-11 12:22:34.086root 11241100x80000000000000003916522Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e93eb56f1b9c10f62022-01-11 12:22:34.086root 11241100x80000000000000003916523Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d94e97b43903cc492022-01-11 12:22:34.086root 11241100x80000000000000003916524Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0ed6b3aa3af65bb2022-01-11 12:22:34.583root 11241100x80000000000000003916525Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.833e6613767372062022-01-11 12:22:34.583root 11241100x80000000000000003916526Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0459255e1e2923b2022-01-11 12:22:34.584root 11241100x80000000000000003916527Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be7b3a1f0736b20d2022-01-11 12:22:34.584root 11241100x80000000000000003916528Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.94377f54b5283b042022-01-11 12:22:34.584root 11241100x80000000000000003916529Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81ae677eed0d315b2022-01-11 12:22:34.584root 11241100x80000000000000003916530Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76c5bfd48625aab02022-01-11 12:22:34.584root 11241100x80000000000000003916531Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9a25edddd0cbcdf2022-01-11 12:22:34.584root 11241100x80000000000000003916532Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a75cbe3a514c1922022-01-11 12:22:34.585root 11241100x80000000000000003916533Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.855b4f2708fa2b772022-01-11 12:22:34.585root 11241100x80000000000000003916534Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b8671273609904d2022-01-11 12:22:34.585root 11241100x80000000000000003916535Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0f60f57ac5eccfc2022-01-11 12:22:34.585root 11241100x80000000000000003916536Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca75a460c2f1715b2022-01-11 12:22:34.585root 11241100x80000000000000003916537Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e40764891bd9c402022-01-11 12:22:34.585root 11241100x80000000000000003916538Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.13cc796e5454a8d62022-01-11 12:22:34.585root 11241100x80000000000000003916539Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11c8030888e72a9d2022-01-11 12:22:34.586root 11241100x80000000000000003916540Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1cec6bfeaf6e952b2022-01-11 12:22:34.586root 11241100x80000000000000003916541Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a7b413a02726d262022-01-11 12:22:34.586root 11241100x80000000000000003916542Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec6c4638a349a5e32022-01-11 12:22:34.586root 11241100x80000000000000003916543Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.606319bf53f3ce802022-01-11 12:22:34.586root 11241100x80000000000000003916544Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.072277601273f5c22022-01-11 12:22:34.586root 11241100x80000000000000003916545Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c55fee7e2f4acf32022-01-11 12:22:34.586root 11241100x80000000000000003916546Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21db09c91da5cde52022-01-11 12:22:34.587root 11241100x80000000000000003916547Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17d454ea5013235c2022-01-11 12:22:34.587root 11241100x80000000000000003916548Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.101b55f125e999bf2022-01-11 12:22:34.587root 11241100x80000000000000003916549Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b4ece02b704d9282022-01-11 12:22:34.588root 11241100x80000000000000003916550Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e92b2a6231338e22022-01-11 12:22:34.588root 11241100x80000000000000003916551Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9016219c7af2055e2022-01-11 12:22:34.588root 11241100x80000000000000003916552Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:34.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3899fbc10ddfdaf92022-01-11 12:22:34.588root 11241100x80000000000000003916553Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36b0b2280945e3ab2022-01-11 12:22:35.083root 11241100x80000000000000003916554Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f4c8ab5372de92c2022-01-11 12:22:35.083root 11241100x80000000000000003916555Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.59933d50ab465e2a2022-01-11 12:22:35.083root 11241100x80000000000000003916556Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.52b5a1e4c33e5af42022-01-11 12:22:35.083root 11241100x80000000000000003916557Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3fc65b5e38b2eeb02022-01-11 12:22:35.083root 11241100x80000000000000003916558Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51d12b12144448c02022-01-11 12:22:35.084root 11241100x80000000000000003916559Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3478c65f9fdb45fc2022-01-11 12:22:35.084root 11241100x80000000000000003916560Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4978a229378f13c2022-01-11 12:22:35.084root 11241100x80000000000000003916561Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c191d2dbd53f0a122022-01-11 12:22:35.084root 11241100x80000000000000003916562Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fcaade22fd50adb32022-01-11 12:22:35.084root 11241100x80000000000000003916563Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.563c9a516105d9942022-01-11 12:22:35.084root 11241100x80000000000000003916564Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4fd20fdeb0e1f1892022-01-11 12:22:35.084root 11241100x80000000000000003916565Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0bbf5395b69db922022-01-11 12:22:35.084root 11241100x80000000000000003916566Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.368dab40556c561f2022-01-11 12:22:35.084root 11241100x80000000000000003916567Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38176c58121c95fe2022-01-11 12:22:35.084root 11241100x80000000000000003916568Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8da8e3f8640b6832022-01-11 12:22:35.084root 11241100x80000000000000003916569Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c8eee030ebdb3e32022-01-11 12:22:35.084root 11241100x80000000000000003916570Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9880df6833e0bb3a2022-01-11 12:22:35.085root 11241100x80000000000000003916571Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.059c5b7b4b27d5ca2022-01-11 12:22:35.086root 11241100x80000000000000003916572Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.979e7d8da8bd2dae2022-01-11 12:22:35.086root 11241100x80000000000000003916573Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48caccdf9e57ba2b2022-01-11 12:22:35.086root 11241100x80000000000000003916574Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2027fb4562b7c732022-01-11 12:22:35.086root 11241100x80000000000000003916575Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e7181c50c877d4d2022-01-11 12:22:35.086root 11241100x80000000000000003916576Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6db919317a13b1492022-01-11 12:22:35.086root 11241100x80000000000000003916577Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f7b13416b8d1530c2022-01-11 12:22:35.086root 11241100x80000000000000003916578Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35e9fbf7348600972022-01-11 12:22:35.086root 11241100x80000000000000003916579Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba7fcf98837787f02022-01-11 12:22:35.086root 11241100x80000000000000003916580Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7da601c159b033532022-01-11 12:22:35.086root 11241100x80000000000000003916581Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c091bb6ce26177e2022-01-11 12:22:35.088root 11241100x80000000000000003916582Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.018a7c757fdb01b82022-01-11 12:22:35.088root 11241100x80000000000000003916583Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5439ee7a9241f2532022-01-11 12:22:35.088root 11241100x80000000000000003916584Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c01e06995edd4f042022-01-11 12:22:35.088root 11241100x80000000000000003916585Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0fb12d9cda54955d2022-01-11 12:22:35.088root 11241100x80000000000000003916586Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ffb6e4c9421540e02022-01-11 12:22:35.088root 11241100x80000000000000003916587Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9f8d38bb689a51f2022-01-11 12:22:35.088root 11241100x80000000000000003916588Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c2808b529206c572022-01-11 12:22:35.089root 11241100x80000000000000003916589Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bad1efd62bf2ac9e2022-01-11 12:22:35.090root 11241100x80000000000000003916590Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8b916a3cbc597232022-01-11 12:22:35.584root 11241100x80000000000000003916591Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2771bfe02f54f8da2022-01-11 12:22:35.584root 11241100x80000000000000003916592Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5cedb4b1bef6d152022-01-11 12:22:35.584root 11241100x80000000000000003916593Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9079aef607a9db202022-01-11 12:22:35.584root 11241100x80000000000000003916594Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49f19c8310bbe28f2022-01-11 12:22:35.585root 11241100x80000000000000003916595Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eefae8ba3170cad82022-01-11 12:22:35.585root 11241100x80000000000000003916596Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3bfe143a9feca6a32022-01-11 12:22:35.585root 11241100x80000000000000003916597Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b31ddaf2f0a050592022-01-11 12:22:35.585root 11241100x80000000000000003916598Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c47c0a9c5cd57a62022-01-11 12:22:35.585root 11241100x80000000000000003916599Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5ffbc9ba697b5b92022-01-11 12:22:35.585root 11241100x80000000000000003916600Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02aaa3117ca2828f2022-01-11 12:22:35.585root 11241100x80000000000000003916601Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48e54494c889ef072022-01-11 12:22:35.585root 11241100x80000000000000003916602Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9287dd8a34bd89c52022-01-11 12:22:35.586root 11241100x80000000000000003916603Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a59c86261ba528922022-01-11 12:22:35.586root 11241100x80000000000000003916604Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b9b8fc8e42f10e32022-01-11 12:22:35.586root 11241100x80000000000000003916605Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.810001aa602356b42022-01-11 12:22:35.586root 11241100x80000000000000003916606Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b524d9311cdfc8e2022-01-11 12:22:35.586root 11241100x80000000000000003916607Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd7184e6b2787f8f2022-01-11 12:22:35.586root 11241100x80000000000000003916608Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c4f1101747f2ac512022-01-11 12:22:35.586root 11241100x80000000000000003916609Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7293a824a1ca32c32022-01-11 12:22:35.586root 11241100x80000000000000003916610Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1c0943d62eaf22d2022-01-11 12:22:35.586root 11241100x80000000000000003916611Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f7525bfe564f7a72022-01-11 12:22:35.586root 11241100x80000000000000003916612Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc1ca5e616d0b17d2022-01-11 12:22:35.586root 11241100x80000000000000003916613Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bff601ea3fe85ef22022-01-11 12:22:35.586root 11241100x80000000000000003916614Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa0ae5ca183cd34d2022-01-11 12:22:35.586root 11241100x80000000000000003916615Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:35.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.262e480ad111f4cc2022-01-11 12:22:35.586root 11241100x80000000000000003916616Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ae2e6d098c960f52022-01-11 12:22:36.083root 11241100x80000000000000003916617Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93b9fb85daccb4b42022-01-11 12:22:36.083root 11241100x80000000000000003916618Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c49f38ebdef132d2022-01-11 12:22:36.083root 11241100x80000000000000003916619Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b02279b40f56eb82022-01-11 12:22:36.083root 11241100x80000000000000003916620Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f3a6104c11b199c2022-01-11 12:22:36.083root 11241100x80000000000000003916621Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.086aa18f1efe9b162022-01-11 12:22:36.084root 11241100x80000000000000003916622Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.466ef60a85eeb7202022-01-11 12:22:36.084root 11241100x80000000000000003916623Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eddea54b4aadaf962022-01-11 12:22:36.084root 11241100x80000000000000003916624Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a283f4d69f6becd2022-01-11 12:22:36.084root 11241100x80000000000000003916625Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82e50343be61d1242022-01-11 12:22:36.084root 11241100x80000000000000003916626Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.890efd11ed7b4ef82022-01-11 12:22:36.084root 11241100x80000000000000003916627Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f73336e1d7fd6f72022-01-11 12:22:36.084root 11241100x80000000000000003916628Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d7a7527d3b043a12022-01-11 12:22:36.084root 11241100x80000000000000003916629Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d38adff8d78b08e2022-01-11 12:22:36.084root 11241100x80000000000000003916630Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa832ef7724a999a2022-01-11 12:22:36.084root 11241100x80000000000000003916631Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.707d7b7ffd55cb6f2022-01-11 12:22:36.085root 11241100x80000000000000003916632Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.beee5a585fbf5aa32022-01-11 12:22:36.085root 11241100x80000000000000003916633Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c56a489e9468f9a72022-01-11 12:22:36.085root 11241100x80000000000000003916634Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af4f5aa7e8a8fd862022-01-11 12:22:36.085root 11241100x80000000000000003916635Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f52e33b65dc322f2022-01-11 12:22:36.085root 11241100x80000000000000003916636Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.baf8b96d3f41b7232022-01-11 12:22:36.085root 11241100x80000000000000003916637Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.373917c1b9012d842022-01-11 12:22:36.086root 11241100x80000000000000003916638Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20618ab996a7d3e22022-01-11 12:22:36.086root 11241100x80000000000000003916639Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.52ebb03c6ab97d872022-01-11 12:22:36.086root 11241100x80000000000000003916640Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8ff1311c46886d32022-01-11 12:22:36.086root 11241100x80000000000000003916641Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.29a8a93897b877af2022-01-11 12:22:36.086root 11241100x80000000000000003916642Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3e1001dcc5a897e2022-01-11 12:22:36.086root 11241100x80000000000000003916643Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c391a8f347263be92022-01-11 12:22:36.086root 11241100x80000000000000003916644Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6bee11f23ca3c6b2022-01-11 12:22:36.087root 11241100x80000000000000003916645Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e1fa6b2aa8774342022-01-11 12:22:36.087root 11241100x80000000000000003916646Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a708b9a7e89b6e872022-01-11 12:22:36.087root 11241100x80000000000000003916647Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6088dde34b3e6502022-01-11 12:22:36.583root 11241100x80000000000000003916648Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80a54806dfd6c9822022-01-11 12:22:36.583root 11241100x80000000000000003916649Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e1cf906c2f55da32022-01-11 12:22:36.583root 11241100x80000000000000003916650Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4316b690912b15582022-01-11 12:22:36.583root 11241100x80000000000000003916651Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1951651da1f17732022-01-11 12:22:36.583root 11241100x80000000000000003916652Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.448849b80d6ba71b2022-01-11 12:22:36.584root 11241100x80000000000000003916653Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88e06e703199b5042022-01-11 12:22:36.584root 11241100x80000000000000003916654Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed4134742db1d6c52022-01-11 12:22:36.584root 11241100x80000000000000003916655Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e443a2b2e33f4322022-01-11 12:22:36.584root 11241100x80000000000000003916656Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4236ef42963b3ceb2022-01-11 12:22:36.584root 11241100x80000000000000003916657Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc92ab3458656b572022-01-11 12:22:36.584root 11241100x80000000000000003916658Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e53781cba7e20d6a2022-01-11 12:22:36.584root 11241100x80000000000000003916659Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0267091f4c6c91c2022-01-11 12:22:36.584root 11241100x80000000000000003916660Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b639ad0d2e155b12022-01-11 12:22:36.584root 11241100x80000000000000003916661Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.125da56fa6f4942e2022-01-11 12:22:36.585root 11241100x80000000000000003916662Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce9590ef0941f3e62022-01-11 12:22:36.585root 11241100x80000000000000003916663Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e719c8088b3998172022-01-11 12:22:36.585root 11241100x80000000000000003916664Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f2306c3be9e7c2d2022-01-11 12:22:36.585root 11241100x80000000000000003916665Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd1a1c012e2fbff82022-01-11 12:22:36.585root 11241100x80000000000000003916666Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.07c8eb2dca7468542022-01-11 12:22:36.585root 11241100x80000000000000003916667Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6b75c96302aab3b2022-01-11 12:22:36.585root 11241100x80000000000000003916668Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9964985d3a965ab92022-01-11 12:22:36.585root 11241100x80000000000000003916669Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0982bb386cc17efc2022-01-11 12:22:36.586root 11241100x80000000000000003916670Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.373ae932dea3085a2022-01-11 12:22:36.586root 11241100x80000000000000003916671Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a44b4b8f952b8e322022-01-11 12:22:36.586root 11241100x80000000000000003916672Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a84e73f88774aa22022-01-11 12:22:36.587root 11241100x80000000000000003916673Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.018df80b913443ef2022-01-11 12:22:36.587root 11241100x80000000000000003916674Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d3a1e15dfaca8222022-01-11 12:22:36.587root 11241100x80000000000000003916675Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b8254879e30d5472022-01-11 12:22:36.587root 11241100x80000000000000003916676Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2c5df89967e9d522022-01-11 12:22:36.587root 11241100x80000000000000003916677Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:36.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a8b070bf77f756b2022-01-11 12:22:36.587root 11241100x80000000000000003916678Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d169c5890fe5c192022-01-11 12:22:37.083root 11241100x80000000000000003916679Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6fd8f700c9088b682022-01-11 12:22:37.083root 11241100x80000000000000003916680Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a04e781138c4ce22022-01-11 12:22:37.084root 11241100x80000000000000003916681Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b327ea09b38882b2022-01-11 12:22:37.084root 11241100x80000000000000003916682Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.079d6e6d4489a8542022-01-11 12:22:37.084root 11241100x80000000000000003916683Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bad0ac9f80b5f6a02022-01-11 12:22:37.084root 11241100x80000000000000003916684Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfefc488e0e6a5aa2022-01-11 12:22:37.084root 11241100x80000000000000003916685Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c4ea6bba2819e382022-01-11 12:22:37.084root 11241100x80000000000000003916686Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd3be06f423efc592022-01-11 12:22:37.084root 11241100x80000000000000003916687Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7557e08e823191bc2022-01-11 12:22:37.084root 11241100x80000000000000003916688Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.372aa6e4fdca5ee82022-01-11 12:22:37.084root 11241100x80000000000000003916689Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6442b31d38f6c6192022-01-11 12:22:37.085root 11241100x80000000000000003916690Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.357395fd9a13dfc62022-01-11 12:22:37.085root 11241100x80000000000000003916691Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.591dc46dc65652272022-01-11 12:22:37.085root 11241100x80000000000000003916692Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69224bda9ff4421d2022-01-11 12:22:37.085root 11241100x80000000000000003916693Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a1a6c7c9cae26ba2022-01-11 12:22:37.085root 11241100x80000000000000003916694Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.083a945943f31e3c2022-01-11 12:22:37.085root 11241100x80000000000000003916695Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f61d8635bf48d5b2022-01-11 12:22:37.085root 11241100x80000000000000003916696Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d4b83a96361dd452022-01-11 12:22:37.085root 11241100x80000000000000003916697Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1cf32de1eee00672022-01-11 12:22:37.085root 11241100x80000000000000003916698Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.45b5954e90606b9c2022-01-11 12:22:37.085root 11241100x80000000000000003916699Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8b1505562cf1ecd2022-01-11 12:22:37.085root 11241100x80000000000000003916700Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b301fd742f02d96d2022-01-11 12:22:37.085root 11241100x80000000000000003916701Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c55eb2725ce457c12022-01-11 12:22:37.085root 11241100x80000000000000003916702Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf93fb14d4e69cdc2022-01-11 12:22:37.085root 11241100x80000000000000003916703Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.600dd4735fca205e2022-01-11 12:22:37.085root 11241100x80000000000000003916704Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8e12cf6c2d4b59b2022-01-11 12:22:37.086root 11241100x80000000000000003916705Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c126d59274a8e702022-01-11 12:22:37.086root 11241100x80000000000000003916706Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.707d7812c899617b2022-01-11 12:22:37.086root 11241100x80000000000000003916707Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18d2ea4c45bfee792022-01-11 12:22:37.086root 11241100x80000000000000003916708Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b64a76b8e0c772a02022-01-11 12:22:37.583root 11241100x80000000000000003916709Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc810d708816c2512022-01-11 12:22:37.583root 11241100x80000000000000003916710Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6f054546f8acfcb2022-01-11 12:22:37.583root 11241100x80000000000000003916711Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c077c91d82643c0f2022-01-11 12:22:37.583root 11241100x80000000000000003916712Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b89b17b15bff18482022-01-11 12:22:37.583root 11241100x80000000000000003916713Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ec4bb1415e8541f2022-01-11 12:22:37.583root 11241100x80000000000000003916714Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.895c952d06b9084e2022-01-11 12:22:37.584root 11241100x80000000000000003916715Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe4fc2e8fedc23022022-01-11 12:22:37.584root 11241100x80000000000000003916716Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e4a81ae6f8f20612022-01-11 12:22:37.584root 11241100x80000000000000003916717Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf988f99fb599ea42022-01-11 12:22:37.584root 11241100x80000000000000003916718Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01dcb6f488d8b5eb2022-01-11 12:22:37.584root 11241100x80000000000000003916719Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69b66add216b950a2022-01-11 12:22:37.584root 11241100x80000000000000003916720Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0cd0b411c6e83ce62022-01-11 12:22:37.584root 11241100x80000000000000003916721Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad36ce72e45747f12022-01-11 12:22:37.584root 11241100x80000000000000003916722Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.655c12105de583b42022-01-11 12:22:37.584root 11241100x80000000000000003916723Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.978e13b58fab26c32022-01-11 12:22:37.584root 11241100x80000000000000003916724Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df0c1ab79ef7a33e2022-01-11 12:22:37.584root 11241100x80000000000000003916725Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3350ef01b6f3d3632022-01-11 12:22:37.584root 11241100x80000000000000003916726Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4bc75302872d1ea02022-01-11 12:22:37.584root 11241100x80000000000000003916727Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.165c8062615da1312022-01-11 12:22:37.584root 11241100x80000000000000003916728Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3d351161f8b6e112022-01-11 12:22:37.584root 11241100x80000000000000003916729Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c74c9baacb5513e22022-01-11 12:22:37.585root 11241100x80000000000000003916730Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72cd79fc3de4a4e72022-01-11 12:22:37.585root 11241100x80000000000000003916731Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6801d117367952a22022-01-11 12:22:37.585root 11241100x80000000000000003916732Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0e12856eb5cedf42022-01-11 12:22:37.585root 11241100x80000000000000003916733Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9001a527b40439e2022-01-11 12:22:37.585root 11241100x80000000000000003916734Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2485167d779c0ae2022-01-11 12:22:37.585root 11241100x80000000000000003916735Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb48b4d36f0c48352022-01-11 12:22:37.585root 11241100x80000000000000003916736Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89096a7688a1002f2022-01-11 12:22:37.585root 11241100x80000000000000003916737Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4cfbde7089a57ad52022-01-11 12:22:37.585root 11241100x80000000000000003916738Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f00fe712c8171aa42022-01-11 12:22:37.585root 11241100x80000000000000003916739Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d75829560e989862022-01-11 12:22:37.585root 11241100x80000000000000003916740Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ddd53a154d586212022-01-11 12:22:37.585root 11241100x80000000000000003916741Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a9276e08ea654082022-01-11 12:22:37.586root 11241100x80000000000000003916742Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bdde9cd2bef9b9572022-01-11 12:22:37.586root 11241100x80000000000000003916743Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43d6271f669d97d02022-01-11 12:22:37.586root 11241100x80000000000000003916744Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0bfbba8301d95e8e2022-01-11 12:22:37.586root 11241100x80000000000000003916745Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9792d0ad2d3d2d6f2022-01-11 12:22:37.586root 11241100x80000000000000003916746Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.efc057f562e64a752022-01-11 12:22:37.586root 11241100x80000000000000003916747Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6007c5bc1acdc8652022-01-11 12:22:37.586root 11241100x80000000000000003916748Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2f74cfebc414e1b2022-01-11 12:22:37.586root 11241100x80000000000000003916749Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a22fddabdda5e7452022-01-11 12:22:37.586root 11241100x80000000000000003916750Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd250922503d503d2022-01-11 12:22:37.586root 11241100x80000000000000003916751Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.004bcc3c24f712e12022-01-11 12:22:37.586root 11241100x80000000000000003916752Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a881a03151eac92e2022-01-11 12:22:37.586root 11241100x80000000000000003916753Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:37.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dec2a5a5343ce59c2022-01-11 12:22:37.586root 11241100x80000000000000003916754Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4571addcc54cb5b52022-01-11 12:22:38.084root 11241100x80000000000000003916755Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ad54a73e19d70462022-01-11 12:22:38.084root 11241100x80000000000000003916756Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67bd3a1d2f684d832022-01-11 12:22:38.084root 11241100x80000000000000003916757Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.94f06f2bad5342842022-01-11 12:22:38.084root 11241100x80000000000000003916758Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2212b0a9535588382022-01-11 12:22:38.084root 11241100x80000000000000003916759Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e0e8cfe71e26b922022-01-11 12:22:38.084root 11241100x80000000000000003916760Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2f02ab954a5b4a62022-01-11 12:22:38.084root 11241100x80000000000000003916761Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41be612dac80fab82022-01-11 12:22:38.084root 11241100x80000000000000003916762Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eaecc2fdf16f50ee2022-01-11 12:22:38.084root 11241100x80000000000000003916763Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de132326a71d23462022-01-11 12:22:38.085root 11241100x80000000000000003916764Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bad41b0ec15debb32022-01-11 12:22:38.085root 11241100x80000000000000003916765Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f59dbb34b4db3c5a2022-01-11 12:22:38.085root 11241100x80000000000000003916766Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.545105a74c054afa2022-01-11 12:22:38.085root 11241100x80000000000000003916767Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4b6e9cf8deecb292022-01-11 12:22:38.085root 11241100x80000000000000003916768Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aab5e00c6f4c83012022-01-11 12:22:38.085root 11241100x80000000000000003916769Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7690c1b20723b8c72022-01-11 12:22:38.085root 11241100x80000000000000003916770Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e4043d161bfa5932022-01-11 12:22:38.085root 11241100x80000000000000003916771Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc3b45fe2f681ae42022-01-11 12:22:38.085root 11241100x80000000000000003916772Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7bef9b77ee2f01792022-01-11 12:22:38.085root 11241100x80000000000000003916773Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.846a2724862041542022-01-11 12:22:38.085root 11241100x80000000000000003916774Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90b109ebb30c5f992022-01-11 12:22:38.085root 11241100x80000000000000003916775Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3d1b41654177aba2022-01-11 12:22:38.085root 11241100x80000000000000003916776Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e7c8778d5d6e3b52022-01-11 12:22:38.085root 11241100x80000000000000003916777Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b97743a84d3735042022-01-11 12:22:38.085root 11241100x80000000000000003916778Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47a8b5658656f6f12022-01-11 12:22:38.086root 11241100x80000000000000003916779Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b13c4b5adb98915a2022-01-11 12:22:38.086root 354300x80000000000000003916780Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.189{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56348-false10.0.1.12-8000- 11241100x80000000000000003916781Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5719210b65e9e9912022-01-11 12:22:38.584root 11241100x80000000000000003916782Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b603bb11053eb8a2022-01-11 12:22:38.584root 11241100x80000000000000003916783Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36dd0973a8f9890c2022-01-11 12:22:38.584root 11241100x80000000000000003916784Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40cd7cf0e5cf72ea2022-01-11 12:22:38.584root 11241100x80000000000000003916785Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6f0bd85f495d4d72022-01-11 12:22:38.585root 11241100x80000000000000003916786Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc250a30bac512162022-01-11 12:22:38.585root 11241100x80000000000000003916787Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3bd3569a14251d5a2022-01-11 12:22:38.585root 11241100x80000000000000003916788Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bac478c949ca1fff2022-01-11 12:22:38.585root 11241100x80000000000000003916789Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.292ed5d0310349102022-01-11 12:22:38.585root 11241100x80000000000000003916790Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33f9f9d695c698742022-01-11 12:22:38.585root 11241100x80000000000000003916791Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d1aee98a8cb262c2022-01-11 12:22:38.585root 11241100x80000000000000003916792Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d13416e4b5945c52022-01-11 12:22:38.585root 11241100x80000000000000003916793Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3291d5777e30c8772022-01-11 12:22:38.585root 11241100x80000000000000003916794Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f4461c5aced118402022-01-11 12:22:38.585root 11241100x80000000000000003916795Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93b79e480a5f65472022-01-11 12:22:38.585root 11241100x80000000000000003916796Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d179c9d3ad23a9752022-01-11 12:22:38.585root 11241100x80000000000000003916797Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8733ad65eba7b9972022-01-11 12:22:38.585root 11241100x80000000000000003916798Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c95bbb1913d379e42022-01-11 12:22:38.585root 11241100x80000000000000003916799Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd5cb4469c1736572022-01-11 12:22:38.585root 11241100x80000000000000003916800Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8266f9355e0417582022-01-11 12:22:38.585root 11241100x80000000000000003916801Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.29eeaa1c1c2c42752022-01-11 12:22:38.586root 11241100x80000000000000003916802Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f55f62902533e5c72022-01-11 12:22:38.586root 11241100x80000000000000003916803Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab4602af9b17ade32022-01-11 12:22:38.586root 11241100x80000000000000003916804Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.87a2dc6731013beb2022-01-11 12:22:38.586root 11241100x80000000000000003916805Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7bd2e734d06af6032022-01-11 12:22:38.586root 11241100x80000000000000003916806Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4f9e9595443feca2022-01-11 12:22:38.586root 11241100x80000000000000003916807Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:38.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6276ea9d5bf1ffab2022-01-11 12:22:38.586root 11241100x80000000000000003916808Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.affe36a853dd21da2022-01-11 12:22:39.083root 11241100x80000000000000003916809Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.344b752bd85da02f2022-01-11 12:22:39.083root 11241100x80000000000000003916810Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb6334a75ec9ed702022-01-11 12:22:39.083root 11241100x80000000000000003916811Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23a8a018c743eb732022-01-11 12:22:39.084root 11241100x80000000000000003916812Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3932ea04dc30c0002022-01-11 12:22:39.084root 11241100x80000000000000003916813Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4da70316ae51a9c2022-01-11 12:22:39.084root 11241100x80000000000000003916814Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e61fb6fe582bb5e2022-01-11 12:22:39.084root 11241100x80000000000000003916815Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ed053bc36a0d2a22022-01-11 12:22:39.084root 11241100x80000000000000003916816Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62792769ff79ce6d2022-01-11 12:22:39.084root 11241100x80000000000000003916817Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f868dce25384c2cc2022-01-11 12:22:39.084root 11241100x80000000000000003916818Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c63482ba781dd73f2022-01-11 12:22:39.084root 11241100x80000000000000003916819Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8751a800bed94d812022-01-11 12:22:39.084root 11241100x80000000000000003916820Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d022d81ec80018412022-01-11 12:22:39.084root 11241100x80000000000000003916821Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a1312aad8f936442022-01-11 12:22:39.084root 11241100x80000000000000003916822Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35ac3acb39df84a02022-01-11 12:22:39.084root 11241100x80000000000000003916823Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd8dc0b9f82fc23f2022-01-11 12:22:39.084root 11241100x80000000000000003916824Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43fa582705100db72022-01-11 12:22:39.084root 11241100x80000000000000003916825Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.03bb691e00d7dc0d2022-01-11 12:22:39.084root 11241100x80000000000000003916826Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea584bd6c2e2b6b82022-01-11 12:22:39.084root 11241100x80000000000000003916827Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8963c557889d23bf2022-01-11 12:22:39.085root 11241100x80000000000000003916828Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0007a02e8e5a84ba2022-01-11 12:22:39.085root 11241100x80000000000000003916829Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d9bbffe4848e282d2022-01-11 12:22:39.085root 11241100x80000000000000003916830Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9efe5d406ff12bf2022-01-11 12:22:39.085root 11241100x80000000000000003916831Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c75958b05c3cbb242022-01-11 12:22:39.085root 11241100x80000000000000003916832Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb4ef55fcb0920d42022-01-11 12:22:39.085root 11241100x80000000000000003916833Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2573590288fcf2e2022-01-11 12:22:39.085root 11241100x80000000000000003916834Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b98d6267a02976ee2022-01-11 12:22:39.085root 11241100x80000000000000003916835Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f12f6245deb1f9062022-01-11 12:22:39.085root 11241100x80000000000000003916836Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd10ea8b23e3cdb92022-01-11 12:22:39.085root 11241100x80000000000000003916837Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db01b75db9051e842022-01-11 12:22:39.085root 11241100x80000000000000003916838Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97c1b298151555f52022-01-11 12:22:39.085root 11241100x80000000000000003916839Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b398f88821ce9ef2022-01-11 12:22:39.085root 11241100x80000000000000003916840Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d42ddcec268f1d612022-01-11 12:22:39.085root 11241100x80000000000000003916841Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b0d3323718b23d32022-01-11 12:22:39.085root 11241100x80000000000000003916842Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6938b7ff18d78a32022-01-11 12:22:39.085root 11241100x80000000000000003916843Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ec0d7359d70492b2022-01-11 12:22:39.086root 11241100x80000000000000003916844Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee5af5b6ba01ca7e2022-01-11 12:22:39.086root 11241100x80000000000000003916845Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8542d27ab875f2af2022-01-11 12:22:39.086root 11241100x80000000000000003916846Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e62e416ddb6733cb2022-01-11 12:22:39.087root 11241100x80000000000000003916847Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2166a041ba76c4642022-01-11 12:22:39.087root 11241100x80000000000000003916848Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.641d97087f188b1e2022-01-11 12:22:39.087root 11241100x80000000000000003916849Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9bbe81dd2837071f2022-01-11 12:22:39.087root 11241100x80000000000000003916850Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d19ccb587830dc82022-01-11 12:22:39.088root 11241100x80000000000000003916851Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51e242d15b670ebe2022-01-11 12:22:39.088root 11241100x80000000000000003916852Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.64a93d9b0b8098882022-01-11 12:22:39.088root 11241100x80000000000000003916853Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7e2e8d63766dfac2022-01-11 12:22:39.088root 11241100x80000000000000003916854Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6d71a560029b3e82022-01-11 12:22:39.088root 11241100x80000000000000003916855Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e75c55531545f89f2022-01-11 12:22:39.088root 11241100x80000000000000003916856Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2ecf31c8139bcef2022-01-11 12:22:39.089root 11241100x80000000000000003916857Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0787f6a9153ecb7f2022-01-11 12:22:39.089root 11241100x80000000000000003916858Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ccb0e1227fae71fe2022-01-11 12:22:39.089root 11241100x80000000000000003916859Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a107a2f28faf7e012022-01-11 12:22:39.089root 11241100x80000000000000003916860Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15f1cecc0edf3d502022-01-11 12:22:39.090root 11241100x80000000000000003916861Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b04932bd46aaeeb2022-01-11 12:22:39.090root 11241100x80000000000000003916862Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2480ff9da834581c2022-01-11 12:22:39.090root 11241100x80000000000000003916863Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d444823a94430c482022-01-11 12:22:39.090root 11241100x80000000000000003916864Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9540e73c4edea9212022-01-11 12:22:39.090root 11241100x80000000000000003916865Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.540881b42778e21c2022-01-11 12:22:39.090root 11241100x80000000000000003916866Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0761da5c7969c8052022-01-11 12:22:39.091root 11241100x80000000000000003916867Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a46f536d64ce1e2d2022-01-11 12:22:39.091root 11241100x80000000000000003916868Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e9d4f49b7339b142022-01-11 12:22:39.091root 11241100x80000000000000003916869Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2cd051d2c9709062022-01-11 12:22:39.091root 11241100x80000000000000003916870Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43792e04607f8c132022-01-11 12:22:39.091root 11241100x80000000000000003916871Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dcf652a40e2a1ab02022-01-11 12:22:39.091root 11241100x80000000000000003916872Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.70dd17cc6906e5b02022-01-11 12:22:39.091root 11241100x80000000000000003916873Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.840101311f0e82342022-01-11 12:22:39.091root 11241100x80000000000000003916874Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54c8e8e24e23d4e92022-01-11 12:22:39.091root 11241100x80000000000000003916875Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.07421a919844a0c52022-01-11 12:22:39.091root 11241100x80000000000000003916876Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb19cd32d1e125b42022-01-11 12:22:39.091root 11241100x80000000000000003916877Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.092{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da12c836ec123fa32022-01-11 12:22:39.092root 11241100x80000000000000003916878Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.092{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed8cb07c3761d12e2022-01-11 12:22:39.092root 11241100x80000000000000003916879Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.092{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48e183c491a548292022-01-11 12:22:39.092root 11241100x80000000000000003916880Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.092{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1052422f59fd2132022-01-11 12:22:39.092root 11241100x80000000000000003916881Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.092{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.562402f06fd6e1da2022-01-11 12:22:39.092root 11241100x80000000000000003916882Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.092{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5cf2bdd4ebdd03db2022-01-11 12:22:39.092root 11241100x80000000000000003916883Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.092{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5c61469a0c60c102022-01-11 12:22:39.092root 11241100x80000000000000003916884Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.092{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79c8deff9597246f2022-01-11 12:22:39.092root 11241100x80000000000000003916885Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.092{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc376b0ed1bd91a32022-01-11 12:22:39.092root 11241100x80000000000000003916886Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.092{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f67d4dbfa4db4042022-01-11 12:22:39.092root 11241100x80000000000000003916887Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.092{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.acd3b972cca942dc2022-01-11 12:22:39.092root 11241100x80000000000000003916888Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.092{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f4cfdfad82e228662022-01-11 12:22:39.092root 11241100x80000000000000003916889Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.093{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38743f67256a93d62022-01-11 12:22:39.093root 11241100x80000000000000003916890Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.093{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4676c6b7d33804842022-01-11 12:22:39.093root 11241100x80000000000000003916891Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.093{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.59f3a0ccac5532c92022-01-11 12:22:39.093root 11241100x80000000000000003916892Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.093{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.475054cf545c52572022-01-11 12:22:39.093root 11241100x80000000000000003916893Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb01e371c6dd6b112022-01-11 12:22:39.584root 11241100x80000000000000003916894Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.122f3548ed9592732022-01-11 12:22:39.584root 11241100x80000000000000003916895Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb4942833e4163842022-01-11 12:22:39.584root 11241100x80000000000000003916896Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8567397908e859962022-01-11 12:22:39.585root 11241100x80000000000000003916897Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f52c1693d25cf5962022-01-11 12:22:39.585root 11241100x80000000000000003916898Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ff277c2d63a39042022-01-11 12:22:39.585root 11241100x80000000000000003916899Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2962637412e647412022-01-11 12:22:39.585root 11241100x80000000000000003916900Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c55e5b0726cc71732022-01-11 12:22:39.585root 11241100x80000000000000003916901Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38967759d74527c32022-01-11 12:22:39.585root 11241100x80000000000000003916902Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41fb085602bb6c962022-01-11 12:22:39.586root 11241100x80000000000000003916903Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.def4cfdeb788aafd2022-01-11 12:22:39.586root 11241100x80000000000000003916904Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab6d5e2054a1e7952022-01-11 12:22:39.586root 11241100x80000000000000003916905Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6abeb9ed4c0d3f6e2022-01-11 12:22:39.586root 11241100x80000000000000003916906Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b65ff0e0bf3aa592022-01-11 12:22:39.586root 11241100x80000000000000003916907Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.421800de6a335d122022-01-11 12:22:39.586root 11241100x80000000000000003916908Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c335aa1963ad42f62022-01-11 12:22:39.586root 11241100x80000000000000003916909Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8f2e2eec19613892022-01-11 12:22:39.587root 11241100x80000000000000003916910Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8502f490323a76112022-01-11 12:22:39.587root 11241100x80000000000000003916911Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d26cee5c88a60daa2022-01-11 12:22:39.587root 11241100x80000000000000003916912Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33c3b8c256eae81e2022-01-11 12:22:39.587root 11241100x80000000000000003916913Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a03e8a49bad6b9532022-01-11 12:22:39.587root 11241100x80000000000000003916914Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ea61d8515a90d232022-01-11 12:22:39.587root 11241100x80000000000000003916915Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c652e31b282e53642022-01-11 12:22:39.587root 11241100x80000000000000003916916Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c930e735f47c70e2022-01-11 12:22:39.587root 11241100x80000000000000003916917Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5cbd5ecb09f4e6e82022-01-11 12:22:39.587root 11241100x80000000000000003916918Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.014f497674e26b3a2022-01-11 12:22:39.587root 11241100x80000000000000003916919Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:39.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8fa1dce699c4055a2022-01-11 12:22:39.587root 11241100x80000000000000003916920Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a299810076c1422a2022-01-11 12:22:40.084root 11241100x80000000000000003916921Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7fab193979f21a2c2022-01-11 12:22:40.084root 11241100x80000000000000003916922Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.664e63dd6d711e6f2022-01-11 12:22:40.084root 11241100x80000000000000003916923Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d19724dbfd0638d62022-01-11 12:22:40.084root 11241100x80000000000000003916924Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.649b6fba63345bac2022-01-11 12:22:40.084root 11241100x80000000000000003916925Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48936fec2d9c53c22022-01-11 12:22:40.084root 11241100x80000000000000003916926Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d3321e3628aa0952022-01-11 12:22:40.084root 11241100x80000000000000003916927Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57e9c0fd3b92e7262022-01-11 12:22:40.084root 11241100x80000000000000003916928Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3634e056813acd382022-01-11 12:22:40.085root 11241100x80000000000000003916929Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f78889d54bb12e922022-01-11 12:22:40.085root 11241100x80000000000000003916930Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.922ddccdffb600d02022-01-11 12:22:40.085root 11241100x80000000000000003916931Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6c72e1363906eac2022-01-11 12:22:40.085root 11241100x80000000000000003916932Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4131158b126d1ad72022-01-11 12:22:40.085root 11241100x80000000000000003916933Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01c592c505ee71872022-01-11 12:22:40.085root 11241100x80000000000000003916934Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ace0abfc3928a5f52022-01-11 12:22:40.085root 11241100x80000000000000003916935Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0b01be79a7d3a8b2022-01-11 12:22:40.085root 11241100x80000000000000003916936Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7fc99419236fd662022-01-11 12:22:40.085root 11241100x80000000000000003916937Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a33e98618e5eb4552022-01-11 12:22:40.085root 11241100x80000000000000003916938Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d27a85fe1c206022022-01-11 12:22:40.085root 11241100x80000000000000003916939Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc4d0e18c3e4196f2022-01-11 12:22:40.085root 11241100x80000000000000003916940Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6dcb798c52922fb62022-01-11 12:22:40.085root 11241100x80000000000000003916941Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa8803776d0d82702022-01-11 12:22:40.086root 11241100x80000000000000003916942Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0022dc6d59c61b6c2022-01-11 12:22:40.086root 11241100x80000000000000003916943Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db3da051cc95a7c92022-01-11 12:22:40.086root 11241100x80000000000000003916944Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02deefdb64e7f8042022-01-11 12:22:40.086root 11241100x80000000000000003916945Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b6e740be914408c2022-01-11 12:22:40.086root 11241100x80000000000000003916946Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.420d6f3c2254b5e42022-01-11 12:22:40.086root 11241100x80000000000000003916947Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c2c41a6a2b3a8f72022-01-11 12:22:40.583root 11241100x80000000000000003916948Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8aefb5c4ed18dd12022-01-11 12:22:40.583root 11241100x80000000000000003916949Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2f248100a4da9b02022-01-11 12:22:40.583root 11241100x80000000000000003916950Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c42c8a65f9b157662022-01-11 12:22:40.583root 11241100x80000000000000003916951Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3df7aad2c7e2b362022-01-11 12:22:40.583root 11241100x80000000000000003916952Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02bbcc755318a9502022-01-11 12:22:40.583root 11241100x80000000000000003916953Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8ba809c7f306d7d2022-01-11 12:22:40.584root 11241100x80000000000000003916954Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7dd05cf00671b2d42022-01-11 12:22:40.584root 11241100x80000000000000003916955Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a54822dc66cc2112022-01-11 12:22:40.584root 11241100x80000000000000003916956Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.008a7570ba9f60dc2022-01-11 12:22:40.584root 11241100x80000000000000003916957Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.518fef211d3524872022-01-11 12:22:40.584root 11241100x80000000000000003916958Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f7edce6565f474b2022-01-11 12:22:40.584root 11241100x80000000000000003916959Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f3ada20f58d3d432022-01-11 12:22:40.584root 11241100x80000000000000003916960Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82ff0be39f91fff62022-01-11 12:22:40.584root 11241100x80000000000000003916961Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa291aa88bda9ea22022-01-11 12:22:40.584root 11241100x80000000000000003916962Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4fd4088d793c6dff2022-01-11 12:22:40.584root 11241100x80000000000000003916963Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.778996cd5f0fbdd62022-01-11 12:22:40.584root 11241100x80000000000000003916964Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23188eb7b66af3102022-01-11 12:22:40.584root 11241100x80000000000000003916965Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.986287f90b653e0c2022-01-11 12:22:40.584root 11241100x80000000000000003916966Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c963a0d6cd723f992022-01-11 12:22:40.584root 11241100x80000000000000003916967Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.07837795b158092d2022-01-11 12:22:40.585root 11241100x80000000000000003916968Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6df6fb5d6fb124422022-01-11 12:22:40.585root 11241100x80000000000000003916969Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7dce2b4b93b2bddc2022-01-11 12:22:40.585root 11241100x80000000000000003916970Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.64508419cf94ea8a2022-01-11 12:22:40.585root 11241100x80000000000000003916971Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c5f3a725ac304f32022-01-11 12:22:40.585root 11241100x80000000000000003916972Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0909e26a5d4fc7ea2022-01-11 12:22:40.585root 11241100x80000000000000003916973Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f0639b11325c2512022-01-11 12:22:40.585root 11241100x80000000000000003916974Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0a4f937e433bd182022-01-11 12:22:40.585root 11241100x80000000000000003916975Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8cd37fe1b3b420f92022-01-11 12:22:40.585root 11241100x80000000000000003916976Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c283f4cb05cc9fae2022-01-11 12:22:40.585root 11241100x80000000000000003916977Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.45e76eb55374097d2022-01-11 12:22:40.585root 11241100x80000000000000003916978Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9815e056f8204ad2022-01-11 12:22:40.585root 11241100x80000000000000003916979Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d75d7eaa2d86a6672022-01-11 12:22:40.586root 11241100x80000000000000003916980Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3959313429e30ad2022-01-11 12:22:40.586root 11241100x80000000000000003916981Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c181593c1c8bdb752022-01-11 12:22:40.586root 11241100x80000000000000003916982Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d24a602e516239c2022-01-11 12:22:40.586root 11241100x80000000000000003916983Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ed10560cc4708c02022-01-11 12:22:40.586root 11241100x80000000000000003916984Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2021a76a551390a2022-01-11 12:22:40.586root 11241100x80000000000000003916985Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dac714437e3cf32e2022-01-11 12:22:40.586root 11241100x80000000000000003916986Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f164679f0102a56d2022-01-11 12:22:40.586root 11241100x80000000000000003916987Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf04e5fbb99f55772022-01-11 12:22:40.586root 11241100x80000000000000003916988Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4240f299bcf8bbbc2022-01-11 12:22:40.586root 11241100x80000000000000003916989Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2b8f438ffb807a52022-01-11 12:22:40.586root 11241100x80000000000000003916990Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc664b019ad19cec2022-01-11 12:22:40.586root 11241100x80000000000000003916991Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.24481821914704492022-01-11 12:22:40.586root 11241100x80000000000000003916992Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77d238d886ccb4a32022-01-11 12:22:40.587root 11241100x80000000000000003916993Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5983bc00de6ae02f2022-01-11 12:22:40.587root 11241100x80000000000000003916994Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b9375b864caddb52022-01-11 12:22:40.587root 11241100x80000000000000003916995Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.666b9d6509ce43e72022-01-11 12:22:40.587root 11241100x80000000000000003916996Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5efdf5da3f06f472022-01-11 12:22:40.587root 11241100x80000000000000003916997Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.463ee6af808e0b6f2022-01-11 12:22:40.587root 11241100x80000000000000003916998Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b8fd858aa73b65e2022-01-11 12:22:40.587root 11241100x80000000000000003916999Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4d29fc1a41f85ea72022-01-11 12:22:40.587root 11241100x80000000000000003917000Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7aa75773932661852022-01-11 12:22:40.587root 11241100x80000000000000003917001Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1e6d35751db354e52022-01-11 12:22:40.587root 11241100x80000000000000003917002Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51aaa6243a57008f2022-01-11 12:22:40.587root 11241100x80000000000000003917003Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba0eeab6df8f06252022-01-11 12:22:40.587root 11241100x80000000000000003917004Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9aad53a1bc1701d72022-01-11 12:22:40.587root 154100x80000000000000003917005Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:40.672{ec2d504d-7690-61dd-80f2-d7e7f4550000}9863/bin/nano-----nano /etc/ssh/sshd_config/home/ubuntuubuntu{ec2d504d-5fc1-61dd-e803-000000000000}100033no level-{ec2d504d-5fc1-61dd-0874-7a9047560000}9580/bin/bash-bashubuntu 11241100x80000000000000003917006Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bcd2e778ca2a2b402022-01-11 12:22:41.083root 11241100x80000000000000003917007Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da70dbd3e8c1bda72022-01-11 12:22:41.083root 11241100x80000000000000003917008Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb997de1bb9422bc2022-01-11 12:22:41.083root 11241100x80000000000000003917009Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1861a82e3eca1ac2022-01-11 12:22:41.083root 11241100x80000000000000003917010Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43293d74c5843e272022-01-11 12:22:41.083root 11241100x80000000000000003917011Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a39ed5706c7f5eaf2022-01-11 12:22:41.084root 11241100x80000000000000003917012Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.71895c984be50dc02022-01-11 12:22:41.084root 11241100x80000000000000003917013Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9eb3c2607ff9f1c32022-01-11 12:22:41.084root 11241100x80000000000000003917014Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55218c3d66a140ca2022-01-11 12:22:41.084root 11241100x80000000000000003917015Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d853ff2bdddda2e12022-01-11 12:22:41.084root 11241100x80000000000000003917016Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5644e14dbbcc168a2022-01-11 12:22:41.084root 11241100x80000000000000003917017Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54f498b5bcf52a002022-01-11 12:22:41.084root 11241100x80000000000000003917018Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e71af2a24f14e812022-01-11 12:22:41.084root 11241100x80000000000000003917019Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84896871144017392022-01-11 12:22:41.084root 11241100x80000000000000003917020Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d84ba4e6cc87553f2022-01-11 12:22:41.084root 11241100x80000000000000003917021Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec62c0e667b743982022-01-11 12:22:41.084root 11241100x80000000000000003917022Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f2dc5c69fc6163e2022-01-11 12:22:41.084root 11241100x80000000000000003917023Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed24f582a92764622022-01-11 12:22:41.084root 11241100x80000000000000003917024Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16ed344eaf9286862022-01-11 12:22:41.084root 11241100x80000000000000003917025Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09d0ac2453417c952022-01-11 12:22:41.084root 11241100x80000000000000003917026Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2697c0cc63e1124e2022-01-11 12:22:41.084root 11241100x80000000000000003917027Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.edfa3bf99301721e2022-01-11 12:22:41.085root 11241100x80000000000000003917028Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1e14b296264e9312022-01-11 12:22:41.085root 11241100x80000000000000003917029Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e28c3d0bf550cba2022-01-11 12:22:41.085root 11241100x80000000000000003917030Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.775ab4118855c3c62022-01-11 12:22:41.085root 11241100x80000000000000003917031Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a11c38bc969ede32022-01-11 12:22:41.085root 11241100x80000000000000003917032Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25fcbc626a8503b32022-01-11 12:22:41.085root 11241100x80000000000000003917033Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93ec523a4c5b7ccb2022-01-11 12:22:41.085root 11241100x80000000000000003917034Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f3b30083efc63572022-01-11 12:22:41.085root 11241100x80000000000000003917035Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cbfeff31dc1e18ba2022-01-11 12:22:41.085root 11241100x80000000000000003917036Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.435a5173e9a4cce52022-01-11 12:22:41.085root 11241100x80000000000000003917037Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.309011477a1f474d2022-01-11 12:22:41.085root 11241100x80000000000000003917038Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f84f69136952e7792022-01-11 12:22:41.085root 11241100x80000000000000003917039Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec11a5ed510557112022-01-11 12:22:41.085root 11241100x80000000000000003917040Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9689cfca99473da2022-01-11 12:22:41.085root 11241100x80000000000000003917041Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c257da3a443c40df2022-01-11 12:22:41.085root 11241100x80000000000000003917042Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18d6268837417d422022-01-11 12:22:41.086root 11241100x80000000000000003917043Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6dfa041ab982d1932022-01-11 12:22:41.086root 11241100x80000000000000003917044Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e68959e614a2fa712022-01-11 12:22:41.086root 11241100x80000000000000003917045Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6abac266cf826262022-01-11 12:22:41.086root 11241100x80000000000000003917046Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8cf8fac1e56d774d2022-01-11 12:22:41.086root 11241100x80000000000000003917047Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba739b4c6929a2b72022-01-11 12:22:41.086root 11241100x80000000000000003917048Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c813614d07dce8442022-01-11 12:22:41.086root 11241100x80000000000000003917049Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18622798cf86d9322022-01-11 12:22:41.087root 11241100x80000000000000003917050Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40aab3f3bddf52df2022-01-11 12:22:41.087root 11241100x80000000000000003917051Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd497ebe777c04472022-01-11 12:22:41.087root 11241100x80000000000000003917052Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1065e1dad024cf892022-01-11 12:22:41.087root 11241100x80000000000000003917053Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1d52a3e783229fd2022-01-11 12:22:41.087root 11241100x80000000000000003917054Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15367eaf231822d02022-01-11 12:22:41.087root 11241100x80000000000000003917055Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2fb28eb92ffaa6a2022-01-11 12:22:41.087root 11241100x80000000000000003917056Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5674400da2bce4912022-01-11 12:22:41.087root 11241100x80000000000000003917057Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef2def35863dc24f2022-01-11 12:22:41.584root 11241100x80000000000000003917058Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.75bea1ba86b726742022-01-11 12:22:41.584root 11241100x80000000000000003917059Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ca3a0d0c73bbaa22022-01-11 12:22:41.584root 11241100x80000000000000003917060Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f07127e6f76673db2022-01-11 12:22:41.585root 11241100x80000000000000003917061Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aab75dc845c90c592022-01-11 12:22:41.585root 11241100x80000000000000003917062Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c55d2ba3e577c0162022-01-11 12:22:41.585root 11241100x80000000000000003917063Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10365b111b1ff1422022-01-11 12:22:41.585root 11241100x80000000000000003917064Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.30203643db66ee812022-01-11 12:22:41.585root 11241100x80000000000000003917065Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1905e2217df2cacc2022-01-11 12:22:41.585root 11241100x80000000000000003917066Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.961d4a43f94f184c2022-01-11 12:22:41.585root 11241100x80000000000000003917067Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5066c302c7a51732022-01-11 12:22:41.585root 11241100x80000000000000003917068Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09680cac058057aa2022-01-11 12:22:41.585root 11241100x80000000000000003917069Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d43194360194b3e82022-01-11 12:22:41.585root 11241100x80000000000000003917070Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55c471369aa6902f2022-01-11 12:22:41.585root 11241100x80000000000000003917071Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f70e331377cbf2772022-01-11 12:22:41.586root 11241100x80000000000000003917072Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a4a984341f1d3722022-01-11 12:22:41.586root 11241100x80000000000000003917073Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a82b0f4d0c605132022-01-11 12:22:41.586root 11241100x80000000000000003917074Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4a8a8e69eadef8d2022-01-11 12:22:41.586root 11241100x80000000000000003917075Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5d30d57e4d648f02022-01-11 12:22:41.586root 11241100x80000000000000003917076Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5bd7f3e870b5f3c12022-01-11 12:22:41.586root 11241100x80000000000000003917077Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1931094470f03992022-01-11 12:22:41.586root 11241100x80000000000000003917078Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6741f5eb67a58c72022-01-11 12:22:41.586root 11241100x80000000000000003917079Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c6d537f246e4b592022-01-11 12:22:41.586root 11241100x80000000000000003917080Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ccbbbfead8978e42022-01-11 12:22:41.586root 11241100x80000000000000003917081Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ec32f29f043c74e2022-01-11 12:22:41.586root 11241100x80000000000000003917082Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67b29e634533901d2022-01-11 12:22:41.586root 11241100x80000000000000003917083Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a58e0045b99351c2022-01-11 12:22:41.586root 11241100x80000000000000003917084Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:41.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c90c7d41381aecc92022-01-11 12:22:41.586root 11241100x80000000000000003917085Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96942c036cb025c62022-01-11 12:22:42.084root 11241100x80000000000000003917086Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b21952769bc4a8a2022-01-11 12:22:42.084root 11241100x80000000000000003917087Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7b372583e3472e42022-01-11 12:22:42.084root 11241100x80000000000000003917088Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef87c79f4821f5ba2022-01-11 12:22:42.084root 11241100x80000000000000003917089Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.335752a96a68856d2022-01-11 12:22:42.084root 11241100x80000000000000003917090Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.94b9d836ee8191072022-01-11 12:22:42.084root 11241100x80000000000000003917091Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8285c079fd4e26c32022-01-11 12:22:42.084root 11241100x80000000000000003917092Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.899e18ed0a97405c2022-01-11 12:22:42.084root 11241100x80000000000000003917093Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.75d9fc3322b0adb02022-01-11 12:22:42.084root 11241100x80000000000000003917094Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3252643a12b94bdd2022-01-11 12:22:42.084root 11241100x80000000000000003917095Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ccb56212bd880c3b2022-01-11 12:22:42.085root 11241100x80000000000000003917096Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9667f853840b47f2022-01-11 12:22:42.085root 11241100x80000000000000003917097Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5cf117b6ae8da4c02022-01-11 12:22:42.085root 11241100x80000000000000003917098Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10bf195946e5cbf82022-01-11 12:22:42.085root 11241100x80000000000000003917099Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd90d088957c2b4e2022-01-11 12:22:42.085root 11241100x80000000000000003917100Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fcec84200e51be382022-01-11 12:22:42.085root 11241100x80000000000000003917101Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76ee3e178e969a942022-01-11 12:22:42.085root 11241100x80000000000000003917102Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00fa1ccdd0f0b8f92022-01-11 12:22:42.085root 11241100x80000000000000003917103Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf72c11aaa4490c92022-01-11 12:22:42.085root 11241100x80000000000000003917104Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e51a4cf7cdac9d0c2022-01-11 12:22:42.085root 11241100x80000000000000003917105Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6ee1b02884e2e5a2022-01-11 12:22:42.085root 11241100x80000000000000003917106Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91dfdd57104ff7b52022-01-11 12:22:42.085root 11241100x80000000000000003917107Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f6813da128501f32022-01-11 12:22:42.085root 11241100x80000000000000003917108Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d0f0fbc241079f242022-01-11 12:22:42.085root 11241100x80000000000000003917109Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f7260db8f4f4e2512022-01-11 12:22:42.085root 11241100x80000000000000003917110Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb88e613cffcd4bd2022-01-11 12:22:42.086root 11241100x80000000000000003917111Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b180d06585c2b5a42022-01-11 12:22:42.086root 11241100x80000000000000003917112Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ffd2b5da6f5d0ac12022-01-11 12:22:42.086root 11241100x80000000000000003917113Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b5d708e6c89972a2022-01-11 12:22:42.583root 11241100x80000000000000003917114Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dbd0f62e6482bdc32022-01-11 12:22:42.583root 11241100x80000000000000003917115Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d46e787eec4aa6ec2022-01-11 12:22:42.584root 11241100x80000000000000003917116Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a053c0007862c5492022-01-11 12:22:42.584root 11241100x80000000000000003917117Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0df5ae0de463a4a92022-01-11 12:22:42.584root 11241100x80000000000000003917118Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.27d171009b8c89c52022-01-11 12:22:42.584root 11241100x80000000000000003917119Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9e1a22e499cc5da2022-01-11 12:22:42.584root 11241100x80000000000000003917120Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ea3f8b34a70eb2c2022-01-11 12:22:42.584root 11241100x80000000000000003917121Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43590ae8cec776dc2022-01-11 12:22:42.585root 11241100x80000000000000003917122Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7fba8fe9f6c0af3b2022-01-11 12:22:42.585root 11241100x80000000000000003917123Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19e83b2fd7be73d12022-01-11 12:22:42.585root 11241100x80000000000000003917124Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6bee50b33968b1a12022-01-11 12:22:42.585root 11241100x80000000000000003917125Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c6ce308488a12042022-01-11 12:22:42.585root 11241100x80000000000000003917126Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4d304392ca77b3ee2022-01-11 12:22:42.585root 11241100x80000000000000003917127Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4a6dc2afdb328842022-01-11 12:22:42.585root 11241100x80000000000000003917128Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab1582045d550f4a2022-01-11 12:22:42.585root 11241100x80000000000000003917129Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01d727c34396f4f22022-01-11 12:22:42.586root 11241100x80000000000000003917130Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ba6b878850945902022-01-11 12:22:42.586root 11241100x80000000000000003917131Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.27fe7bc50961f61d2022-01-11 12:22:42.586root 11241100x80000000000000003917132Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e262f1f6a1a01992022-01-11 12:22:42.586root 11241100x80000000000000003917133Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.24bd5602b132384e2022-01-11 12:22:42.586root 11241100x80000000000000003917134Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b30674665dd9aac2022-01-11 12:22:42.586root 11241100x80000000000000003917135Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db6b65ffdd12c6592022-01-11 12:22:42.586root 11241100x80000000000000003917136Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1527bc346ebf7ba92022-01-11 12:22:42.586root 11241100x80000000000000003917137Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb235fa0b6cc1b7e2022-01-11 12:22:42.586root 11241100x80000000000000003917138Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a6306413d946d342022-01-11 12:22:42.586root 11241100x80000000000000003917139Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e7b3802a959e6e02022-01-11 12:22:42.586root 11241100x80000000000000003917140Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.feb3de6342ae36812022-01-11 12:22:42.586root 11241100x80000000000000003917141Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fab0c4ab5b0dc592022-01-11 12:22:42.586root 11241100x80000000000000003917142Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e97dc401360531a02022-01-11 12:22:42.586root 11241100x80000000000000003917143Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe103baaf67d22792022-01-11 12:22:42.586root 11241100x80000000000000003917144Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dcb784919fed21ab2022-01-11 12:22:42.587root 11241100x80000000000000003917145Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d82872998d260d7e2022-01-11 12:22:42.587root 11241100x80000000000000003917146Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d3df4ae375adf032022-01-11 12:22:42.587root 11241100x80000000000000003917147Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c3b61f9277933632022-01-11 12:22:42.587root 11241100x80000000000000003917148Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:42.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c881155fc362ab8e2022-01-11 12:22:42.587root 11241100x80000000000000003917149Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c435dd4d13397412022-01-11 12:22:43.083root 11241100x80000000000000003917150Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d2ae541c5cc80f52022-01-11 12:22:43.084root 11241100x80000000000000003917151Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6328a4d09bf394902022-01-11 12:22:43.084root 11241100x80000000000000003917152Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b295b946fa88d3002022-01-11 12:22:43.084root 11241100x80000000000000003917153Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d09c4b4da5f954a2022-01-11 12:22:43.084root 11241100x80000000000000003917154Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.85dc3336c95138cf2022-01-11 12:22:43.084root 11241100x80000000000000003917155Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40cc7e7a0a77cfcf2022-01-11 12:22:43.084root 11241100x80000000000000003917156Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.822c18fb1dc344292022-01-11 12:22:43.085root 11241100x80000000000000003917157Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d9d0a8b38162214b2022-01-11 12:22:43.085root 11241100x80000000000000003917158Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe6bd199962250d12022-01-11 12:22:43.085root 11241100x80000000000000003917159Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1be5f7dece9e6482022-01-11 12:22:43.085root 11241100x80000000000000003917160Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4ef99f558d2ea172022-01-11 12:22:43.085root 11241100x80000000000000003917161Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.75210d7d4a926e4b2022-01-11 12:22:43.086root 11241100x80000000000000003917162Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38aa3860b39067f22022-01-11 12:22:43.086root 11241100x80000000000000003917163Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34908b103a31bf5f2022-01-11 12:22:43.086root 11241100x80000000000000003917164Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d647e950bb3baa932022-01-11 12:22:43.086root 11241100x80000000000000003917165Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e695c7024aff47f72022-01-11 12:22:43.086root 11241100x80000000000000003917166Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01800ccbf17c9f622022-01-11 12:22:43.086root 11241100x80000000000000003917167Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.472ae402ee6ed4952022-01-11 12:22:43.087root 11241100x80000000000000003917168Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f282ad50cc36b792022-01-11 12:22:43.087root 11241100x80000000000000003917169Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f2dc469353d038c2022-01-11 12:22:43.087root 11241100x80000000000000003917170Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4886f21b322b06ab2022-01-11 12:22:43.087root 11241100x80000000000000003917171Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ce4dfd9aef58e532022-01-11 12:22:43.087root 11241100x80000000000000003917172Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36efc10addc5753a2022-01-11 12:22:43.087root 11241100x80000000000000003917173Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47f7fff852f1b85a2022-01-11 12:22:43.087root 11241100x80000000000000003917174Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5fd0de510c1fbb782022-01-11 12:22:43.087root 11241100x80000000000000003917175Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54c0797b386e85782022-01-11 12:22:43.087root 11241100x80000000000000003917176Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3396cdd077922f942022-01-11 12:22:43.088root 11241100x80000000000000003917177Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3866a9da8bb9717b2022-01-11 12:22:43.088root 11241100x80000000000000003917178Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8fcc05da76eaa6a12022-01-11 12:22:43.088root 11241100x80000000000000003917179Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53928f657939c5e22022-01-11 12:22:43.088root 11241100x80000000000000003917180Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3973dc93701b1f4d2022-01-11 12:22:43.088root 11241100x80000000000000003917181Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69b188cbb39ef33c2022-01-11 12:22:43.088root 11241100x80000000000000003917182Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a36faf1f77975f642022-01-11 12:22:43.088root 11241100x80000000000000003917183Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f0206cc8bc0c9c42022-01-11 12:22:43.088root 11241100x80000000000000003917184Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54c8e90acbb8cfc12022-01-11 12:22:43.584root 11241100x80000000000000003917185Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2e3ee906085fc8a2022-01-11 12:22:43.584root 11241100x80000000000000003917186Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6da8d72fea54bf102022-01-11 12:22:43.584root 11241100x80000000000000003917187Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ba15a460c8446312022-01-11 12:22:43.584root 11241100x80000000000000003917188Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cbe365dd2c900a2b2022-01-11 12:22:43.584root 11241100x80000000000000003917189Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.994a6cc3d6275c5f2022-01-11 12:22:43.584root 11241100x80000000000000003917190Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.406ea16a86c74fa42022-01-11 12:22:43.584root 11241100x80000000000000003917191Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b859fd7d39bc0362022-01-11 12:22:43.584root 11241100x80000000000000003917192Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c4bf52718f0dc752022-01-11 12:22:43.584root 11241100x80000000000000003917193Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2f78365b969d1252022-01-11 12:22:43.584root 11241100x80000000000000003917194Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b68ca82a4a71c2d2022-01-11 12:22:43.584root 11241100x80000000000000003917195Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4d5fef1e053a38152022-01-11 12:22:43.585root 11241100x80000000000000003917196Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f68b964ffbcea2de2022-01-11 12:22:43.585root 11241100x80000000000000003917197Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c4605ed8f79d52712022-01-11 12:22:43.585root 11241100x80000000000000003917198Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90f48a145987e6a92022-01-11 12:22:43.585root 11241100x80000000000000003917199Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20e10572d47c2d9d2022-01-11 12:22:43.585root 11241100x80000000000000003917200Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e5d8d59b41271c362022-01-11 12:22:43.585root 11241100x80000000000000003917201Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ffe4510a82f595422022-01-11 12:22:43.585root 11241100x80000000000000003917202Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d685f620a1f11cd2022-01-11 12:22:43.585root 11241100x80000000000000003917203Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e569e9ce42339a32022-01-11 12:22:43.585root 11241100x80000000000000003917204Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa4c3ab69f73bb972022-01-11 12:22:43.585root 11241100x80000000000000003917205Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1da9e927cb97ef882022-01-11 12:22:43.585root 11241100x80000000000000003917206Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f15b228388c06b42022-01-11 12:22:43.585root 11241100x80000000000000003917207Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.817ba296908e4d1d2022-01-11 12:22:43.585root 11241100x80000000000000003917208Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e46be1adbf7e9aaf2022-01-11 12:22:43.586root 11241100x80000000000000003917209Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8905e0a3a055aabd2022-01-11 12:22:43.586root 11241100x80000000000000003917210Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.70f07f4a3386e9202022-01-11 12:22:43.586root 11241100x80000000000000003917211Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:43.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd80e35283b233142022-01-11 12:22:43.586root 354300x80000000000000003917212Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.016{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56350-false10.0.1.12-8000- 11241100x80000000000000003917213Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.017{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.03bc75bfd5d0537e2022-01-11 12:22:44.017root 11241100x80000000000000003917214Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.017{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3714b17339f49c5b2022-01-11 12:22:44.017root 11241100x80000000000000003917215Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.017{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02286be5f3b15a2d2022-01-11 12:22:44.017root 11241100x80000000000000003917216Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.017{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42c1250f3d5e293c2022-01-11 12:22:44.017root 11241100x80000000000000003917217Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.017{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63f4740a4470aa8f2022-01-11 12:22:44.017root 11241100x80000000000000003917218Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.017{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.28708d4ae1320aaa2022-01-11 12:22:44.017root 11241100x80000000000000003917219Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.017{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.622a4a77a6534d692022-01-11 12:22:44.017root 11241100x80000000000000003917220Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.017{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.13a8375fc97defa62022-01-11 12:22:44.017root 11241100x80000000000000003917221Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.017{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.700dbf7c5272e0b42022-01-11 12:22:44.017root 11241100x80000000000000003917222Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.017{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.30b9422f482708df2022-01-11 12:22:44.017root 11241100x80000000000000003917223Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.017{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8f18a5d98e877222022-01-11 12:22:44.017root 11241100x80000000000000003917224Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.017{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62074f7380b2cc3b2022-01-11 12:22:44.017root 11241100x80000000000000003917225Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.018{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6823687e68d499a2022-01-11 12:22:44.018root 11241100x80000000000000003917226Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.018{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d587cf9ea74108292022-01-11 12:22:44.018root 11241100x80000000000000003917227Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.018{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c6d8736925f483c2022-01-11 12:22:44.018root 11241100x80000000000000003917228Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.018{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5befe17a2a2bb53d2022-01-11 12:22:44.018root 11241100x80000000000000003917229Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.018{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bceebe75ec0a92722022-01-11 12:22:44.018root 11241100x80000000000000003917230Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.018{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df31cd30617a45b22022-01-11 12:22:44.018root 11241100x80000000000000003917231Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.018{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a94a52ef9d0ff6ae2022-01-11 12:22:44.018root 11241100x80000000000000003917232Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.018{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e4a5ccc1dde3a3d2022-01-11 12:22:44.018root 11241100x80000000000000003917233Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.018{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d0d84739dde449582022-01-11 12:22:44.018root 11241100x80000000000000003917234Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.018{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c932dc6bc9dc31282022-01-11 12:22:44.018root 11241100x80000000000000003917235Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.018{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b37ffaf99561c1f22022-01-11 12:22:44.018root 11241100x80000000000000003917236Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.018{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc0bbb1daf685de72022-01-11 12:22:44.018root 11241100x80000000000000003917237Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.018{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e709dd18739a7aa2022-01-11 12:22:44.018root 11241100x80000000000000003917238Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.018{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.274debf0eabc439c2022-01-11 12:22:44.018root 11241100x80000000000000003917239Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.019{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.baf42de131a8b3bf2022-01-11 12:22:44.019root 11241100x80000000000000003917240Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.019{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b662b4e2be11f472022-01-11 12:22:44.019root 11241100x80000000000000003917241Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.019{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e432b400552e99a2022-01-11 12:22:44.019root 11241100x80000000000000003917242Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.019{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11b2265b74a889212022-01-11 12:22:44.019root 11241100x80000000000000003917243Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.019{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82f64254af4732632022-01-11 12:22:44.019root 11241100x80000000000000003917244Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.019{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae4570e643c59b322022-01-11 12:22:44.019root 11241100x80000000000000003917245Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.019{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.31aedc73f4eec5f12022-01-11 12:22:44.019root 11241100x80000000000000003917246Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.019{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f86efcb499b539b2022-01-11 12:22:44.019root 11241100x80000000000000003917247Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.019{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.332cec9794a4ebb32022-01-11 12:22:44.019root 11241100x80000000000000003917248Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.019{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.754d2811b4e06bf22022-01-11 12:22:44.019root 11241100x80000000000000003917249Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.019{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.465e0e77e385beab2022-01-11 12:22:44.019root 11241100x80000000000000003917250Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.020{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1a34be2bc0fd39e2022-01-11 12:22:44.020root 11241100x80000000000000003917251Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.020{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f05a2e2d58434dc2022-01-11 12:22:44.020root 11241100x80000000000000003917252Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.020{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bba6597f25eea7f22022-01-11 12:22:44.020root 11241100x80000000000000003917253Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.020{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cbd04bcc0dbb38162022-01-11 12:22:44.020root 11241100x80000000000000003917254Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.020{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1680e45ec8405b0b2022-01-11 12:22:44.020root 11241100x80000000000000003917255Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.020{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db4fb8d222d13daf2022-01-11 12:22:44.020root 11241100x80000000000000003917256Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.021{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7aeeb74954ffebaf2022-01-11 12:22:44.021root 11241100x80000000000000003917257Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.021{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a06bf93876f35a22022-01-11 12:22:44.021root 11241100x80000000000000003917258Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.021{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9baf56063afd9aef2022-01-11 12:22:44.021root 11241100x80000000000000003917259Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.021{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.072dd6d085449eb92022-01-11 12:22:44.021root 11241100x80000000000000003917260Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.021{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8cc74d6fa7b0d2502022-01-11 12:22:44.021root 11241100x80000000000000003917261Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.021{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.13474d08bb4dd88f2022-01-11 12:22:44.021root 11241100x80000000000000003917262Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.021{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4d88336782e39fe2022-01-11 12:22:44.021root 11241100x80000000000000003917263Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.021{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f83e5d8049fc44f2022-01-11 12:22:44.021root 11241100x80000000000000003917264Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.021{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.430db7a1e68380612022-01-11 12:22:44.021root 11241100x80000000000000003917265Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.021{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d627b39e711e6f792022-01-11 12:22:44.021root 11241100x80000000000000003917266Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.022{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f570d6c84cb53b72022-01-11 12:22:44.022root 11241100x80000000000000003917267Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.022{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46966983f461cd582022-01-11 12:22:44.022root 11241100x80000000000000003917268Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.022{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5fee640f6d353812022-01-11 12:22:44.022root 11241100x80000000000000003917269Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.022{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9f55302f52992472022-01-11 12:22:44.022root 11241100x80000000000000003917270Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.022{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.149de47e0a2838f12022-01-11 12:22:44.022root 11241100x80000000000000003917271Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.022{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73b876b8e876aeaa2022-01-11 12:22:44.022root 11241100x80000000000000003917272Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.022{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.200c7792745ed3212022-01-11 12:22:44.022root 11241100x80000000000000003917273Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.022{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26064a4763aaf5742022-01-11 12:22:44.022root 11241100x80000000000000003917274Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.023{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5df3047ae50627612022-01-11 12:22:44.023root 11241100x80000000000000003917275Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.023{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.144029e637f832162022-01-11 12:22:44.023root 11241100x80000000000000003917276Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.023{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51660459195147a62022-01-11 12:22:44.023root 11241100x80000000000000003917277Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.023{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a05f6fe7d369e472022-01-11 12:22:44.023root 11241100x80000000000000003917278Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.023{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c34414194e5b04602022-01-11 12:22:44.023root 11241100x80000000000000003917279Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.023{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd8f833057a3bddc2022-01-11 12:22:44.023root 11241100x80000000000000003917280Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.023{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38c186873740fe892022-01-11 12:22:44.023root 11241100x80000000000000003917281Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.024{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.383b28160602ebff2022-01-11 12:22:44.024root 11241100x80000000000000003917282Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.024{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd07038370d83b9a2022-01-11 12:22:44.024root 11241100x80000000000000003917283Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.024{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6474cea0f8126f72022-01-11 12:22:44.024root 11241100x80000000000000003917284Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.024{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0288e98c9c0cd1612022-01-11 12:22:44.024root 11241100x80000000000000003917285Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.024{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3be8f98380fd86b42022-01-11 12:22:44.024root 11241100x80000000000000003917286Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.024{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc921644fb4395462022-01-11 12:22:44.024root 11241100x80000000000000003917287Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.024{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.682440a4bdf962ec2022-01-11 12:22:44.024root 11241100x80000000000000003917288Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.024{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cae65faab5a33b502022-01-11 12:22:44.024root 11241100x80000000000000003917289Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.024{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.811890c8d5f9d8c02022-01-11 12:22:44.024root 11241100x80000000000000003917290Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.024{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.272cb73f824b83b92022-01-11 12:22:44.024root 11241100x80000000000000003917291Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.025{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.852b5b2eeda442862022-01-11 12:22:44.025root 11241100x80000000000000003917292Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.025{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d753c13604ef7702022-01-11 12:22:44.025root 11241100x80000000000000003917293Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.025{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c549c5f246588f4b2022-01-11 12:22:44.025root 11241100x80000000000000003917294Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.025{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9a37dc84960d10e2022-01-11 12:22:44.025root 11241100x80000000000000003917295Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.025{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9bb47807d313faa62022-01-11 12:22:44.025root 11241100x80000000000000003917296Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.025{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9cfd55104925219d2022-01-11 12:22:44.025root 11241100x80000000000000003917297Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.025{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47937cbc901e1dd32022-01-11 12:22:44.025root 11241100x80000000000000003917298Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.025{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0bbdcc0a3b4a8dcc2022-01-11 12:22:44.025root 11241100x80000000000000003917299Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.025{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fde79a109aa36d7e2022-01-11 12:22:44.025root 11241100x80000000000000003917300Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.026{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b9a4acf80e32d6a2022-01-11 12:22:44.026root 11241100x80000000000000003917301Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.026{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0baca8e4bebc92f32022-01-11 12:22:44.026root 11241100x80000000000000003917302Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.026{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0c156ea867270f82022-01-11 12:22:44.026root 11241100x80000000000000003917303Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.026{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.787feff3847504982022-01-11 12:22:44.026root 11241100x80000000000000003917304Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.026{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.98d691c6b4dc2d692022-01-11 12:22:44.026root 11241100x80000000000000003917305Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.026{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe387c08514d78352022-01-11 12:22:44.026root 11241100x80000000000000003917306Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.026{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd97686be4dd0af52022-01-11 12:22:44.026root 11241100x80000000000000003917307Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.027{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d8f613430e836192022-01-11 12:22:44.027root 11241100x80000000000000003917308Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.027{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5bd79b224f0044342022-01-11 12:22:44.027root 11241100x80000000000000003917309Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.027{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a46b4a34012066532022-01-11 12:22:44.027root 11241100x80000000000000003917310Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.027{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b775d370c343d2cf2022-01-11 12:22:44.027root 11241100x80000000000000003917311Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.027{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.85527ee3802f915a2022-01-11 12:22:44.027root 11241100x80000000000000003917312Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.027{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da25ccc3697c864a2022-01-11 12:22:44.027root 11241100x80000000000000003917313Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6cd236ed20d30b0e2022-01-11 12:22:44.334root 11241100x80000000000000003917314Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0ef5176852fedb92022-01-11 12:22:44.334root 11241100x80000000000000003917315Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e72991baf99a24a02022-01-11 12:22:44.334root 11241100x80000000000000003917316Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2909a644eb826b882022-01-11 12:22:44.334root 11241100x80000000000000003917317Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a737ea9e675e8d3a2022-01-11 12:22:44.334root 11241100x80000000000000003917318Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe0ae6084d70353e2022-01-11 12:22:44.334root 11241100x80000000000000003917319Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3157e3c5a4a122902022-01-11 12:22:44.335root 11241100x80000000000000003917320Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d2a4fdc54ccdf462022-01-11 12:22:44.335root 11241100x80000000000000003917321Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af99d062e5a23fc22022-01-11 12:22:44.335root 11241100x80000000000000003917322Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c4e5664a3c57f6f2022-01-11 12:22:44.335root 11241100x80000000000000003917323Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.498200891b07e3312022-01-11 12:22:44.335root 11241100x80000000000000003917324Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7081856712d27aff2022-01-11 12:22:44.335root 11241100x80000000000000003917325Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56f3bcd5e33d205d2022-01-11 12:22:44.335root 11241100x80000000000000003917326Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.887337a5a6ff395b2022-01-11 12:22:44.335root 11241100x80000000000000003917327Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c0a7ee8088bb28e2022-01-11 12:22:44.336root 11241100x80000000000000003917328Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f194ffcdb95e96862022-01-11 12:22:44.336root 11241100x80000000000000003917329Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c643e0d85538a5d12022-01-11 12:22:44.336root 11241100x80000000000000003917330Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bdd9bd8852e8f8332022-01-11 12:22:44.336root 11241100x80000000000000003917331Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d4edb5f0c2f18c12022-01-11 12:22:44.336root 11241100x80000000000000003917332Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1f5b36e0eb305292022-01-11 12:22:44.336root 11241100x80000000000000003917333Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6dbf466983d56f5c2022-01-11 12:22:44.336root 11241100x80000000000000003917334Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f7c07fd6d3a73b072022-01-11 12:22:44.336root 11241100x80000000000000003917335Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b846b0afe754cdc52022-01-11 12:22:44.336root 11241100x80000000000000003917336Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6108ac6247a34c82022-01-11 12:22:44.336root 11241100x80000000000000003917337Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1b69bbbdb3eca422022-01-11 12:22:44.337root 11241100x80000000000000003917338Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.703e05424f8c38012022-01-11 12:22:44.337root 11241100x80000000000000003917339Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61b85f3d4d15349e2022-01-11 12:22:44.337root 11241100x80000000000000003917340Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b9cab1ff84a523b2022-01-11 12:22:44.337root 11241100x80000000000000003917341Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b016c7ff3d0441892022-01-11 12:22:44.337root 154100x80000000000000003917342Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.506{ec2d504d-7694-61dd-68f4-1ce421560000}9864/bin/ps-----ps -e -o pid,ppid,state,command/var/snap/amazon-ssm-agent/4046root{ec2d504d-0000-0000-0000-000000000000}04294967295no level-{00000000-0000-0000-0000-000000000000}2402--- 534500x80000000000000003917343Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.523{ec2d504d-7694-61dd-68f4-1ce421560000}9864/bin/psroot 11241100x80000000000000003917344Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a50d7eb11ca50b82022-01-11 12:22:44.834root 11241100x80000000000000003917345Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.317f94e4c070e10e2022-01-11 12:22:44.834root 11241100x80000000000000003917346Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f3374419d8af4dbc2022-01-11 12:22:44.834root 11241100x80000000000000003917347Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1dca7c558491aaec2022-01-11 12:22:44.834root 11241100x80000000000000003917348Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2fc76969efd5d622022-01-11 12:22:44.834root 11241100x80000000000000003917349Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7bb6f441ed19f29e2022-01-11 12:22:44.835root 11241100x80000000000000003917350Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.99e916dc193e50b32022-01-11 12:22:44.835root 11241100x80000000000000003917351Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e5f21b492f5fe402022-01-11 12:22:44.835root 11241100x80000000000000003917352Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5ac06f2710a41a72022-01-11 12:22:44.835root 11241100x80000000000000003917353Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.285f5db8014a4ad12022-01-11 12:22:44.835root 11241100x80000000000000003917354Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9342c89ab10167c2022-01-11 12:22:44.835root 11241100x80000000000000003917355Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.45d38e672f754a442022-01-11 12:22:44.835root 11241100x80000000000000003917356Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3291e3d011a37582022-01-11 12:22:44.835root 11241100x80000000000000003917357Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c145c44433c7c1f22022-01-11 12:22:44.835root 11241100x80000000000000003917358Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35e0ee2c4a61df902022-01-11 12:22:44.835root 11241100x80000000000000003917359Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93f10346c22f59802022-01-11 12:22:44.835root 11241100x80000000000000003917360Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66fc689ac9e0c5602022-01-11 12:22:44.835root 11241100x80000000000000003917361Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a21614c1565ba30a2022-01-11 12:22:44.835root 11241100x80000000000000003917362Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c0185e52a3f0fc42022-01-11 12:22:44.835root 11241100x80000000000000003917363Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a15d9912a9e940c82022-01-11 12:22:44.836root 11241100x80000000000000003917364Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d340a25babf087252022-01-11 12:22:44.836root 11241100x80000000000000003917365Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c0af74670bbdc862022-01-11 12:22:44.836root 11241100x80000000000000003917366Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6256cf28bc543db2022-01-11 12:22:44.836root 11241100x80000000000000003917367Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c06707e151b305352022-01-11 12:22:44.836root 11241100x80000000000000003917368Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.03b2ebaa0d78e76d2022-01-11 12:22:44.836root 11241100x80000000000000003917369Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96416bb1c47ae22b2022-01-11 12:22:44.836root 11241100x80000000000000003917370Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.71fc3ceef708b5322022-01-11 12:22:44.836root 11241100x80000000000000003917371Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.970b1f0adc2268142022-01-11 12:22:44.836root 11241100x80000000000000003917372Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c22f30fbced35652022-01-11 12:22:44.836root 11241100x80000000000000003917373Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb0ecc4e2d10420c2022-01-11 12:22:44.836root 11241100x80000000000000003917374Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.13c635fa4bd8a8212022-01-11 12:22:44.836root 11241100x80000000000000003917375Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff2adfc69f1c44d92022-01-11 12:22:44.836root 11241100x80000000000000003917376Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff4dfd8f7b5adc352022-01-11 12:22:44.836root 11241100x80000000000000003917377Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:44.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80500ce5e4bbe0d22022-01-11 12:22:44.836root 11241100x80000000000000003917378Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab8efc8e637141872022-01-11 12:22:45.334root 11241100x80000000000000003917379Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ba42d644741fd202022-01-11 12:22:45.334root 11241100x80000000000000003917380Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57570f9be5ece9ad2022-01-11 12:22:45.334root 11241100x80000000000000003917381Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3be3f2b16445d23c2022-01-11 12:22:45.334root 11241100x80000000000000003917382Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32c50eaa670526e62022-01-11 12:22:45.334root 11241100x80000000000000003917383Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d33c6141731265c2022-01-11 12:22:45.334root 11241100x80000000000000003917384Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9278799ad9e861432022-01-11 12:22:45.334root 11241100x80000000000000003917385Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62337435aa11ca912022-01-11 12:22:45.334root 11241100x80000000000000003917386Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac94cff283e452a62022-01-11 12:22:45.334root 11241100x80000000000000003917387Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.789aa2840948e31b2022-01-11 12:22:45.335root 11241100x80000000000000003917388Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbf45e17e845f9232022-01-11 12:22:45.335root 11241100x80000000000000003917389Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e915c1ab405f89232022-01-11 12:22:45.335root 11241100x80000000000000003917390Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47509f2121d44b5b2022-01-11 12:22:45.335root 11241100x80000000000000003917391Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f30b84e78075992a2022-01-11 12:22:45.335root 11241100x80000000000000003917392Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23a2ebf0ee56d65d2022-01-11 12:22:45.335root 11241100x80000000000000003917393Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.45ef584ad18abde22022-01-11 12:22:45.335root 11241100x80000000000000003917394Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b7b4295939507572022-01-11 12:22:45.335root 11241100x80000000000000003917395Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.29c3f914682abc1e2022-01-11 12:22:45.336root 11241100x80000000000000003917396Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e9e05925e53af4b2022-01-11 12:22:45.336root 11241100x80000000000000003917397Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53d2e2b31e2844612022-01-11 12:22:45.336root 11241100x80000000000000003917398Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1af8e69c3d49f24e2022-01-11 12:22:45.336root 11241100x80000000000000003917399Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b79a430e4e3856c12022-01-11 12:22:45.336root 11241100x80000000000000003917400Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54a4de191d90b51e2022-01-11 12:22:45.336root 11241100x80000000000000003917401Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dfa25c1c0b1519fc2022-01-11 12:22:45.336root 11241100x80000000000000003917402Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6cc124b21dfe1302022-01-11 12:22:45.336root 11241100x80000000000000003917403Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e52059872f5642462022-01-11 12:22:45.336root 11241100x80000000000000003917404Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.314ba855f55093032022-01-11 12:22:45.336root 11241100x80000000000000003917405Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1cbe3d2c8f70dbff2022-01-11 12:22:45.337root 11241100x80000000000000003917406Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb16510addaae6922022-01-11 12:22:45.337root 11241100x80000000000000003917407Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.492a49c506d6ab192022-01-11 12:22:45.337root 11241100x80000000000000003917408Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8993b2bafeeab102022-01-11 12:22:45.337root 11241100x80000000000000003917409Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3548c919c3dcfcb82022-01-11 12:22:45.337root 11241100x80000000000000003917410Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbb8100f822ac6982022-01-11 12:22:45.337root 11241100x80000000000000003917411Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6fb648e0e584fec2022-01-11 12:22:45.337root 11241100x80000000000000003917412Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b5f582252cbbcafa2022-01-11 12:22:45.337root 11241100x80000000000000003917413Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8bdd2ea19129f93d2022-01-11 12:22:45.337root 11241100x80000000000000003917414Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63a6f847062a68f32022-01-11 12:22:45.338root 11241100x80000000000000003917415Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e3b734c41b7ec082022-01-11 12:22:45.338root 11241100x80000000000000003917416Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f1ea28061850aa02022-01-11 12:22:45.338root 11241100x80000000000000003917417Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a778d12e2d173fe2022-01-11 12:22:45.833root 11241100x80000000000000003917418Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc71741e91117b0e2022-01-11 12:22:45.834root 11241100x80000000000000003917419Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba600fc46a74a63a2022-01-11 12:22:45.834root 11241100x80000000000000003917420Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9eb7d9d208cb944e2022-01-11 12:22:45.834root 11241100x80000000000000003917421Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c2c97cb59edcdd42022-01-11 12:22:45.834root 11241100x80000000000000003917422Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1cc1ddfd7c815d182022-01-11 12:22:45.834root 11241100x80000000000000003917423Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd421fa8878687442022-01-11 12:22:45.835root 11241100x80000000000000003917424Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f092eef380a6ccf2022-01-11 12:22:45.835root 11241100x80000000000000003917425Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f25e5853f5636cc2022-01-11 12:22:45.835root 11241100x80000000000000003917426Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fefc067bb24209332022-01-11 12:22:45.835root 11241100x80000000000000003917427Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7c9a07f00c725d12022-01-11 12:22:45.835root 11241100x80000000000000003917428Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b758301cc676bb2e2022-01-11 12:22:45.835root 11241100x80000000000000003917429Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e179a44684634122022-01-11 12:22:45.836root 11241100x80000000000000003917430Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50bf55f929ba43712022-01-11 12:22:45.836root 11241100x80000000000000003917431Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a69c5c0df63bfdee2022-01-11 12:22:45.836root 11241100x80000000000000003917432Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee75b60cf32f9f032022-01-11 12:22:45.836root 11241100x80000000000000003917433Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.98a1e109d954b5a62022-01-11 12:22:45.836root 11241100x80000000000000003917434Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.628fe418e7951f7d2022-01-11 12:22:45.836root 11241100x80000000000000003917435Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.70a5df43c9ece2052022-01-11 12:22:45.837root 11241100x80000000000000003917436Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b711ff901c974992022-01-11 12:22:45.837root 11241100x80000000000000003917437Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9bdb39a14c943a52022-01-11 12:22:45.837root 11241100x80000000000000003917438Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b52f6cd6cb5019302022-01-11 12:22:45.837root 11241100x80000000000000003917439Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f486dc4988f932122022-01-11 12:22:45.837root 11241100x80000000000000003917440Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.676bf054c6c6617a2022-01-11 12:22:45.837root 11241100x80000000000000003917441Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95ff5657e3f6d5332022-01-11 12:22:45.837root 11241100x80000000000000003917442Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.254efd8555a0b2312022-01-11 12:22:45.838root 11241100x80000000000000003917443Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a7cab98bc0d846f2022-01-11 12:22:45.838root 11241100x80000000000000003917444Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d39ccce86f47c58d2022-01-11 12:22:45.838root 11241100x80000000000000003917445Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5b00b0769bec25e2022-01-11 12:22:45.838root 11241100x80000000000000003917446Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8ec2c8a0bdfbd762022-01-11 12:22:45.838root 11241100x80000000000000003917447Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b056156e07301142022-01-11 12:22:45.839root 11241100x80000000000000003917448Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:45.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1f0997029ff600f2022-01-11 12:22:45.839root 11241100x80000000000000003917449Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.45e7a34a6730b1802022-01-11 12:22:46.333root 11241100x80000000000000003917450Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc6527199c3ef6d42022-01-11 12:22:46.334root 11241100x80000000000000003917451Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.224b8aabde4ec79c2022-01-11 12:22:46.334root 11241100x80000000000000003917452Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fc8f525601888242022-01-11 12:22:46.334root 11241100x80000000000000003917453Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f9514d0ecdba63702022-01-11 12:22:46.334root 11241100x80000000000000003917454Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7bec6a14e3813022022-01-11 12:22:46.334root 11241100x80000000000000003917455Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84e331a9534770d52022-01-11 12:22:46.335root 11241100x80000000000000003917456Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa6a44a5e10588042022-01-11 12:22:46.335root 11241100x80000000000000003917457Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.680e5b667b3363582022-01-11 12:22:46.335root 11241100x80000000000000003917458Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69bf4287dd18ed0b2022-01-11 12:22:46.335root 11241100x80000000000000003917459Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e900e1abb46b6282022-01-11 12:22:46.335root 11241100x80000000000000003917460Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c44b31469543e2082022-01-11 12:22:46.335root 11241100x80000000000000003917461Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d91fa8e9f7726182022-01-11 12:22:46.335root 11241100x80000000000000003917462Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.494184ee8dee7af82022-01-11 12:22:46.335root 11241100x80000000000000003917463Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57bca39b5debc1512022-01-11 12:22:46.335root 11241100x80000000000000003917464Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa063ee042656c522022-01-11 12:22:46.335root 11241100x80000000000000003917465Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.326613bfeb4db3e32022-01-11 12:22:46.335root 11241100x80000000000000003917466Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1cff72ec9eb925562022-01-11 12:22:46.335root 11241100x80000000000000003917467Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a25f1e9de96246a2022-01-11 12:22:46.336root 11241100x80000000000000003917468Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9de008d385b8390c2022-01-11 12:22:46.336root 11241100x80000000000000003917469Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67cc8d8a5ddc8c5c2022-01-11 12:22:46.336root 11241100x80000000000000003917470Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9269a4910dd696192022-01-11 12:22:46.336root 11241100x80000000000000003917471Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7aef85c2a102a7a22022-01-11 12:22:46.336root 11241100x80000000000000003917472Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f8ee5f6e7206c4f2022-01-11 12:22:46.336root 11241100x80000000000000003917473Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a2eefe3736cdd922022-01-11 12:22:46.336root 11241100x80000000000000003917474Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91b48dbd24c758722022-01-11 12:22:46.336root 11241100x80000000000000003917475Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4fb8e4411cdb89a12022-01-11 12:22:46.336root 11241100x80000000000000003917476Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.603b8db7b5ad5dd02022-01-11 12:22:46.336root 11241100x80000000000000003917477Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f293e536c89c78002022-01-11 12:22:46.336root 11241100x80000000000000003917478Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76c54ec74b449e832022-01-11 12:22:46.337root 11241100x80000000000000003917479Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd9e877191f460c32022-01-11 12:22:46.337root 11241100x80000000000000003917480Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c87bf3a73c58d9882022-01-11 12:22:46.337root 11241100x80000000000000003917481Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed68eaa04da420a52022-01-11 12:22:46.337root 11241100x80000000000000003917482Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc39388df6e1a62f2022-01-11 12:22:46.337root 11241100x80000000000000003917483Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49934ffe85fd978b2022-01-11 12:22:46.337root 11241100x80000000000000003917484Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.71116dfe6ebbc5442022-01-11 12:22:46.337root 11241100x80000000000000003917485Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.057b18fdda0a4c272022-01-11 12:22:46.337root 11241100x80000000000000003917486Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f2aafd7b0ffee152022-01-11 12:22:46.337root 11241100x80000000000000003917487Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.543ef933bd26a8ec2022-01-11 12:22:46.338root 11241100x80000000000000003917488Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e561d63859668b62022-01-11 12:22:46.338root 11241100x80000000000000003917489Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f70f7b0d5ec073e2022-01-11 12:22:46.338root 11241100x80000000000000003917490Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ba21a3c0762a3882022-01-11 12:22:46.338root 11241100x80000000000000003917491Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62b54b93b27d654c2022-01-11 12:22:46.338root 11241100x80000000000000003917492Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3020620feeb5975f2022-01-11 12:22:46.338root 11241100x80000000000000003917493Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ac4e309effee28b2022-01-11 12:22:46.338root 11241100x80000000000000003917494Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23af4b8dfd1dbd0f2022-01-11 12:22:46.338root 11241100x80000000000000003917495Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b678d84a9dd4fd452022-01-11 12:22:46.338root 11241100x80000000000000003917496Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc2a510c2c23f2ad2022-01-11 12:22:46.338root 11241100x80000000000000003917497Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1917b0fda3783772022-01-11 12:22:46.338root 11241100x80000000000000003917498Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.363fba646994b35e2022-01-11 12:22:46.338root 11241100x80000000000000003917499Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d47d062697f11bf2022-01-11 12:22:46.339root 11241100x80000000000000003917500Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f69ffd9444831c7c2022-01-11 12:22:46.339root 11241100x80000000000000003917501Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b63f4ac0325bf222022-01-11 12:22:46.339root 11241100x80000000000000003917502Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.70e7da7ebd69973d2022-01-11 12:22:46.339root 11241100x80000000000000003917503Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c59760a936356072022-01-11 12:22:46.339root 11241100x80000000000000003917504Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a6d4c08f5ae30502022-01-11 12:22:46.339root 11241100x80000000000000003917505Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7dd9af4a618e7b22022-01-11 12:22:46.339root 11241100x80000000000000003917506Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f0286d90337886a2022-01-11 12:22:46.339root 11241100x80000000000000003917507Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af62abfc42822e072022-01-11 12:22:46.339root 11241100x80000000000000003917508Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1bcde4f38eff3dc2022-01-11 12:22:46.339root 11241100x80000000000000003917509Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ec102d73312537d2022-01-11 12:22:46.340root 11241100x80000000000000003917510Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.452a82b30445c7342022-01-11 12:22:46.340root 11241100x80000000000000003917511Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.340{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a78cb931bf85d0362022-01-11 12:22:46.340root 11241100x80000000000000003917512Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eee8995d67ee03d02022-01-11 12:22:46.833root 11241100x80000000000000003917513Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dacfcc869aa194b52022-01-11 12:22:46.834root 11241100x80000000000000003917514Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7aaa6f3e8aaa7c3c2022-01-11 12:22:46.834root 11241100x80000000000000003917515Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a43d263c85070d382022-01-11 12:22:46.834root 11241100x80000000000000003917516Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82b5cde60598ab852022-01-11 12:22:46.834root 11241100x80000000000000003917517Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb1b57339e7bcc112022-01-11 12:22:46.834root 11241100x80000000000000003917518Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6db4e4646a9ea6a2022-01-11 12:22:46.834root 11241100x80000000000000003917519Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c876994df7e0a262022-01-11 12:22:46.834root 11241100x80000000000000003917520Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc762268729eac802022-01-11 12:22:46.834root 11241100x80000000000000003917521Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.296770821aa997272022-01-11 12:22:46.834root 11241100x80000000000000003917522Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7b20a7940dd141b2022-01-11 12:22:46.834root 11241100x80000000000000003917523Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d305250ef22d7b0c2022-01-11 12:22:46.834root 11241100x80000000000000003917524Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea9b927a882bafe42022-01-11 12:22:46.834root 11241100x80000000000000003917525Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63f80f179bd9c9a92022-01-11 12:22:46.835root 11241100x80000000000000003917526Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca58f4b4ad9917e12022-01-11 12:22:46.835root 11241100x80000000000000003917527Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8e72336982aebf32022-01-11 12:22:46.835root 11241100x80000000000000003917528Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.45893ce59e2528e12022-01-11 12:22:46.835root 11241100x80000000000000003917529Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c8df183de6870842022-01-11 12:22:46.835root 11241100x80000000000000003917530Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7dea052a7f2942b42022-01-11 12:22:46.835root 11241100x80000000000000003917531Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d32ca97e8d9c656c2022-01-11 12:22:46.835root 11241100x80000000000000003917532Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a42d7fc7dbb80fcf2022-01-11 12:22:46.835root 11241100x80000000000000003917533Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.941dc524b86d0c272022-01-11 12:22:46.835root 11241100x80000000000000003917534Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7dbdfaf8b4f834352022-01-11 12:22:46.835root 11241100x80000000000000003917535Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84a857a472c7c1a22022-01-11 12:22:46.835root 11241100x80000000000000003917536Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb4a8f5b521e6f7f2022-01-11 12:22:46.835root 11241100x80000000000000003917537Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79720f428ff083502022-01-11 12:22:46.835root 11241100x80000000000000003917538Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2bacb4432bc9d41a2022-01-11 12:22:46.836root 11241100x80000000000000003917539Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.13c6116f682bf29d2022-01-11 12:22:46.836root 11241100x80000000000000003917540Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e2bcb2293d8df492022-01-11 12:22:46.836root 11241100x80000000000000003917541Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77d652ebbb610af62022-01-11 12:22:46.836root 11241100x80000000000000003917542Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb61ec69fc7390272022-01-11 12:22:46.836root 11241100x80000000000000003917543Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:46.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6034654b20640d972022-01-11 12:22:46.836root 534500x80000000000000003917544Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.203{ec2d504d-7690-61dd-80f2-d7e7f4550000}9863/bin/nanoubuntu 11241100x80000000000000003917545Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.204{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ffdae37fca279fee2022-01-11 12:22:47.204root 11241100x80000000000000003917546Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.204{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2044b67cde1301f32022-01-11 12:22:47.204root 11241100x80000000000000003917547Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.204{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36bd3ad3ef117cb82022-01-11 12:22:47.204root 11241100x80000000000000003917548Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.204{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff103656121a51092022-01-11 12:22:47.204root 11241100x80000000000000003917549Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.204{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91e47300f5cf92782022-01-11 12:22:47.204root 11241100x80000000000000003917550Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.205{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da31c690951349a92022-01-11 12:22:47.205root 11241100x80000000000000003917551Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.205{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e14e69d80051c5f72022-01-11 12:22:47.205root 11241100x80000000000000003917552Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.205{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.418080a3b77b168a2022-01-11 12:22:47.205root 11241100x80000000000000003917553Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.205{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f9976b54048be3512022-01-11 12:22:47.205root 11241100x80000000000000003917554Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.205{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cdf9d3b7818689802022-01-11 12:22:47.205root 11241100x80000000000000003917555Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.205{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e84ae5de933900c2022-01-11 12:22:47.205root 11241100x80000000000000003917556Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.205{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32809993105c36952022-01-11 12:22:47.205root 11241100x80000000000000003917557Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.205{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2365ccc21a6c7a492022-01-11 12:22:47.205root 11241100x80000000000000003917558Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.205{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e933a0d6572425372022-01-11 12:22:47.205root 11241100x80000000000000003917559Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.205{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce3a60df3c1601002022-01-11 12:22:47.205root 11241100x80000000000000003917560Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.205{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a452106f5305207e2022-01-11 12:22:47.205root 11241100x80000000000000003917561Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.205{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b972fd7d633794862022-01-11 12:22:47.205root 11241100x80000000000000003917562Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.205{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5aa08acb47500c372022-01-11 12:22:47.205root 11241100x80000000000000003917563Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.205{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e157ee2a9c29c902022-01-11 12:22:47.205root 11241100x80000000000000003917564Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.205{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b465c09a8066aae2022-01-11 12:22:47.205root 11241100x80000000000000003917565Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.206{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc9d1dd47d447ea92022-01-11 12:22:47.206root 11241100x80000000000000003917566Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.206{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1ae4ae8c5f3d1ee2022-01-11 12:22:47.206root 11241100x80000000000000003917567Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.206{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6faf4e9b25cde4c32022-01-11 12:22:47.206root 11241100x80000000000000003917568Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.206{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47bd18510983ffa02022-01-11 12:22:47.206root 11241100x80000000000000003917569Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.206{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.012930f9ea06e2282022-01-11 12:22:47.206root 11241100x80000000000000003917570Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.206{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.434e9e8d87a1a5422022-01-11 12:22:47.206root 11241100x80000000000000003917571Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.206{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca2e376c027cc34c2022-01-11 12:22:47.206root 11241100x80000000000000003917572Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.206{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4d27c379cc6f5c6e2022-01-11 12:22:47.206root 11241100x80000000000000003917573Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.206{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c835395ac67c6c192022-01-11 12:22:47.206root 11241100x80000000000000003917574Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.207{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23973dadc781d1062022-01-11 12:22:47.207root 11241100x80000000000000003917575Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.207{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c8fbd4eadd36f732022-01-11 12:22:47.207root 11241100x80000000000000003917576Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.207{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dfa93dd9f28e59df2022-01-11 12:22:47.207root 11241100x80000000000000003917577Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.207{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00258e8729ea9c152022-01-11 12:22:47.207root 11241100x80000000000000003917578Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.207{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b580500da7f25d42022-01-11 12:22:47.207root 11241100x80000000000000003917579Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.207{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54955205168a232b2022-01-11 12:22:47.207root 11241100x80000000000000003917580Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.207{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5d0e2e10b33bdab2022-01-11 12:22:47.207root 11241100x80000000000000003917581Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.207{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ec83d2dfddf1c642022-01-11 12:22:47.207root 11241100x80000000000000003917582Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.207{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d54ae70731970b502022-01-11 12:22:47.207root 11241100x80000000000000003917583Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.207{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab613049aaaad3c42022-01-11 12:22:47.207root 11241100x80000000000000003917584Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.207{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b13a9354432343aa2022-01-11 12:22:47.207root 11241100x80000000000000003917585Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.207{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2a6a82c4724633b2022-01-11 12:22:47.207root 11241100x80000000000000003917586Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.207{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46465bf9c3e109b72022-01-11 12:22:47.207root 11241100x80000000000000003917587Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.208{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9bc813523ede322e2022-01-11 12:22:47.208root 11241100x80000000000000003917588Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.208{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8907c48c87b463a12022-01-11 12:22:47.208root 11241100x80000000000000003917589Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e873f34444f466a42022-01-11 12:22:47.583root 11241100x80000000000000003917590Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c980096f12392622022-01-11 12:22:47.584root 11241100x80000000000000003917591Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9a94fd8c04367432022-01-11 12:22:47.584root 11241100x80000000000000003917592Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.521a7fee1a33faea2022-01-11 12:22:47.584root 11241100x80000000000000003917593Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.435d45a277fbb6902022-01-11 12:22:47.584root 11241100x80000000000000003917594Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c090663ce1206ddb2022-01-11 12:22:47.585root 11241100x80000000000000003917595Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ce7ff2207594be72022-01-11 12:22:47.585root 11241100x80000000000000003917596Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.14b39eb75fc1d29e2022-01-11 12:22:47.585root 11241100x80000000000000003917597Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf18e60373fb578b2022-01-11 12:22:47.585root 11241100x80000000000000003917598Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.411544426bebc89e2022-01-11 12:22:47.585root 11241100x80000000000000003917599Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4212f1d3a6791f812022-01-11 12:22:47.586root 11241100x80000000000000003917600Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4714f8e4e3e170332022-01-11 12:22:47.586root 11241100x80000000000000003917601Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25377746502778612022-01-11 12:22:47.586root 11241100x80000000000000003917602Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00566517af9739a82022-01-11 12:22:47.586root 11241100x80000000000000003917603Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8873ea8a3aeb243e2022-01-11 12:22:47.586root 11241100x80000000000000003917604Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.440d4e9a043960262022-01-11 12:22:47.586root 11241100x80000000000000003917605Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8bd37517aa2b636b2022-01-11 12:22:47.587root 11241100x80000000000000003917606Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b0d8734860476882022-01-11 12:22:47.587root 11241100x80000000000000003917607Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3073e0856f431942022-01-11 12:22:47.587root 11241100x80000000000000003917608Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6f0c84bab7460a72022-01-11 12:22:47.587root 11241100x80000000000000003917609Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bfdd734649ed35cd2022-01-11 12:22:47.587root 11241100x80000000000000003917610Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7d0fa2925d6dd732022-01-11 12:22:47.587root 11241100x80000000000000003917611Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3696fef4f374b112022-01-11 12:22:47.587root 11241100x80000000000000003917612Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb02232b8d12e4db2022-01-11 12:22:47.588root 11241100x80000000000000003917613Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62195b750d10478f2022-01-11 12:22:47.588root 11241100x80000000000000003917614Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6212936795211752022-01-11 12:22:47.588root 11241100x80000000000000003917615Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ab53087cf5e62ef2022-01-11 12:22:47.588root 11241100x80000000000000003917616Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c67d068d5ca49c492022-01-11 12:22:47.588root 11241100x80000000000000003917617Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.739e2880d3f34a0d2022-01-11 12:22:47.588root 11241100x80000000000000003917618Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7a09d058709dd112022-01-11 12:22:47.588root 11241100x80000000000000003917619Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.367042659f72f4ce2022-01-11 12:22:47.588root 11241100x80000000000000003917620Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1fb6505ad335ceb72022-01-11 12:22:47.588root 11241100x80000000000000003917621Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.beccc042133da1232022-01-11 12:22:47.588root 11241100x80000000000000003917622Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c44bb3fd18645352022-01-11 12:22:47.588root 11241100x80000000000000003917623Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47f70992bbcb24432022-01-11 12:22:47.588root 11241100x80000000000000003917624Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da271d23ecca26912022-01-11 12:22:47.588root 11241100x80000000000000003917625Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:47.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6be488ec9e8dc9202022-01-11 12:22:47.588root 11241100x80000000000000003917626Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be04279cbbb5e5ac2022-01-11 12:22:48.083root 11241100x80000000000000003917627Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.552e50d55b68e2302022-01-11 12:22:48.083root 11241100x80000000000000003917628Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd57782cb34b3ef62022-01-11 12:22:48.083root 11241100x80000000000000003917629Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4dab0f87f4080e2c2022-01-11 12:22:48.083root 11241100x80000000000000003917630Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66977842f49a95942022-01-11 12:22:48.083root 11241100x80000000000000003917631Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e68e20f0bacbad7c2022-01-11 12:22:48.084root 11241100x80000000000000003917632Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4cbf6f224d321a372022-01-11 12:22:48.084root 11241100x80000000000000003917633Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc097b1d7581e8e12022-01-11 12:22:48.084root 11241100x80000000000000003917634Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.71378683337183e72022-01-11 12:22:48.084root 11241100x80000000000000003917635Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d30b58fd2ff754472022-01-11 12:22:48.084root 11241100x80000000000000003917636Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf03d638165d09272022-01-11 12:22:48.084root 11241100x80000000000000003917637Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.deac159240f5f9352022-01-11 12:22:48.084root 11241100x80000000000000003917638Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.757b4ba156273e802022-01-11 12:22:48.084root 11241100x80000000000000003917639Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a41036dbdbbc89482022-01-11 12:22:48.084root 11241100x80000000000000003917640Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0682f29c370aac952022-01-11 12:22:48.084root 11241100x80000000000000003917641Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b4ca55de1f9704f2022-01-11 12:22:48.084root 11241100x80000000000000003917642Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ccee093be6a90802022-01-11 12:22:48.084root 11241100x80000000000000003917643Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea8cc498c9f376072022-01-11 12:22:48.084root 11241100x80000000000000003917644Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2faae5b5f615caf52022-01-11 12:22:48.084root 11241100x80000000000000003917645Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.871efd2fed9182042022-01-11 12:22:48.084root 11241100x80000000000000003917646Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.502e741bdae8d2b12022-01-11 12:22:48.084root 11241100x80000000000000003917647Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b2c6b5cc9b8a8e82022-01-11 12:22:48.084root 11241100x80000000000000003917648Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82c052a6fc383bc32022-01-11 12:22:48.085root 11241100x80000000000000003917649Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b10e9d42f8b6b3ad2022-01-11 12:22:48.085root 11241100x80000000000000003917650Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76d1cee1e88fabe62022-01-11 12:22:48.085root 11241100x80000000000000003917651Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34ec456869f26a892022-01-11 12:22:48.085root 11241100x80000000000000003917652Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32baa423ab44bba72022-01-11 12:22:48.085root 11241100x80000000000000003917653Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.264da3f66c903c632022-01-11 12:22:48.085root 11241100x80000000000000003917654Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4dc79353c3e4a7cf2022-01-11 12:22:48.085root 11241100x80000000000000003917655Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38e496881f172a8a2022-01-11 12:22:48.085root 11241100x80000000000000003917656Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9bbc047b1cb081ac2022-01-11 12:22:48.085root 11241100x80000000000000003917657Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7f490204032eca02022-01-11 12:22:48.085root 11241100x80000000000000003917658Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2b7b535ad7c9af52022-01-11 12:22:48.085root 11241100x80000000000000003917659Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e36e72c8c84a02b2022-01-11 12:22:48.085root 11241100x80000000000000003917660Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff1343115794b3d32022-01-11 12:22:48.085root 11241100x80000000000000003917661Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95700f0e5d2f7aa82022-01-11 12:22:48.085root 11241100x80000000000000003917662Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b40a09b0870e5d232022-01-11 12:22:48.085root 11241100x80000000000000003917663Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.511ff4565c266e692022-01-11 12:22:48.085root 11241100x80000000000000003917664Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f912254033f3c0fb2022-01-11 12:22:48.086root 11241100x80000000000000003917665Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dbd65c019ae4e4692022-01-11 12:22:48.086root 11241100x80000000000000003917666Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e88d59cfba1a4552022-01-11 12:22:48.086root 11241100x80000000000000003917667Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80791762b996b2cc2022-01-11 12:22:48.086root 11241100x80000000000000003917668Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.901b5d00ea0c8ec32022-01-11 12:22:48.086root 11241100x80000000000000003917669Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af28f2b53b3c45602022-01-11 12:22:48.086root 11241100x80000000000000003917670Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f0e48e96ddd9dba2022-01-11 12:22:48.086root 11241100x80000000000000003917671Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a3c1131043089fd2022-01-11 12:22:48.086root 11241100x80000000000000003917672Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.326aa5371d3664dd2022-01-11 12:22:48.086root 11241100x80000000000000003917673Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bad0d537960f30472022-01-11 12:22:48.086root 11241100x80000000000000003917674Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b21e0dde13de2b402022-01-11 12:22:48.086root 11241100x80000000000000003917675Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ed85161112bec2c2022-01-11 12:22:48.086root 11241100x80000000000000003917676Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3d7016f5ca71f5c2022-01-11 12:22:48.584root 11241100x80000000000000003917677Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c25d998b5cdd52d52022-01-11 12:22:48.584root 11241100x80000000000000003917678Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af3a3b585549a7762022-01-11 12:22:48.584root 11241100x80000000000000003917679Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dbb86620cc52fb252022-01-11 12:22:48.584root 11241100x80000000000000003917680Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac124f8cee3307072022-01-11 12:22:48.584root 11241100x80000000000000003917681Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.45188ba98bd7f5022022-01-11 12:22:48.584root 11241100x80000000000000003917682Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63a74fcf23366dcc2022-01-11 12:22:48.584root 11241100x80000000000000003917683Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b86845c71291d4f2022-01-11 12:22:48.584root 11241100x80000000000000003917684Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea61bd82322439de2022-01-11 12:22:48.584root 11241100x80000000000000003917685Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4fd3c1c68281d332022-01-11 12:22:48.584root 11241100x80000000000000003917686Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47e4f3cbda2a54c52022-01-11 12:22:48.584root 11241100x80000000000000003917687Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6bcdfd2eea06b2ce2022-01-11 12:22:48.584root 11241100x80000000000000003917688Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4304168bfc205dc12022-01-11 12:22:48.584root 11241100x80000000000000003917689Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e558e8e5492fb312022-01-11 12:22:48.585root 11241100x80000000000000003917690Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1134fec2885fe52b2022-01-11 12:22:48.585root 11241100x80000000000000003917691Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e294d6e5a5d3161e2022-01-11 12:22:48.585root 11241100x80000000000000003917692Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b541aea26e21ce22022-01-11 12:22:48.585root 11241100x80000000000000003917693Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.799df202851a61682022-01-11 12:22:48.585root 11241100x80000000000000003917694Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a65e5de04279c202022-01-11 12:22:48.585root 11241100x80000000000000003917695Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06a06b6a6d21d6832022-01-11 12:22:48.585root 11241100x80000000000000003917696Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1752fd952c6769f2022-01-11 12:22:48.585root 11241100x80000000000000003917697Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8c6231471370d172022-01-11 12:22:48.585root 11241100x80000000000000003917698Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd89c303fe115bdb2022-01-11 12:22:48.585root 11241100x80000000000000003917699Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c48d3a8f9e997322022-01-11 12:22:48.585root 11241100x80000000000000003917700Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8964d323b9e9f2e2022-01-11 12:22:48.585root 11241100x80000000000000003917701Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b56877e91cd24572022-01-11 12:22:48.585root 11241100x80000000000000003917702Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f4a6cda4c0ef8f5b2022-01-11 12:22:48.586root 11241100x80000000000000003917703Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.948cf10d720894322022-01-11 12:22:48.586root 11241100x80000000000000003917704Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ede6c6ddf77746242022-01-11 12:22:48.586root 11241100x80000000000000003917705Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de92e554dd8c78952022-01-11 12:22:48.586root 11241100x80000000000000003917706Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a2a17bdb9044c4c2022-01-11 12:22:48.586root 11241100x80000000000000003917707Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a6621de9eeceae82022-01-11 12:22:48.586root 11241100x80000000000000003917708Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73426a5fe10636152022-01-11 12:22:48.586root 11241100x80000000000000003917709Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:48.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.252634da1a31f68f2022-01-11 12:22:48.586root 11241100x80000000000000003917710Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5dac75bb9fc2cdf72022-01-11 12:22:49.084root 11241100x80000000000000003917711Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1471f329bca5f8e2022-01-11 12:22:49.084root 11241100x80000000000000003917712Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35eb06b67cc063e42022-01-11 12:22:49.084root 11241100x80000000000000003917713Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c84cf37f68f293972022-01-11 12:22:49.084root 11241100x80000000000000003917714Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39be7fdae2b9fd472022-01-11 12:22:49.084root 11241100x80000000000000003917715Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2c2dd5d0a2f62b62022-01-11 12:22:49.084root 11241100x80000000000000003917716Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5554be58001a67e22022-01-11 12:22:49.084root 11241100x80000000000000003917717Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da46ed7c8e9d60d02022-01-11 12:22:49.084root 11241100x80000000000000003917718Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2267ab8a67475b2f2022-01-11 12:22:49.084root 11241100x80000000000000003917719Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.020e75c027f87a5b2022-01-11 12:22:49.085root 11241100x80000000000000003917720Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0da830f704334aa2022-01-11 12:22:49.085root 11241100x80000000000000003917721Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db15cc77e58f1b032022-01-11 12:22:49.085root 11241100x80000000000000003917722Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fadebc051061b97c2022-01-11 12:22:49.085root 11241100x80000000000000003917723Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c01b192e748b6a22022-01-11 12:22:49.085root 11241100x80000000000000003917724Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c15cb6e9004f72122022-01-11 12:22:49.085root 11241100x80000000000000003917725Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76a1f29a8ddcb1102022-01-11 12:22:49.085root 11241100x80000000000000003917726Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed67966686caed5a2022-01-11 12:22:49.085root 11241100x80000000000000003917727Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.397a0fb7f9c569052022-01-11 12:22:49.085root 11241100x80000000000000003917728Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f45f5b5130f77a0f2022-01-11 12:22:49.085root 11241100x80000000000000003917729Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6843bb51cd6b6f92022-01-11 12:22:49.085root 11241100x80000000000000003917730Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2389c48032770bdb2022-01-11 12:22:49.085root 11241100x80000000000000003917731Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.299b6f187fe743d22022-01-11 12:22:49.085root 11241100x80000000000000003917732Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c10cfccc858472812022-01-11 12:22:49.085root 11241100x80000000000000003917733Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1dd06627d24801d62022-01-11 12:22:49.085root 11241100x80000000000000003917734Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.078b77b13c35f0bb2022-01-11 12:22:49.085root 11241100x80000000000000003917735Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90bce4518c727eb62022-01-11 12:22:49.086root 11241100x80000000000000003917736Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.396b46b4f70680ea2022-01-11 12:22:49.086root 11241100x80000000000000003917737Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.debafa1ff1d043a12022-01-11 12:22:49.086root 11241100x80000000000000003917738Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1fa595a387135f8b2022-01-11 12:22:49.086root 11241100x80000000000000003917739Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49e540719d415ba92022-01-11 12:22:49.086root 11241100x80000000000000003917740Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1e3f2a92ec92da612022-01-11 12:22:49.086root 11241100x80000000000000003917741Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.14e41e0e9a9e48852022-01-11 12:22:49.086root 354300x80000000000000003917742Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.144{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56352-false10.0.1.12-8000- 11241100x80000000000000003917743Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3644777cfe85566e2022-01-11 12:22:49.584root 11241100x80000000000000003917744Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eef44dccdb9b8b1b2022-01-11 12:22:49.584root 11241100x80000000000000003917745Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.457f7d196d64e9532022-01-11 12:22:49.584root 11241100x80000000000000003917746Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.539afbdaba7dfff92022-01-11 12:22:49.584root 11241100x80000000000000003917747Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95cba59617322c8d2022-01-11 12:22:49.584root 11241100x80000000000000003917748Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f4bbd3385c10f2092022-01-11 12:22:49.584root 11241100x80000000000000003917749Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a77b158e770d9312022-01-11 12:22:49.584root 11241100x80000000000000003917750Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.acf1c0dd653ffed02022-01-11 12:22:49.584root 11241100x80000000000000003917751Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.263252a527592b9a2022-01-11 12:22:49.584root 11241100x80000000000000003917752Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ae19c3222bc0f582022-01-11 12:22:49.584root 11241100x80000000000000003917753Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c3342e55dae1f1bf2022-01-11 12:22:49.584root 11241100x80000000000000003917754Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e41bd77df1bd4272022-01-11 12:22:49.584root 11241100x80000000000000003917755Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af52a88bb9e44c662022-01-11 12:22:49.584root 11241100x80000000000000003917756Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8469ad4b0406d132022-01-11 12:22:49.584root 11241100x80000000000000003917757Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2fce7dd8c78df5452022-01-11 12:22:49.585root 11241100x80000000000000003917758Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2bada04986cb8a22022-01-11 12:22:49.585root 11241100x80000000000000003917759Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9ea045a9351299b2022-01-11 12:22:49.585root 11241100x80000000000000003917760Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b9734044c3695a22022-01-11 12:22:49.585root 11241100x80000000000000003917761Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.28182568da76121f2022-01-11 12:22:49.585root 11241100x80000000000000003917762Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5cb8e9767b41f0462022-01-11 12:22:49.585root 11241100x80000000000000003917763Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90e09e43d1877f562022-01-11 12:22:49.585root 11241100x80000000000000003917764Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9120caab29cb55b92022-01-11 12:22:49.585root 11241100x80000000000000003917765Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bfcd5655fd5242292022-01-11 12:22:49.585root 11241100x80000000000000003917766Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b51a55b2db9b20022022-01-11 12:22:49.585root 11241100x80000000000000003917767Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9423c3be9cc6c542022-01-11 12:22:49.586root 11241100x80000000000000003917768Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4610a4ce459ee6332022-01-11 12:22:49.586root 11241100x80000000000000003917769Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5988f41595ea40982022-01-11 12:22:49.586root 11241100x80000000000000003917770Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ec92941fcc877152022-01-11 12:22:49.586root 11241100x80000000000000003917771Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.402e340ddcd2cc572022-01-11 12:22:49.586root 11241100x80000000000000003917772Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a83017c913765d002022-01-11 12:22:49.586root 11241100x80000000000000003917773Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d0285dfedf146fa82022-01-11 12:22:49.586root 11241100x80000000000000003917774Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.703317554ddb49a42022-01-11 12:22:49.586root 11241100x80000000000000003917775Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d94a07a60e123a2e2022-01-11 12:22:49.586root 11241100x80000000000000003917776Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5dd76f1f8e9aa66d2022-01-11 12:22:49.586root 11241100x80000000000000003917777Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c07cb56577abd0d2022-01-11 12:22:49.586root 11241100x80000000000000003917778Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d390faac3d380ad2022-01-11 12:22:49.587root 11241100x80000000000000003917779Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76d8d218cbeb318d2022-01-11 12:22:49.587root 11241100x80000000000000003917780Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:49.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d37e599529368602022-01-11 12:22:49.587root 11241100x80000000000000003917781Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.890721306cacfb572022-01-11 12:22:50.084root 11241100x80000000000000003917782Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d31ee794f7e772a2022-01-11 12:22:50.084root 11241100x80000000000000003917783Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb0be17812ad65992022-01-11 12:22:50.084root 11241100x80000000000000003917784Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ee60f3f6cf74f7a2022-01-11 12:22:50.084root 11241100x80000000000000003917785Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e93303777583a6ff2022-01-11 12:22:50.084root 11241100x80000000000000003917786Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.799ae44c4b3b164e2022-01-11 12:22:50.084root 11241100x80000000000000003917787Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0cc91d84374eebf2022-01-11 12:22:50.085root 11241100x80000000000000003917788Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b23f06d4cae35b9c2022-01-11 12:22:50.085root 11241100x80000000000000003917789Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23b713ee005f7c412022-01-11 12:22:50.085root 11241100x80000000000000003917790Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ffc3839a2d75fde2022-01-11 12:22:50.085root 11241100x80000000000000003917791Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c9a6a01139a4a822022-01-11 12:22:50.085root 11241100x80000000000000003917792Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a69be4449c07e342022-01-11 12:22:50.085root 11241100x80000000000000003917793Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb79444f549795532022-01-11 12:22:50.085root 11241100x80000000000000003917794Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.306aca2b943274ce2022-01-11 12:22:50.085root 11241100x80000000000000003917795Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c3a79ef11ce2b6792022-01-11 12:22:50.085root 11241100x80000000000000003917796Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90649f82dfe6a19c2022-01-11 12:22:50.085root 11241100x80000000000000003917797Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3410d74a8f0607542022-01-11 12:22:50.085root 11241100x80000000000000003917798Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06acbe192213549c2022-01-11 12:22:50.085root 11241100x80000000000000003917799Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2c229eeb6b2af902022-01-11 12:22:50.085root 11241100x80000000000000003917800Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40d8f4bb6c0062f72022-01-11 12:22:50.085root 11241100x80000000000000003917801Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b97ff3d7f678ecb72022-01-11 12:22:50.085root 11241100x80000000000000003917802Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57ac74444307eff82022-01-11 12:22:50.085root 11241100x80000000000000003917803Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a633454bb802b962022-01-11 12:22:50.086root 11241100x80000000000000003917804Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.810b96ff4ad99fe22022-01-11 12:22:50.086root 11241100x80000000000000003917805Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91f2dec545f380972022-01-11 12:22:50.086root 11241100x80000000000000003917806Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.30b1d96f083254862022-01-11 12:22:50.086root 11241100x80000000000000003917807Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a23165a4deb16f8f2022-01-11 12:22:50.086root 11241100x80000000000000003917808Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02299590c09d62bc2022-01-11 12:22:50.086root 11241100x80000000000000003917809Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0168fbe10d0277ca2022-01-11 12:22:50.086root 11241100x80000000000000003917810Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6eef638f86f2b8902022-01-11 12:22:50.086root 11241100x80000000000000003917811Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e73fd82781c4bd6f2022-01-11 12:22:50.086root 11241100x80000000000000003917812Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5e7b3c1033371e62022-01-11 12:22:50.086root 11241100x80000000000000003917813Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ab36f5c1786f3822022-01-11 12:22:50.086root 11241100x80000000000000003917814Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d7160c87fff64e82022-01-11 12:22:50.583root 11241100x80000000000000003917815Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9216eca35db35ec92022-01-11 12:22:50.583root 11241100x80000000000000003917816Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f21896ff013ca852022-01-11 12:22:50.584root 11241100x80000000000000003917817Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d542d7a37b78a8822022-01-11 12:22:50.584root 11241100x80000000000000003917818Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a63469d09abfba662022-01-11 12:22:50.584root 11241100x80000000000000003917819Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d58969de5f36be942022-01-11 12:22:50.584root 11241100x80000000000000003917820Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a33532d45cc26c62022-01-11 12:22:50.584root 11241100x80000000000000003917821Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.600b6a37c3e4b93a2022-01-11 12:22:50.584root 11241100x80000000000000003917822Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.149db431393a10bf2022-01-11 12:22:50.585root 11241100x80000000000000003917823Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c0fbf0b141d25632022-01-11 12:22:50.585root 11241100x80000000000000003917824Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dfd0df1ffb8b95a22022-01-11 12:22:50.585root 11241100x80000000000000003917825Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b1a9c87e801acaf2022-01-11 12:22:50.585root 11241100x80000000000000003917826Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e94cd2bad94320952022-01-11 12:22:50.585root 11241100x80000000000000003917827Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e3c501cc4c3ce002022-01-11 12:22:50.585root 11241100x80000000000000003917828Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c72f5b8c2bcdb85e2022-01-11 12:22:50.585root 11241100x80000000000000003917829Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f430881c4b8684d2022-01-11 12:22:50.585root 11241100x80000000000000003917830Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e7b7d26ab06bbb12022-01-11 12:22:50.585root 11241100x80000000000000003917831Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ffb270eeea7cc5fa2022-01-11 12:22:50.585root 11241100x80000000000000003917832Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62dade2a3cd8e8292022-01-11 12:22:50.586root 11241100x80000000000000003917833Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ebcf790aad6287812022-01-11 12:22:50.586root 11241100x80000000000000003917834Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.78482683397a567b2022-01-11 12:22:50.586root 11241100x80000000000000003917835Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.59947cc35c82d6952022-01-11 12:22:50.586root 11241100x80000000000000003917836Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.213ffac83e3ee3422022-01-11 12:22:50.586root 11241100x80000000000000003917837Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4371074884e18932022-01-11 12:22:50.586root 11241100x80000000000000003917838Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48d2a97aa88ce7982022-01-11 12:22:50.586root 11241100x80000000000000003917839Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7c6a04e9d6f3aff2022-01-11 12:22:50.586root 11241100x80000000000000003917840Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bca7ad00ec1f4f562022-01-11 12:22:50.587root 11241100x80000000000000003917841Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a784623476b30c602022-01-11 12:22:50.587root 11241100x80000000000000003917842Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e64f10612ad22522022-01-11 12:22:50.587root 11241100x80000000000000003917843Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44dc9c4d0a6744d92022-01-11 12:22:50.587root 11241100x80000000000000003917844Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b101cfdabb527da2022-01-11 12:22:50.587root 11241100x80000000000000003917845Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.093d038e12813faa2022-01-11 12:22:50.587root 11241100x80000000000000003917846Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.807348b34ea8603e2022-01-11 12:22:50.587root 11241100x80000000000000003917847Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b778c91b14ae36f2022-01-11 12:22:50.588root 11241100x80000000000000003917848Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad4b7c46576a488d2022-01-11 12:22:50.588root 11241100x80000000000000003917849Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.176630a21d940ec52022-01-11 12:22:50.588root 11241100x80000000000000003917850Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.75876db4d14be3a32022-01-11 12:22:50.588root 11241100x80000000000000003917851Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8ae73718665f29e2022-01-11 12:22:50.588root 11241100x80000000000000003917852Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1cb58083e93149e2022-01-11 12:22:50.589root 11241100x80000000000000003917853Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5560fe01cc4f65602022-01-11 12:22:50.589root 11241100x80000000000000003917854Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ac1d887ade00c7c2022-01-11 12:22:50.589root 11241100x80000000000000003917855Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a63e46a122d925762022-01-11 12:22:50.589root 11241100x80000000000000003917856Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f210b9298497a0b02022-01-11 12:22:50.589root 11241100x80000000000000003917857Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fdc698c33bb01c552022-01-11 12:22:50.589root 11241100x80000000000000003917858Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c765935940a282b2022-01-11 12:22:50.589root 11241100x80000000000000003917859Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41f02bbcc626be5f2022-01-11 12:22:50.590root 11241100x80000000000000003917860Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.468f8aecabe91e1c2022-01-11 12:22:50.590root 11241100x80000000000000003917861Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a21870ea76df091c2022-01-11 12:22:50.590root 11241100x80000000000000003917862Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b82a88f879645042022-01-11 12:22:50.590root 11241100x80000000000000003917863Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6aaaca2a0f3421642022-01-11 12:22:50.590root 11241100x80000000000000003917864Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f223be8cbf4a8b4e2022-01-11 12:22:50.590root 11241100x80000000000000003917865Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:50.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95292baef0aa99e82022-01-11 12:22:50.590root 11241100x80000000000000003917866Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da764dfef2ce46432022-01-11 12:22:51.084root 11241100x80000000000000003917867Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c388a8d40fa46582022-01-11 12:22:51.084root 11241100x80000000000000003917868Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e77a1737b2d1e042022-01-11 12:22:51.084root 11241100x80000000000000003917869Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e962b93d04ecef7a2022-01-11 12:22:51.084root 11241100x80000000000000003917870Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8bf231eb13555ea2022-01-11 12:22:51.084root 11241100x80000000000000003917871Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b4667ec73bebc732022-01-11 12:22:51.084root 11241100x80000000000000003917872Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f282944e48c00de72022-01-11 12:22:51.084root 11241100x80000000000000003917873Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74720ba1be8058672022-01-11 12:22:51.084root 11241100x80000000000000003917874Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d99ba10e35912c432022-01-11 12:22:51.084root 11241100x80000000000000003917875Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bbf27642f6c6fe7c2022-01-11 12:22:51.085root 11241100x80000000000000003917876Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7204e73aaada2db72022-01-11 12:22:51.085root 11241100x80000000000000003917877Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd485a0fe6ae1ecd2022-01-11 12:22:51.085root 11241100x80000000000000003917878Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa93498ad6c3124d2022-01-11 12:22:51.085root 11241100x80000000000000003917879Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1984a009cd98e3402022-01-11 12:22:51.085root 11241100x80000000000000003917880Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6875d465b13db942022-01-11 12:22:51.085root 11241100x80000000000000003917881Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d199ebaf22343062022-01-11 12:22:51.085root 11241100x80000000000000003917882Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84e1a1d0beca87a12022-01-11 12:22:51.085root 11241100x80000000000000003917883Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.484dc524c1caebd02022-01-11 12:22:51.085root 11241100x80000000000000003917884Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b96e9fca2cbf3e512022-01-11 12:22:51.085root 11241100x80000000000000003917885Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3fa5a0dc854daf2f2022-01-11 12:22:51.085root 11241100x80000000000000003917886Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3b289e29a827d4b2022-01-11 12:22:51.085root 11241100x80000000000000003917887Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5bdd6d2ea0825c62022-01-11 12:22:51.085root 11241100x80000000000000003917888Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e1840d10d4bdf9c2022-01-11 12:22:51.085root 11241100x80000000000000003917889Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.60bbc1c7d312fde12022-01-11 12:22:51.085root 11241100x80000000000000003917890Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16c870320c4e85a62022-01-11 12:22:51.086root 11241100x80000000000000003917891Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3e84754b62c029a2022-01-11 12:22:51.086root 11241100x80000000000000003917892Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad65306f42a28ce42022-01-11 12:22:51.086root 11241100x80000000000000003917893Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.704534d295ebd0642022-01-11 12:22:51.086root 11241100x80000000000000003917894Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f61d245454a94fb62022-01-11 12:22:51.086root 11241100x80000000000000003917895Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8bb6d9cd1dacc0922022-01-11 12:22:51.086root 11241100x80000000000000003917896Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e18887c06de96e122022-01-11 12:22:51.086root 11241100x80000000000000003917897Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.805df10ea5a21dc02022-01-11 12:22:51.086root 11241100x80000000000000003917898Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90ff863e49074f7a2022-01-11 12:22:51.086root 11241100x80000000000000003917899Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66bdf4431697548a2022-01-11 12:22:51.584root 11241100x80000000000000003917900Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cca4cd698794321d2022-01-11 12:22:51.584root 11241100x80000000000000003917901Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c4f9ea9db924e0322022-01-11 12:22:51.584root 11241100x80000000000000003917902Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.98bc352dfc7848882022-01-11 12:22:51.584root 11241100x80000000000000003917903Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4caf02ba918dbbf62022-01-11 12:22:51.584root 11241100x80000000000000003917904Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d125b910e428f2012022-01-11 12:22:51.584root 11241100x80000000000000003917905Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1a49b3bbaa25df42022-01-11 12:22:51.584root 11241100x80000000000000003917906Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b38116822f5a97b2022-01-11 12:22:51.584root 11241100x80000000000000003917907Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.536021acead841112022-01-11 12:22:51.584root 11241100x80000000000000003917908Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eec8f042c3a09e8e2022-01-11 12:22:51.584root 11241100x80000000000000003917909Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.70f4fe6cf75f531b2022-01-11 12:22:51.584root 11241100x80000000000000003917910Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17e66024659eeda42022-01-11 12:22:51.585root 11241100x80000000000000003917911Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f38258a4d7f23af22022-01-11 12:22:51.585root 11241100x80000000000000003917912Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f8264b66b7fa2a42022-01-11 12:22:51.585root 11241100x80000000000000003917913Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.987c6f8032ed19f62022-01-11 12:22:51.585root 11241100x80000000000000003917914Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a98403ff6df8160f2022-01-11 12:22:51.585root 11241100x80000000000000003917915Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a1f4666eab352a22022-01-11 12:22:51.585root 11241100x80000000000000003917916Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8bf995149c7371592022-01-11 12:22:51.585root 11241100x80000000000000003917917Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da51945dd082de962022-01-11 12:22:51.585root 11241100x80000000000000003917918Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df5eafcba857c0d22022-01-11 12:22:51.585root 11241100x80000000000000003917919Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.abf248975e30f71e2022-01-11 12:22:51.585root 11241100x80000000000000003917920Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02a7a027565759012022-01-11 12:22:51.585root 11241100x80000000000000003917921Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4dfe08bf7b0247c2022-01-11 12:22:51.585root 11241100x80000000000000003917922Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22302a5bc55729de2022-01-11 12:22:51.585root 11241100x80000000000000003917923Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dcb1345316a617812022-01-11 12:22:51.585root 11241100x80000000000000003917924Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d682cc50a8b60fde2022-01-11 12:22:51.585root 11241100x80000000000000003917925Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.71fc9e575919ea422022-01-11 12:22:51.585root 11241100x80000000000000003917926Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff41a2feb0844e902022-01-11 12:22:51.586root 11241100x80000000000000003917927Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46b64eda50d3f8672022-01-11 12:22:51.586root 11241100x80000000000000003917928Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.60640d1f930637002022-01-11 12:22:51.586root 11241100x80000000000000003917929Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ade21558b267f2d2022-01-11 12:22:51.586root 11241100x80000000000000003917930Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f852a7997fdd63032022-01-11 12:22:51.586root 11241100x80000000000000003917931Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c3e615180b5fa1c2022-01-11 12:22:51.586root 11241100x80000000000000003917932Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.600a686e034d94862022-01-11 12:22:51.586root 11241100x80000000000000003917933Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c458a21511b2d29b2022-01-11 12:22:51.586root 11241100x80000000000000003917934Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f3ae56141e807132022-01-11 12:22:51.586root 11241100x80000000000000003917935Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6380086198b90b22022-01-11 12:22:51.586root 11241100x80000000000000003917936Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.423397483b3980da2022-01-11 12:22:51.586root 11241100x80000000000000003917937Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c91b997fcfbaf4c02022-01-11 12:22:51.586root 11241100x80000000000000003917938Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.03cc1ae400066f032022-01-11 12:22:51.586root 11241100x80000000000000003917939Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.30bb1d28423236c02022-01-11 12:22:51.586root 11241100x80000000000000003917940Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1043037d5f9f3122022-01-11 12:22:51.586root 11241100x80000000000000003917941Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62a0729c6ecdf8db2022-01-11 12:22:51.586root 11241100x80000000000000003917942Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.640dbd6204beba722022-01-11 12:22:51.587root 11241100x80000000000000003917943Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee62ee9c52a4b8c82022-01-11 12:22:51.587root 11241100x80000000000000003917944Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.438613c2235f9dd62022-01-11 12:22:51.587root 11241100x80000000000000003917945Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f7817c91214240432022-01-11 12:22:51.587root 11241100x80000000000000003917946Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c58cb67e391b5a12022-01-11 12:22:51.587root 11241100x80000000000000003917947Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c80e95a1a4c7c6ed2022-01-11 12:22:51.587root 11241100x80000000000000003917948Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4d4e99989a581fe42022-01-11 12:22:51.587root 11241100x80000000000000003917949Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.770fc2940f61e4912022-01-11 12:22:51.587root 11241100x80000000000000003917950Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db581c162889f2032022-01-11 12:22:51.587root 11241100x80000000000000003917951Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f49adfd2023b3cb82022-01-11 12:22:51.587root 11241100x80000000000000003917952Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa919221d3f818382022-01-11 12:22:51.587root 11241100x80000000000000003917953Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dddd9f08f14d83282022-01-11 12:22:51.587root 11241100x80000000000000003917954Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23564b8edf74ffd62022-01-11 12:22:51.587root 11241100x80000000000000003917955Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95fed5924d291d802022-01-11 12:22:51.588root 11241100x80000000000000003917956Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d63dbec1c53f3182022-01-11 12:22:51.588root 11241100x80000000000000003917957Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.152f4c017981a75f2022-01-11 12:22:51.588root 11241100x80000000000000003917958Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61dda64ab7a713722022-01-11 12:22:51.588root 11241100x80000000000000003917959Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d05670439cfa912d2022-01-11 12:22:51.588root 11241100x80000000000000003917960Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74d7cce952b729652022-01-11 12:22:51.588root 11241100x80000000000000003917961Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86e86c91fa51ce5d2022-01-11 12:22:51.588root 11241100x80000000000000003917962Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44105b3f596347862022-01-11 12:22:51.588root 11241100x80000000000000003917963Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37a67f2ade767c612022-01-11 12:22:51.588root 11241100x80000000000000003917964Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0e9013d9de6671a2022-01-11 12:22:51.588root 11241100x80000000000000003917965Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7b1f09ea684e54a2022-01-11 12:22:51.588root 11241100x80000000000000003917966Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82151ca508443d0e2022-01-11 12:22:51.588root 11241100x80000000000000003917967Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa022691ff313c912022-01-11 12:22:51.588root 11241100x80000000000000003917968Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0b9d0cb1b32a9092022-01-11 12:22:51.588root 11241100x80000000000000003917969Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b52b15078b5670b02022-01-11 12:22:51.588root 11241100x80000000000000003917970Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c712add367986f2c2022-01-11 12:22:51.589root 11241100x80000000000000003917971Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9382702002087cf92022-01-11 12:22:51.589root 11241100x80000000000000003917972Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be9a1b57ea7df6d82022-01-11 12:22:51.589root 11241100x80000000000000003917973Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50f5faf063718eac2022-01-11 12:22:51.589root 11241100x80000000000000003917974Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.543cbaff2085abf92022-01-11 12:22:51.589root 11241100x80000000000000003917975Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11fc52e42d63a2b52022-01-11 12:22:51.589root 11241100x80000000000000003917976Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.975a48e2177d5c042022-01-11 12:22:51.589root 11241100x80000000000000003917977Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:51.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fbaa931fe3b9cac2022-01-11 12:22:51.589root 11241100x80000000000000003917978Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8e99575ee5d918f2022-01-11 12:22:52.084root 11241100x80000000000000003917979Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62821bbb6ccec33d2022-01-11 12:22:52.084root 11241100x80000000000000003917980Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.357bc0e6a3badb442022-01-11 12:22:52.084root 11241100x80000000000000003917981Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f21980a8ca92f7eb2022-01-11 12:22:52.084root 11241100x80000000000000003917982Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55c22458550527af2022-01-11 12:22:52.084root 11241100x80000000000000003917983Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c241b0072263f8132022-01-11 12:22:52.084root 11241100x80000000000000003917984Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a9ffbbac0a464de2022-01-11 12:22:52.084root 11241100x80000000000000003917985Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1cd280e215e285482022-01-11 12:22:52.085root 11241100x80000000000000003917986Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1338d47e77051e22022-01-11 12:22:52.085root 11241100x80000000000000003917987Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c70caef21d6e3a72022-01-11 12:22:52.085root 11241100x80000000000000003917988Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd53f6680bd768a92022-01-11 12:22:52.085root 11241100x80000000000000003917989Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.31cf8b848eb907042022-01-11 12:22:52.085root 11241100x80000000000000003917990Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9cb16fd288cbdf542022-01-11 12:22:52.085root 11241100x80000000000000003917991Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6158748ea0837c892022-01-11 12:22:52.085root 11241100x80000000000000003917992Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f6e11f1b5dd33452022-01-11 12:22:52.085root 11241100x80000000000000003917993Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d177f8b8e2b4e9e2022-01-11 12:22:52.085root 11241100x80000000000000003917994Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1b6d2748cc5024d2022-01-11 12:22:52.085root 11241100x80000000000000003917995Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc79f8ab39cc907f2022-01-11 12:22:52.085root 11241100x80000000000000003917996Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b5caf0cc757551382022-01-11 12:22:52.085root 11241100x80000000000000003917997Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.219ddcf855e1920c2022-01-11 12:22:52.085root 11241100x80000000000000003917998Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da2a3e21e178001b2022-01-11 12:22:52.085root 11241100x80000000000000003917999Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a27d9fb3e90db592022-01-11 12:22:52.085root 11241100x80000000000000003918000Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0513276300f385b2022-01-11 12:22:52.086root 11241100x80000000000000003918001Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aaef64fb6d1341d22022-01-11 12:22:52.086root 11241100x80000000000000003918002Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.065f895b8a1a9aab2022-01-11 12:22:52.086root 11241100x80000000000000003918003Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.204269a0f496b3572022-01-11 12:22:52.086root 11241100x80000000000000003918004Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e890e6b3f7c1b2ec2022-01-11 12:22:52.086root 11241100x80000000000000003918005Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c713b47a875be6fe2022-01-11 12:22:52.086root 11241100x80000000000000003918006Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7fed506e081f77b2022-01-11 12:22:52.086root 11241100x80000000000000003918007Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d476fd091e3f7b302022-01-11 12:22:52.086root 11241100x80000000000000003918008Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6126d8bfbb0547472022-01-11 12:22:52.086root 11241100x80000000000000003918009Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea39c07007edd3562022-01-11 12:22:52.086root 11241100x80000000000000003918010Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.318c102677cbc22c2022-01-11 12:22:52.086root 11241100x80000000000000003918011Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3243dab50003eef92022-01-11 12:22:52.086root 11241100x80000000000000003918012Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88bf533cc40f55842022-01-11 12:22:52.584root 11241100x80000000000000003918013Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00876dda6f07e7972022-01-11 12:22:52.584root 11241100x80000000000000003918014Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd5270f61a3e242e2022-01-11 12:22:52.584root 11241100x80000000000000003918015Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fdbb4c01a432f7542022-01-11 12:22:52.584root 11241100x80000000000000003918016Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c2a159b108b330f2022-01-11 12:22:52.584root 11241100x80000000000000003918017Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.451f339116991a2a2022-01-11 12:22:52.584root 11241100x80000000000000003918018Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54489494135ef7a72022-01-11 12:22:52.584root 11241100x80000000000000003918019Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f6addeee223b5a92022-01-11 12:22:52.584root 11241100x80000000000000003918020Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1fc894213b3242912022-01-11 12:22:52.584root 11241100x80000000000000003918021Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.31eab0f70ce320482022-01-11 12:22:52.584root 11241100x80000000000000003918022Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe8166d4fa6741172022-01-11 12:22:52.584root 11241100x80000000000000003918023Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2b3bb4794ecd5aa2022-01-11 12:22:52.584root 11241100x80000000000000003918024Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.078cd5147bcee5402022-01-11 12:22:52.585root 11241100x80000000000000003918025Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8218e514b0444cf22022-01-11 12:22:52.585root 11241100x80000000000000003918026Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08107fc8d78676862022-01-11 12:22:52.585root 11241100x80000000000000003918027Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd3bbbb744b9a9722022-01-11 12:22:52.585root 11241100x80000000000000003918028Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d32d2493c506d1e2022-01-11 12:22:52.586root 11241100x80000000000000003918029Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5aa4e4b7c87872242022-01-11 12:22:52.586root 11241100x80000000000000003918030Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.febe90e450728d9b2022-01-11 12:22:52.586root 11241100x80000000000000003918031Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05027d2f86b1c2622022-01-11 12:22:52.586root 11241100x80000000000000003918032Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91c92b64ae73f6392022-01-11 12:22:52.586root 11241100x80000000000000003918033Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.165bd2a5219fd9e42022-01-11 12:22:52.586root 11241100x80000000000000003918034Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c9ff72213408c8d2022-01-11 12:22:52.586root 11241100x80000000000000003918035Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b465a60ef39714f52022-01-11 12:22:52.586root 11241100x80000000000000003918036Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1dbd44f85f36f7f92022-01-11 12:22:52.586root 11241100x80000000000000003918037Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65078e10ac35abd72022-01-11 12:22:52.586root 11241100x80000000000000003918038Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f7b020087d7c3102022-01-11 12:22:52.586root 11241100x80000000000000003918039Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e393090eef7d711f2022-01-11 12:22:52.587root 11241100x80000000000000003918040Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.505e52fb1aa59f902022-01-11 12:22:52.587root 11241100x80000000000000003918041Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.923870bcdd4d17fd2022-01-11 12:22:52.587root 11241100x80000000000000003918042Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.234088c9d0e0b4e82022-01-11 12:22:52.587root 11241100x80000000000000003918043Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4556e129b3cf93702022-01-11 12:22:52.587root 11241100x80000000000000003918044Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76a101e852b6acca2022-01-11 12:22:52.587root 11241100x80000000000000003918045Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b30d25bd00aafc7c2022-01-11 12:22:52.587root 11241100x80000000000000003918046Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e718dadd22db9da2022-01-11 12:22:52.587root 11241100x80000000000000003918047Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:52.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02c5b6857e64e5292022-01-11 12:22:52.587root 11241100x80000000000000003918048Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84ef45b0d21661f72022-01-11 12:22:53.084root 11241100x80000000000000003918049Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7aebab49c96d2c42022-01-11 12:22:53.084root 11241100x80000000000000003918050Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3caf107c74c396e42022-01-11 12:22:53.084root 11241100x80000000000000003918051Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b9da677ad873bb12022-01-11 12:22:53.084root 11241100x80000000000000003918052Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17a5affc4fae84b62022-01-11 12:22:53.084root 11241100x80000000000000003918053Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16220069a1e92f342022-01-11 12:22:53.084root 11241100x80000000000000003918054Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a367a75190521a552022-01-11 12:22:53.084root 11241100x80000000000000003918055Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.870681ca5afc4a362022-01-11 12:22:53.084root 11241100x80000000000000003918056Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69d6c0b1344587c82022-01-11 12:22:53.085root 11241100x80000000000000003918057Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91c46cece243cf412022-01-11 12:22:53.085root 11241100x80000000000000003918058Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8511ccdb1795b9bf2022-01-11 12:22:53.085root 11241100x80000000000000003918059Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ddc9a50c84a7e3d2022-01-11 12:22:53.085root 11241100x80000000000000003918060Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.def903ee51f4450a2022-01-11 12:22:53.085root 11241100x80000000000000003918061Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c4381e1fd0a8b1f52022-01-11 12:22:53.085root 11241100x80000000000000003918062Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55e136769b4a99c12022-01-11 12:22:53.085root 11241100x80000000000000003918063Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c3ee63a9dc7f5f8c2022-01-11 12:22:53.085root 11241100x80000000000000003918064Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.302d561e6870cf862022-01-11 12:22:53.085root 11241100x80000000000000003918065Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c438b6379af594402022-01-11 12:22:53.085root 11241100x80000000000000003918066Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.792aebae8bc393302022-01-11 12:22:53.085root 11241100x80000000000000003918067Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84ab5690b2ec5d3b2022-01-11 12:22:53.085root 11241100x80000000000000003918068Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a888f15820091d0a2022-01-11 12:22:53.085root 11241100x80000000000000003918069Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3db3bf6ad2f69ad82022-01-11 12:22:53.085root 11241100x80000000000000003918070Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef2b87cf34362e122022-01-11 12:22:53.085root 11241100x80000000000000003918071Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc092ea44a8c1ed52022-01-11 12:22:53.086root 11241100x80000000000000003918072Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d3d2e23603fc6d32022-01-11 12:22:53.086root 11241100x80000000000000003918073Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5da920f48acf0b872022-01-11 12:22:53.086root 11241100x80000000000000003918074Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b4774dbcaae46f02022-01-11 12:22:53.086root 11241100x80000000000000003918075Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb316d36be688ac82022-01-11 12:22:53.086root 11241100x80000000000000003918076Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.963db79e3a7cda412022-01-11 12:22:53.086root 11241100x80000000000000003918077Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.459a4453e7bc15fb2022-01-11 12:22:53.086root 11241100x80000000000000003918078Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.70ccd260c91233e52022-01-11 12:22:53.086root 11241100x80000000000000003918079Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.275cb15546b34fd02022-01-11 12:22:53.086root 11241100x80000000000000003918080Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.076197eade1af0212022-01-11 12:22:53.086root 11241100x80000000000000003918081Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23e15f82249c13962022-01-11 12:22:53.087root 11241100x80000000000000003918082Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8869dadaa813cd2b2022-01-11 12:22:53.087root 11241100x80000000000000003918083Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.446e949fefadeba42022-01-11 12:22:53.087root 11241100x80000000000000003918084Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e4e4c2f1ea6d7082022-01-11 12:22:53.583root 11241100x80000000000000003918085Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b38848053a752e92022-01-11 12:22:53.584root 11241100x80000000000000003918086Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7b5875d2cee9fc12022-01-11 12:22:53.584root 11241100x80000000000000003918087Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b1955d110823d922022-01-11 12:22:53.584root 11241100x80000000000000003918088Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ae87247ba87f66e2022-01-11 12:22:53.584root 11241100x80000000000000003918089Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df751d99b029902f2022-01-11 12:22:53.584root 11241100x80000000000000003918090Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7983aeb1414dbc7a2022-01-11 12:22:53.584root 11241100x80000000000000003918091Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa8685c2fde14e612022-01-11 12:22:53.584root 11241100x80000000000000003918092Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ecad3c2c471d4d352022-01-11 12:22:53.584root 11241100x80000000000000003918093Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.60b678cab575b1a82022-01-11 12:22:53.584root 11241100x80000000000000003918094Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18892bf693491b022022-01-11 12:22:53.585root 11241100x80000000000000003918095Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dccc7eab68b065032022-01-11 12:22:53.585root 11241100x80000000000000003918096Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3364662e4935f5142022-01-11 12:22:53.585root 11241100x80000000000000003918097Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef7ac74c35e408c72022-01-11 12:22:53.585root 11241100x80000000000000003918098Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b230fa2e86183ed72022-01-11 12:22:53.585root 11241100x80000000000000003918099Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5dc195bd1cd4c9362022-01-11 12:22:53.585root 11241100x80000000000000003918100Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d4bab18364646d42022-01-11 12:22:53.585root 11241100x80000000000000003918101Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d2a2019d83388442022-01-11 12:22:53.585root 11241100x80000000000000003918102Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c7e2f09320f3fdc2022-01-11 12:22:53.585root 11241100x80000000000000003918103Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40ea5d6aaaf4af002022-01-11 12:22:53.586root 11241100x80000000000000003918104Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43cc369f384e01bd2022-01-11 12:22:53.586root 11241100x80000000000000003918105Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f47ecb8e1de67882022-01-11 12:22:53.586root 11241100x80000000000000003918106Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1661ccd8590b71282022-01-11 12:22:53.586root 11241100x80000000000000003918107Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8a4e72716424f392022-01-11 12:22:53.586root 11241100x80000000000000003918108Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f19e6e60ce8af72d2022-01-11 12:22:53.586root 11241100x80000000000000003918109Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b461123231ea12c2022-01-11 12:22:53.587root 11241100x80000000000000003918110Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.671f8c0dd2f5a2782022-01-11 12:22:53.587root 11241100x80000000000000003918111Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e930b557025459a92022-01-11 12:22:53.587root 11241100x80000000000000003918112Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1d97b758fcdfec52022-01-11 12:22:53.587root 11241100x80000000000000003918113Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.598ce76e7ee3cdfd2022-01-11 12:22:53.587root 11241100x80000000000000003918114Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4d818fefb1a439b32022-01-11 12:22:53.587root 11241100x80000000000000003918115Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1726a06a20e638842022-01-11 12:22:53.587root 11241100x80000000000000003918116Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d05bd0b3147cb272022-01-11 12:22:53.587root 11241100x80000000000000003918117Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62e73e9febda3dcc2022-01-11 12:22:53.587root 11241100x80000000000000003918118Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.700beac2210933822022-01-11 12:22:53.587root 11241100x80000000000000003918119Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a81687bff61aff52022-01-11 12:22:53.588root 11241100x80000000000000003918120Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02e1291ee7aed81b2022-01-11 12:22:53.588root 11241100x80000000000000003918121Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ddbb13a82f517ece2022-01-11 12:22:53.588root 11241100x80000000000000003918122Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c5a5a4a7c7adb7b2022-01-11 12:22:53.588root 11241100x80000000000000003918123Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.13d058276d00d1f02022-01-11 12:22:53.588root 11241100x80000000000000003918124Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0fff0cc3977943c72022-01-11 12:22:53.588root 11241100x80000000000000003918125Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.363d60cf60071b6e2022-01-11 12:22:53.588root 11241100x80000000000000003918126Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f01d64bbe7ff3602022-01-11 12:22:53.588root 11241100x80000000000000003918127Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.878e4b562f8f2eca2022-01-11 12:22:53.588root 11241100x80000000000000003918128Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04c39d78178b19df2022-01-11 12:22:53.588root 11241100x80000000000000003918129Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7dd6adbcce78ac4a2022-01-11 12:22:53.588root 11241100x80000000000000003918130Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:53.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74bc57628f861db72022-01-11 12:22:53.588root 11241100x80000000000000003918131Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ec12cf947f8a5a22022-01-11 12:22:54.084root 11241100x80000000000000003918132Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d9b86c1fad40e86f2022-01-11 12:22:54.084root 11241100x80000000000000003918133Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af8ce0d639471cf92022-01-11 12:22:54.084root 11241100x80000000000000003918134Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a27b8806b83603e2022-01-11 12:22:54.084root 11241100x80000000000000003918135Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3fe3737dcc54a8db2022-01-11 12:22:54.084root 11241100x80000000000000003918136Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83534458626596d62022-01-11 12:22:54.084root 11241100x80000000000000003918137Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea8effeb8f959bbf2022-01-11 12:22:54.084root 11241100x80000000000000003918138Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50c98c3e193a1ad02022-01-11 12:22:54.084root 11241100x80000000000000003918139Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec4218ca2344422d2022-01-11 12:22:54.084root 11241100x80000000000000003918140Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c4c3ab93d3f80d7f2022-01-11 12:22:54.084root 11241100x80000000000000003918141Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6830a64462e526c42022-01-11 12:22:54.084root 11241100x80000000000000003918142Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a18875697bc275e2022-01-11 12:22:54.084root 11241100x80000000000000003918143Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b074f3f5918761f2022-01-11 12:22:54.085root 11241100x80000000000000003918144Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f1ce9397e8795992022-01-11 12:22:54.085root 11241100x80000000000000003918145Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.462285bc260c52232022-01-11 12:22:54.085root 11241100x80000000000000003918146Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.941dc452ac0850eb2022-01-11 12:22:54.085root 11241100x80000000000000003918147Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c6ab3e70d60717c2022-01-11 12:22:54.085root 11241100x80000000000000003918148Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.225171946f5c98592022-01-11 12:22:54.085root 11241100x80000000000000003918149Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db3394ae8c29eca82022-01-11 12:22:54.085root 11241100x80000000000000003918150Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.58b787a3b54aee542022-01-11 12:22:54.085root 11241100x80000000000000003918151Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd41bd946ae78c0b2022-01-11 12:22:54.085root 11241100x80000000000000003918152Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4089b1759693b4c72022-01-11 12:22:54.085root 11241100x80000000000000003918153Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a35b50adeeb6b572022-01-11 12:22:54.085root 11241100x80000000000000003918154Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5fdeaf481e1542792022-01-11 12:22:54.085root 11241100x80000000000000003918155Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb0ef1d5a2e530f52022-01-11 12:22:54.085root 11241100x80000000000000003918156Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46b0ebc14eac064c2022-01-11 12:22:54.085root 11241100x80000000000000003918157Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20a4bd8d57d274a32022-01-11 12:22:54.085root 11241100x80000000000000003918158Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.730990f153e1d7682022-01-11 12:22:54.085root 11241100x80000000000000003918159Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5fda428c659255652022-01-11 12:22:54.086root 11241100x80000000000000003918160Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a744e639dd6ba0af2022-01-11 12:22:54.086root 11241100x80000000000000003918161Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.983d3f676710c6322022-01-11 12:22:54.086root 11241100x80000000000000003918162Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.752559f7b0a5adec2022-01-11 12:22:54.086root 11241100x80000000000000003918163Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8eba7919641514612022-01-11 12:22:54.086root 11241100x80000000000000003918164Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09727db148af2d422022-01-11 12:22:54.086root 11241100x80000000000000003918165Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21e9084a2296e3882022-01-11 12:22:54.086root 11241100x80000000000000003918166Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.267d9ab2ec4017342022-01-11 12:22:54.086root 11241100x80000000000000003918167Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d9a33efaa9fdd9702022-01-11 12:22:54.086root 11241100x80000000000000003918168Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1ad989d0c93e39a2022-01-11 12:22:54.086root 11241100x80000000000000003918169Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f3225b4b8b7b90362022-01-11 12:22:54.086root 11241100x80000000000000003918170Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.92585e7e2713a1952022-01-11 12:22:54.584root 11241100x80000000000000003918171Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8b07c947fef2b522022-01-11 12:22:54.584root 11241100x80000000000000003918172Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7fe4cd08da1a3d192022-01-11 12:22:54.584root 11241100x80000000000000003918173Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b2bc07da3d5f0c92022-01-11 12:22:54.584root 11241100x80000000000000003918174Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.64faf8183b1a263c2022-01-11 12:22:54.584root 11241100x80000000000000003918175Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a162f66598b6e7dc2022-01-11 12:22:54.584root 11241100x80000000000000003918176Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26ae74ea08cba5ee2022-01-11 12:22:54.584root 11241100x80000000000000003918177Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.124c9cfc1151db072022-01-11 12:22:54.584root 11241100x80000000000000003918178Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82c437fe56897a9d2022-01-11 12:22:54.584root 11241100x80000000000000003918179Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea87d5bc7e3fa66d2022-01-11 12:22:54.584root 11241100x80000000000000003918180Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.58b92a96eefa4abf2022-01-11 12:22:54.584root 11241100x80000000000000003918181Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a95ec75250132b172022-01-11 12:22:54.584root 11241100x80000000000000003918182Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1f9a99d7bb826572022-01-11 12:22:54.585root 11241100x80000000000000003918183Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a49c7b69225be0ca2022-01-11 12:22:54.585root 11241100x80000000000000003918184Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8660d400b937d4e42022-01-11 12:22:54.585root 11241100x80000000000000003918185Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5535c5c4206ca9c02022-01-11 12:22:54.585root 11241100x80000000000000003918186Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ac658d5a39efb792022-01-11 12:22:54.585root 11241100x80000000000000003918187Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd8baf870f73f0332022-01-11 12:22:54.585root 11241100x80000000000000003918188Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d14b3e9bf06412e92022-01-11 12:22:54.585root 11241100x80000000000000003918189Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8180b0daa1c5cc592022-01-11 12:22:54.585root 11241100x80000000000000003918190Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e1d90f47be0a8312022-01-11 12:22:54.585root 11241100x80000000000000003918191Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6271f84d5dcbed802022-01-11 12:22:54.585root 11241100x80000000000000003918192Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.14fa13e5a8a4bb382022-01-11 12:22:54.585root 11241100x80000000000000003918193Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5dc51a3ddc0d04542022-01-11 12:22:54.585root 11241100x80000000000000003918194Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8db58e1264c121872022-01-11 12:22:54.585root 11241100x80000000000000003918195Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1411c70c7f38022e2022-01-11 12:22:54.585root 11241100x80000000000000003918196Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d745ddc198134a2b2022-01-11 12:22:54.585root 11241100x80000000000000003918197Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c4b869dd90a9a312022-01-11 12:22:54.585root 11241100x80000000000000003918198Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dace66d72d307eb92022-01-11 12:22:54.586root 11241100x80000000000000003918199Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e34f321f4b07a6b2022-01-11 12:22:54.586root 11241100x80000000000000003918200Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.313b5128602526842022-01-11 12:22:54.586root 11241100x80000000000000003918201Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e02a5faf335b5cf2022-01-11 12:22:54.586root 11241100x80000000000000003918202Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1341ac1bc156a2e32022-01-11 12:22:54.586root 11241100x80000000000000003918203Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e5d9f139dc2f2f92022-01-11 12:22:54.586root 11241100x80000000000000003918204Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1a711eb41391cbe2022-01-11 12:22:54.586root 11241100x80000000000000003918205Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e2fe9f8ba55cad42022-01-11 12:22:54.586root 11241100x80000000000000003918206Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.824f2b11f193ab132022-01-11 12:22:54.586root 11241100x80000000000000003918207Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e345c17836578332022-01-11 12:22:54.586root 11241100x80000000000000003918208Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac0400a33dc36e462022-01-11 12:22:54.586root 11241100x80000000000000003918209Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.893{ec2d504d-f0f9-61db-30a8-2a40f5550000}5391/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log2022-01-11 12:22:54.893root 11241100x80000000000000003918210Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.894{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d9c1b7d99ef58322022-01-11 12:22:54.894root 11241100x80000000000000003918211Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.894{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.75d69410563f36c92022-01-11 12:22:54.894root 11241100x80000000000000003918212Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.894{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3dae3785bf45d8e2022-01-11 12:22:54.894root 11241100x80000000000000003918213Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.894{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1fbc70e9bb069e482022-01-11 12:22:54.894root 11241100x80000000000000003918214Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.894{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce1c069d9bcc34602022-01-11 12:22:54.894root 11241100x80000000000000003918215Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.894{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35f075f141966b892022-01-11 12:22:54.894root 11241100x80000000000000003918216Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.894{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04a50a421ba6f1072022-01-11 12:22:54.894root 11241100x80000000000000003918217Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.894{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fee3d578decbbe3a2022-01-11 12:22:54.894root 11241100x80000000000000003918218Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.894{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4827ff77ad1fcfe2022-01-11 12:22:54.894root 11241100x80000000000000003918219Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.894{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3693887abba9e9e72022-01-11 12:22:54.894root 11241100x80000000000000003918220Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.895{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aab9c542fc5a0fc92022-01-11 12:22:54.895root 11241100x80000000000000003918221Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.895{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e26ee081211011c2022-01-11 12:22:54.895root 11241100x80000000000000003918222Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.895{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a95586b8a10bdb9e2022-01-11 12:22:54.895root 11241100x80000000000000003918223Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.895{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c939a8468f9f24772022-01-11 12:22:54.895root 11241100x80000000000000003918224Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.895{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b27a4bbc0b8b5ef2022-01-11 12:22:54.895root 11241100x80000000000000003918225Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.895{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12ae863d8157200a2022-01-11 12:22:54.895root 11241100x80000000000000003918226Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.895{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8ff97cb046ac15b2022-01-11 12:22:54.895root 11241100x80000000000000003918227Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.895{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd8a5225a7d7401b2022-01-11 12:22:54.895root 11241100x80000000000000003918228Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.895{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.142e02f0466f610e2022-01-11 12:22:54.895root 11241100x80000000000000003918229Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.895{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66ebe6031e27d6a12022-01-11 12:22:54.895root 11241100x80000000000000003918230Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.895{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4d61cb21de3b94472022-01-11 12:22:54.895root 11241100x80000000000000003918231Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.895{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.608468b3db0f0a7f2022-01-11 12:22:54.895root 11241100x80000000000000003918232Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.895{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d364d52c0ef17b1d2022-01-11 12:22:54.895root 11241100x80000000000000003918233Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.895{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d09aad9d7ab438bb2022-01-11 12:22:54.895root 11241100x80000000000000003918234Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.895{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0cc70c13b48d9b32022-01-11 12:22:54.895root 11241100x80000000000000003918235Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.895{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.767c4c32d5f31d622022-01-11 12:22:54.895root 11241100x80000000000000003918236Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.160dd7084989a7392022-01-11 12:22:54.896root 11241100x80000000000000003918237Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba48e1d6b0a9d4272022-01-11 12:22:54.896root 11241100x80000000000000003918238Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66a049d5c2491b202022-01-11 12:22:54.896root 11241100x80000000000000003918239Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ce230c64f253e922022-01-11 12:22:54.896root 11241100x80000000000000003918240Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed89c740b2835e252022-01-11 12:22:54.896root 11241100x80000000000000003918241Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fdcfb2fc788c1a542022-01-11 12:22:54.896root 11241100x80000000000000003918242Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11becd508ff6569b2022-01-11 12:22:54.896root 11241100x80000000000000003918243Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cdbcd3f4d2e854b32022-01-11 12:22:54.896root 11241100x80000000000000003918244Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d962535a9ceffd782022-01-11 12:22:54.896root 11241100x80000000000000003918245Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49e0361427897c412022-01-11 12:22:54.896root 11241100x80000000000000003918246Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce253a07ae01e5972022-01-11 12:22:54.896root 11241100x80000000000000003918247Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.258eba7fb76838802022-01-11 12:22:54.896root 11241100x80000000000000003918248Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d737333fbc680b9b2022-01-11 12:22:54.896root 11241100x80000000000000003918249Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50ec401e487a3cc32022-01-11 12:22:54.896root 11241100x80000000000000003918250Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ddc68e4d88472042022-01-11 12:22:54.896root 11241100x80000000000000003918251Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2dcf18b20e459e42022-01-11 12:22:54.896root 11241100x80000000000000003918252Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.896{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c41ea61b22cffdf2022-01-11 12:22:54.896root 11241100x80000000000000003918253Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.abe5118547b014e32022-01-11 12:22:54.897root 11241100x80000000000000003918254Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:54.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84fe96772b02b13a2022-01-11 12:22:54.897root 354300x80000000000000003918255Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.040{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56354-false10.0.1.12-8000- 11241100x80000000000000003918256Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.724125b81173cfcf2022-01-11 12:22:55.333root 11241100x80000000000000003918257Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ceccf26b1341bb182022-01-11 12:22:55.334root 11241100x80000000000000003918258Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6252d29f733a2f502022-01-11 12:22:55.334root 11241100x80000000000000003918259Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc0f4ecdb46913142022-01-11 12:22:55.334root 11241100x80000000000000003918260Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bde09cc3db924b1e2022-01-11 12:22:55.334root 11241100x80000000000000003918261Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11c06a22f676491a2022-01-11 12:22:55.334root 11241100x80000000000000003918262Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b1885f76ed4674e2022-01-11 12:22:55.334root 11241100x80000000000000003918263Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa24325973c98d862022-01-11 12:22:55.334root 11241100x80000000000000003918264Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4db4894ab25fc7532022-01-11 12:22:55.334root 11241100x80000000000000003918265Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f0de161e75bc6ac2022-01-11 12:22:55.334root 11241100x80000000000000003918266Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c11e78bd5a8ad5b92022-01-11 12:22:55.334root 11241100x80000000000000003918267Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c8169b66a1532c92022-01-11 12:22:55.334root 11241100x80000000000000003918268Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb10d8969bab56602022-01-11 12:22:55.335root 11241100x80000000000000003918269Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.134c84076be708ea2022-01-11 12:22:55.335root 11241100x80000000000000003918270Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ecb2930733f4175a2022-01-11 12:22:55.335root 11241100x80000000000000003918271Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be3b324e217f26552022-01-11 12:22:55.335root 11241100x80000000000000003918272Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1bcad65cf85fbb1a2022-01-11 12:22:55.335root 11241100x80000000000000003918273Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e465446c908599fb2022-01-11 12:22:55.335root 11241100x80000000000000003918274Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93d78beb4046d9c42022-01-11 12:22:55.335root 11241100x80000000000000003918275Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2304f853495e65c2022-01-11 12:22:55.335root 11241100x80000000000000003918276Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b08dbe245600e8942022-01-11 12:22:55.335root 11241100x80000000000000003918277Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96b7ac9cda4fa6ff2022-01-11 12:22:55.335root 11241100x80000000000000003918278Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e124b87928ab2ffe2022-01-11 12:22:55.335root 11241100x80000000000000003918279Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39bebf32b27a30132022-01-11 12:22:55.335root 11241100x80000000000000003918280Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42ad0942546e566c2022-01-11 12:22:55.335root 11241100x80000000000000003918281Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f44527e72a25e1a2022-01-11 12:22:55.336root 11241100x80000000000000003918282Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfbf8b231d9f557a2022-01-11 12:22:55.336root 11241100x80000000000000003918283Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.85c3458b7bdbbb812022-01-11 12:22:55.336root 11241100x80000000000000003918284Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f08e271c6e5bac02022-01-11 12:22:55.336root 11241100x80000000000000003918285Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0440680c52f02d952022-01-11 12:22:55.336root 11241100x80000000000000003918286Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93a0c15131e61d372022-01-11 12:22:55.336root 11241100x80000000000000003918287Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54e86fbc9716832f2022-01-11 12:22:55.336root 11241100x80000000000000003918288Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd3acbb3a07a9b552022-01-11 12:22:55.336root 11241100x80000000000000003918289Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7c27a6e46b914332022-01-11 12:22:55.336root 11241100x80000000000000003918290Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e771df04a32dfd2f2022-01-11 12:22:55.336root 11241100x80000000000000003918291Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48893cfce8d12f172022-01-11 12:22:55.337root 11241100x80000000000000003918292Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca32d47d478abe122022-01-11 12:22:55.337root 11241100x80000000000000003918293Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0dc065e1fc0030a2022-01-11 12:22:55.337root 11241100x80000000000000003918294Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d21e2f0743a04e62022-01-11 12:22:55.834root 11241100x80000000000000003918295Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c28e0700d073ee42022-01-11 12:22:55.834root 11241100x80000000000000003918296Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f7f6c52af2efd7d2022-01-11 12:22:55.834root 11241100x80000000000000003918297Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc4d9c0cc1fb313d2022-01-11 12:22:55.834root 11241100x80000000000000003918298Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d64263b1307eb772022-01-11 12:22:55.834root 11241100x80000000000000003918299Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8bb7fa999ce715cb2022-01-11 12:22:55.834root 11241100x80000000000000003918300Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.020fb18074263f692022-01-11 12:22:55.834root 11241100x80000000000000003918301Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.03cc2eebc84d05f72022-01-11 12:22:55.834root 11241100x80000000000000003918302Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.686f41307392503e2022-01-11 12:22:55.834root 11241100x80000000000000003918303Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97515f6bfa3b59cc2022-01-11 12:22:55.835root 11241100x80000000000000003918304Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c5bd55c9ffb3d8d2022-01-11 12:22:55.835root 11241100x80000000000000003918305Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7aa6f0f03e3261e2022-01-11 12:22:55.835root 11241100x80000000000000003918306Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90ef6f85425c55202022-01-11 12:22:55.835root 11241100x80000000000000003918307Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23fc7ba0553fbec72022-01-11 12:22:55.835root 11241100x80000000000000003918308Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53a936698b7e9f582022-01-11 12:22:55.835root 11241100x80000000000000003918309Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0e121d35ee4cb1b2022-01-11 12:22:55.835root 11241100x80000000000000003918310Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.665a03ca6c3cf28d2022-01-11 12:22:55.835root 11241100x80000000000000003918311Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4757907254517da22022-01-11 12:22:55.835root 11241100x80000000000000003918312Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e43aab323343f4e2022-01-11 12:22:55.835root 11241100x80000000000000003918313Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f49abbdb3fb6f1b2022-01-11 12:22:55.835root 11241100x80000000000000003918314Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be6d1231496e01162022-01-11 12:22:55.835root 11241100x80000000000000003918315Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b3d89971d33b1d72022-01-11 12:22:55.836root 11241100x80000000000000003918316Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f0e9109206200dd2022-01-11 12:22:55.836root 11241100x80000000000000003918317Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ed099b0297ff7292022-01-11 12:22:55.836root 11241100x80000000000000003918318Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f88472d6a41cf352022-01-11 12:22:55.836root 11241100x80000000000000003918319Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.481ff471eb6c34a22022-01-11 12:22:55.836root 11241100x80000000000000003918320Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97860208964729be2022-01-11 12:22:55.836root 11241100x80000000000000003918321Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7b0f69848ff0f582022-01-11 12:22:55.836root 11241100x80000000000000003918322Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18c8f8853105a09f2022-01-11 12:22:55.836root 11241100x80000000000000003918323Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1e0238763d9a96d92022-01-11 12:22:55.836root 11241100x80000000000000003918324Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.566f70d4cc4d83b12022-01-11 12:22:55.836root 11241100x80000000000000003918325Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd215e28b781b4932022-01-11 12:22:55.836root 11241100x80000000000000003918326Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ba8b6c0e77691c22022-01-11 12:22:55.836root 11241100x80000000000000003918327Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77b493ca6d8bec962022-01-11 12:22:55.836root 11241100x80000000000000003918328Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:55.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2930e04a506139412022-01-11 12:22:55.836root 11241100x80000000000000003918329Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84a850686749888b2022-01-11 12:22:56.333root 11241100x80000000000000003918330Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a654f6353477543e2022-01-11 12:22:56.334root 11241100x80000000000000003918331Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.050f7351c77efa0a2022-01-11 12:22:56.334root 11241100x80000000000000003918332Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bea6ca7ecd8b839d2022-01-11 12:22:56.334root 11241100x80000000000000003918333Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b82f3bd0062d557d2022-01-11 12:22:56.334root 11241100x80000000000000003918334Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6526ca2943c722d2022-01-11 12:22:56.334root 11241100x80000000000000003918335Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb64e9e3095cb85f2022-01-11 12:22:56.334root 11241100x80000000000000003918336Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c469ab1e35c5c5832022-01-11 12:22:56.334root 11241100x80000000000000003918337Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76aa2124d4cdf82d2022-01-11 12:22:56.334root 11241100x80000000000000003918338Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b268e38621f8f1d62022-01-11 12:22:56.334root 11241100x80000000000000003918339Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a3653a54c2f29822022-01-11 12:22:56.334root 11241100x80000000000000003918340Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.152b80ed424aa5252022-01-11 12:22:56.334root 11241100x80000000000000003918341Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4170082eb2f3f5ce2022-01-11 12:22:56.334root 11241100x80000000000000003918342Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c907ddc4fc9b829f2022-01-11 12:22:56.334root 11241100x80000000000000003918343Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dac9e7c765580db32022-01-11 12:22:56.335root 11241100x80000000000000003918344Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a72af0b492972ae32022-01-11 12:22:56.335root 11241100x80000000000000003918345Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48af9f09dfdcfde12022-01-11 12:22:56.335root 11241100x80000000000000003918346Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.306ffe65e9ab7c292022-01-11 12:22:56.335root 11241100x80000000000000003918347Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.023626ab11410f882022-01-11 12:22:56.335root 11241100x80000000000000003918348Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf762f3883119a802022-01-11 12:22:56.335root 11241100x80000000000000003918349Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cbd3878248611c192022-01-11 12:22:56.335root 11241100x80000000000000003918350Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c82787e094ce297f2022-01-11 12:22:56.335root 11241100x80000000000000003918351Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d291fad0f47af6602022-01-11 12:22:56.335root 11241100x80000000000000003918352Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc5ce53437c50ce42022-01-11 12:22:56.335root 11241100x80000000000000003918353Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af54de04adc120bc2022-01-11 12:22:56.335root 11241100x80000000000000003918354Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.932d9e135b7741b92022-01-11 12:22:56.335root 11241100x80000000000000003918355Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ea4379dcd393dd32022-01-11 12:22:56.335root 11241100x80000000000000003918356Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e86c50c597c5c0a52022-01-11 12:22:56.336root 11241100x80000000000000003918357Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd0aec0a46c1f8432022-01-11 12:22:56.336root 11241100x80000000000000003918358Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2368aa1b7cf13ad2022-01-11 12:22:56.336root 11241100x80000000000000003918359Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.662fee4bea9894cd2022-01-11 12:22:56.336root 11241100x80000000000000003918360Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4d62664660a606522022-01-11 12:22:56.336root 11241100x80000000000000003918361Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2001929a55315092022-01-11 12:22:56.336root 11241100x80000000000000003918362Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.161becbb148006172022-01-11 12:22:56.336root 11241100x80000000000000003918363Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e55279a67f4f29a72022-01-11 12:22:56.336root 11241100x80000000000000003918364Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33d1e7fa141edbe02022-01-11 12:22:56.834root 11241100x80000000000000003918365Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.85215ef85049eba72022-01-11 12:22:56.834root 11241100x80000000000000003918366Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac0a825271c723862022-01-11 12:22:56.834root 11241100x80000000000000003918367Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f168c3b6ec15f8e2022-01-11 12:22:56.834root 11241100x80000000000000003918368Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bbc380d79f4508e12022-01-11 12:22:56.834root 11241100x80000000000000003918369Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c9b2aff113c5b532022-01-11 12:22:56.834root 11241100x80000000000000003918370Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.057c2f2afd2c481f2022-01-11 12:22:56.834root 11241100x80000000000000003918371Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.58e6486394d1d3132022-01-11 12:22:56.834root 11241100x80000000000000003918372Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa18301cf01c16362022-01-11 12:22:56.835root 11241100x80000000000000003918373Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb418b2f06229c432022-01-11 12:22:56.835root 11241100x80000000000000003918374Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f283a1f3f9077e892022-01-11 12:22:56.835root 11241100x80000000000000003918375Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0cb307d2351b9ce22022-01-11 12:22:56.835root 11241100x80000000000000003918376Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab6f1c2111dfbb552022-01-11 12:22:56.835root 11241100x80000000000000003918377Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4876b12255830d172022-01-11 12:22:56.835root 11241100x80000000000000003918378Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a090d1940e669b02022-01-11 12:22:56.835root 11241100x80000000000000003918379Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff8f1a6c63e7bf0d2022-01-11 12:22:56.835root 11241100x80000000000000003918380Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fca7832f68a8c3e22022-01-11 12:22:56.835root 11241100x80000000000000003918381Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1c293a84956c54d2022-01-11 12:22:56.835root 11241100x80000000000000003918382Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.058d807eed4ad01e2022-01-11 12:22:56.835root 11241100x80000000000000003918383Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6003db6c1a3cb0d2022-01-11 12:22:56.835root 11241100x80000000000000003918384Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b3cacd2a4d1efb42022-01-11 12:22:56.835root 11241100x80000000000000003918385Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7e7682523ab385a2022-01-11 12:22:56.835root 11241100x80000000000000003918386Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c10bbe27043a53f42022-01-11 12:22:56.835root 11241100x80000000000000003918387Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47ced2bb53e8627a2022-01-11 12:22:56.836root 11241100x80000000000000003918388Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9244c906ddb54a172022-01-11 12:22:56.836root 11241100x80000000000000003918389Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb456262027bf63d2022-01-11 12:22:56.836root 11241100x80000000000000003918390Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed566dd4417363e62022-01-11 12:22:56.836root 11241100x80000000000000003918391Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a4cba7cc17ad3cc2022-01-11 12:22:56.836root 11241100x80000000000000003918392Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c4657e8752058c22022-01-11 12:22:56.836root 11241100x80000000000000003918393Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7d76a683ee75c832022-01-11 12:22:56.836root 11241100x80000000000000003918394Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e2953fc649af9042022-01-11 12:22:56.836root 11241100x80000000000000003918395Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c232094e5ec15a832022-01-11 12:22:56.836root 11241100x80000000000000003918396Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1aeb2023b4a03022022-01-11 12:22:56.836root 11241100x80000000000000003918397Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb7fd93b76903b7c2022-01-11 12:22:56.836root 11241100x80000000000000003918398Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:56.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e4dde913a66373a2022-01-11 12:22:56.836root 11241100x80000000000000003918399Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1ffe2f515c114762022-01-11 12:22:57.334root 11241100x80000000000000003918400Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.690e144d97760c8e2022-01-11 12:22:57.334root 11241100x80000000000000003918401Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d25660cd4c7fc9c2022-01-11 12:22:57.334root 11241100x80000000000000003918402Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b620085768341cf02022-01-11 12:22:57.335root 11241100x80000000000000003918403Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51ac7f41d691aa9d2022-01-11 12:22:57.335root 11241100x80000000000000003918404Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5b5e6367b9ff0db2022-01-11 12:22:57.335root 11241100x80000000000000003918405Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53e9c40cef7890962022-01-11 12:22:57.335root 11241100x80000000000000003918406Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63943ca927c0acd42022-01-11 12:22:57.335root 11241100x80000000000000003918407Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.07954d7c77cfb21e2022-01-11 12:22:57.335root 11241100x80000000000000003918408Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d10c7fd11188c122022-01-11 12:22:57.336root 11241100x80000000000000003918409Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.053a3b331f3b0a2e2022-01-11 12:22:57.336root 11241100x80000000000000003918410Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.94347f985a9354c32022-01-11 12:22:57.336root 11241100x80000000000000003918411Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53cf97c093d0f13b2022-01-11 12:22:57.336root 11241100x80000000000000003918412Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0e23dd51778aa052022-01-11 12:22:57.336root 11241100x80000000000000003918413Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3cfff42bacea38e2022-01-11 12:22:57.336root 11241100x80000000000000003918414Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4fb565e88cb398722022-01-11 12:22:57.336root 11241100x80000000000000003918415Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d3b15e1f7efd8e42022-01-11 12:22:57.337root 11241100x80000000000000003918416Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3324e771f24dfc582022-01-11 12:22:57.337root 11241100x80000000000000003918417Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2ed95431c1030982022-01-11 12:22:57.337root 11241100x80000000000000003918418Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02a12a3efd6561212022-01-11 12:22:57.337root 11241100x80000000000000003918419Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ef4ab561c9a4ec62022-01-11 12:22:57.337root 11241100x80000000000000003918420Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7062ec9bc19d68da2022-01-11 12:22:57.338root 11241100x80000000000000003918421Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a045cdcfc58e4a452022-01-11 12:22:57.338root 11241100x80000000000000003918422Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a96537e1b8163b22022-01-11 12:22:57.338root 11241100x80000000000000003918423Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ac2a1b5514673a02022-01-11 12:22:57.338root 11241100x80000000000000003918424Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.75221e80b232da0f2022-01-11 12:22:57.338root 11241100x80000000000000003918425Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ea83c5f6b75f9442022-01-11 12:22:57.338root 11241100x80000000000000003918426Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8ad287dc5e71d4e2022-01-11 12:22:57.338root 11241100x80000000000000003918427Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08622571e5856ea72022-01-11 12:22:57.338root 11241100x80000000000000003918428Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce46702d33061d8b2022-01-11 12:22:57.338root 11241100x80000000000000003918429Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c5fe5f512cbfc0c2022-01-11 12:22:57.338root 11241100x80000000000000003918430Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.341{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5de4651eddc7adc92022-01-11 12:22:57.341root 11241100x80000000000000003918431Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.341{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.afcce19de2269eae2022-01-11 12:22:57.341root 11241100x80000000000000003918432Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.341{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.450e91966bdc41d92022-01-11 12:22:57.341root 11241100x80000000000000003918433Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.341{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54eb0a642a5117622022-01-11 12:22:57.341root 11241100x80000000000000003918434Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.344{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f9dce8048900a2c2022-01-11 12:22:57.344root 11241100x80000000000000003918435Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.344{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c21203be18484432022-01-11 12:22:57.344root 11241100x80000000000000003918436Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.344{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.58028740db3063a32022-01-11 12:22:57.344root 11241100x80000000000000003918437Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.344{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ea0a8597f86296f2022-01-11 12:22:57.344root 11241100x80000000000000003918438Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.344{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73d8eb8abfe65d6c2022-01-11 12:22:57.344root 11241100x80000000000000003918439Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.345{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ea32d7ec27d00dc2022-01-11 12:22:57.345root 11241100x80000000000000003918440Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.345{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d714f355349464042022-01-11 12:22:57.345root 11241100x80000000000000003918441Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.345{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b60a81557d7413002022-01-11 12:22:57.345root 11241100x80000000000000003918442Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.345{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e042592833f1434f2022-01-11 12:22:57.345root 11241100x80000000000000003918443Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.345{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b3e7620635a05ca2022-01-11 12:22:57.345root 11241100x80000000000000003918444Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.345{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f321708fd08b61462022-01-11 12:22:57.345root 11241100x80000000000000003918445Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.345{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a69cabefbe345b22022-01-11 12:22:57.345root 11241100x80000000000000003918446Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.347{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3335b79dca08a7742022-01-11 12:22:57.347root 11241100x80000000000000003918447Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.348{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0c56ed61e38f9572022-01-11 12:22:57.348root 11241100x80000000000000003918448Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.348{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01fbbe591de1b1962022-01-11 12:22:57.348root 11241100x80000000000000003918449Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.348{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbaa6235814ee6252022-01-11 12:22:57.348root 11241100x80000000000000003918450Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.348{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9914fefa471be7ba2022-01-11 12:22:57.348root 11241100x80000000000000003918451Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.348{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d77b906a137ef6a2022-01-11 12:22:57.348root 11241100x80000000000000003918452Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.348{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d31c5c724586a1e82022-01-11 12:22:57.348root 11241100x80000000000000003918453Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.348{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.495ad3421d4e8e352022-01-11 12:22:57.348root 11241100x80000000000000003918454Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.348{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea2d8fb0612db0e32022-01-11 12:22:57.348root 11241100x80000000000000003918455Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.348{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c65a3ce21bb9f0432022-01-11 12:22:57.348root 11241100x80000000000000003918456Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.348{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a89adc808a8bb972022-01-11 12:22:57.348root 11241100x80000000000000003918457Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.348{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.608bed283853f51a2022-01-11 12:22:57.348root 11241100x80000000000000003918458Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.348{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0944671e935bcbbf2022-01-11 12:22:57.348root 11241100x80000000000000003918459Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.348{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b76c2273fbcbb3d72022-01-11 12:22:57.348root 11241100x80000000000000003918460Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.349{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.781761f3d667d3762022-01-11 12:22:57.349root 11241100x80000000000000003918461Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.349{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a27e712647a9baa2022-01-11 12:22:57.349root 11241100x80000000000000003918462Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.349{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57e2bb58992fc1702022-01-11 12:22:57.349root 11241100x80000000000000003918463Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.349{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7cb7e9b35a0bb7422022-01-11 12:22:57.349root 11241100x80000000000000003918464Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.349{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d497756f28c0374b2022-01-11 12:22:57.349root 11241100x80000000000000003918465Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.349{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b26d4b2f72ab13a2022-01-11 12:22:57.349root 11241100x80000000000000003918466Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.349{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.484dd8ed00c6e4012022-01-11 12:22:57.349root 11241100x80000000000000003918467Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.349{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63af9109fc399b922022-01-11 12:22:57.349root 11241100x80000000000000003918468Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.349{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b0ed3cac6f4bffe2022-01-11 12:22:57.349root 11241100x80000000000000003918469Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.349{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55663fe39efe01702022-01-11 12:22:57.349root 11241100x80000000000000003918470Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.349{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09293b2e8ae9aeb42022-01-11 12:22:57.349root 11241100x80000000000000003918471Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.350{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dde2c8a9665df9992022-01-11 12:22:57.350root 11241100x80000000000000003918472Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.350{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbbcb9a9b6c3056d2022-01-11 12:22:57.350root 11241100x80000000000000003918473Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.350{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.314b02984328dc942022-01-11 12:22:57.350root 11241100x80000000000000003918474Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.350{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.664a73b39b27c1a92022-01-11 12:22:57.350root 11241100x80000000000000003918475Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84a6db60fb8cb84a2022-01-11 12:22:57.833root 11241100x80000000000000003918476Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23ba0993712c6c562022-01-11 12:22:57.833root 11241100x80000000000000003918477Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8a3cc670c0f53b32022-01-11 12:22:57.834root 11241100x80000000000000003918478Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f304818f7522017e2022-01-11 12:22:57.834root 11241100x80000000000000003918479Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74b8b1713d486f052022-01-11 12:22:57.834root 11241100x80000000000000003918480Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72ace91fab2e73c02022-01-11 12:22:57.835root 11241100x80000000000000003918481Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cad468d8fec8f1852022-01-11 12:22:57.835root 11241100x80000000000000003918482Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b09e3d2f43c1b0b2022-01-11 12:22:57.835root 11241100x80000000000000003918483Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c447382f929053142022-01-11 12:22:57.835root 11241100x80000000000000003918484Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f6bd8795a2f0b232022-01-11 12:22:57.835root 11241100x80000000000000003918485Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54f7e76b5780aa562022-01-11 12:22:57.836root 11241100x80000000000000003918486Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4964e195f3ef2ad62022-01-11 12:22:57.836root 11241100x80000000000000003918487Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a57899c00a059f222022-01-11 12:22:57.836root 11241100x80000000000000003918488Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d1d3d12d38fe9442022-01-11 12:22:57.836root 11241100x80000000000000003918489Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f780b1b76e0895f62022-01-11 12:22:57.836root 11241100x80000000000000003918490Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dad2e192fdd91d102022-01-11 12:22:57.836root 11241100x80000000000000003918491Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f38d1904019c56cf2022-01-11 12:22:57.836root 11241100x80000000000000003918492Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cdb4a20a2f2f453f2022-01-11 12:22:57.836root 11241100x80000000000000003918493Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90a0f8e059525dc82022-01-11 12:22:57.836root 11241100x80000000000000003918494Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80c238f502e454be2022-01-11 12:22:57.836root 11241100x80000000000000003918495Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.939d49fc5b06a5222022-01-11 12:22:57.837root 11241100x80000000000000003918496Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f8eb06c5862b0db2022-01-11 12:22:57.837root 11241100x80000000000000003918497Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e00f5a8fd7f5b0f2022-01-11 12:22:57.837root 11241100x80000000000000003918498Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7cb8a7e4cc30f0d52022-01-11 12:22:57.837root 11241100x80000000000000003918499Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de9970e740dfab452022-01-11 12:22:57.837root 11241100x80000000000000003918500Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0649d5f40651d0822022-01-11 12:22:57.837root 11241100x80000000000000003918501Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f5461f72ccda7962022-01-11 12:22:57.837root 11241100x80000000000000003918502Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a649acbe18d72f462022-01-11 12:22:57.837root 11241100x80000000000000003918503Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11c33275364760412022-01-11 12:22:57.837root 11241100x80000000000000003918504Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89f37d8f7d7f7ce82022-01-11 12:22:57.837root 11241100x80000000000000003918505Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54908b100a2b8fc82022-01-11 12:22:57.837root 11241100x80000000000000003918506Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11f5627837b00bae2022-01-11 12:22:57.837root 11241100x80000000000000003918507Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a4cd7595f6038d22022-01-11 12:22:57.837root 11241100x80000000000000003918508Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42567e2c3b42c9a62022-01-11 12:22:57.837root 11241100x80000000000000003918509Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b22ee89ae2de4012022-01-11 12:22:57.837root 11241100x80000000000000003918510Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8610eaa73754fe7d2022-01-11 12:22:57.837root 11241100x80000000000000003918511Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d38f40dc6f5e61cf2022-01-11 12:22:57.838root 11241100x80000000000000003918512Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8792b4dcb062654c2022-01-11 12:22:57.838root 11241100x80000000000000003918513Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2153e52bd563cb62022-01-11 12:22:57.838root 11241100x80000000000000003918514Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dce014dd96a043062022-01-11 12:22:57.838root 11241100x80000000000000003918515Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bca87c7c5e40fc082022-01-11 12:22:57.838root 11241100x80000000000000003918516Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3086c31bb03b53632022-01-11 12:22:57.838root 11241100x80000000000000003918517Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9bd9cdda5666d7772022-01-11 12:22:57.838root 11241100x80000000000000003918518Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c6fad195a5498192022-01-11 12:22:57.838root 11241100x80000000000000003918519Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ede85a1eac8f3ca62022-01-11 12:22:57.838root 23542300x80000000000000003918520Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:57.894{ec2d504d-f0f9-61db-30a8-2a40f5550000}5391root/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log--- 11241100x80000000000000003918521Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ca690e92a06e2b02022-01-11 12:22:58.334root 11241100x80000000000000003918522Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2addaded10049d8e2022-01-11 12:22:58.334root 11241100x80000000000000003918523Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.45e5d4f7b4d7fc402022-01-11 12:22:58.334root 11241100x80000000000000003918524Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9080449569d11b622022-01-11 12:22:58.334root 11241100x80000000000000003918525Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3eb18b26b653bfd92022-01-11 12:22:58.334root 11241100x80000000000000003918526Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.30ea8e3c49f1a6042022-01-11 12:22:58.334root 11241100x80000000000000003918527Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.579587c63e22f15f2022-01-11 12:22:58.334root 11241100x80000000000000003918528Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5fb8e8c39896a2772022-01-11 12:22:58.335root 11241100x80000000000000003918529Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe4b5ada5c5521ab2022-01-11 12:22:58.335root 11241100x80000000000000003918530Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53c461eeca3419cc2022-01-11 12:22:58.335root 11241100x80000000000000003918531Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.173cbd420b78c8102022-01-11 12:22:58.335root 11241100x80000000000000003918532Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.318b997ef742daf82022-01-11 12:22:58.335root 11241100x80000000000000003918533Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f4f178b546d953c2022-01-11 12:22:58.335root 11241100x80000000000000003918534Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b476b9ac5201fb1a2022-01-11 12:22:58.335root 11241100x80000000000000003918535Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08c44e570fb413622022-01-11 12:22:58.335root 11241100x80000000000000003918536Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6cf64227e47057b2022-01-11 12:22:58.335root 11241100x80000000000000003918537Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.866a4fa01878b82f2022-01-11 12:22:58.335root 11241100x80000000000000003918538Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f2ad43b6677a7d72022-01-11 12:22:58.335root 11241100x80000000000000003918539Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57387abd22f0a2a72022-01-11 12:22:58.335root 11241100x80000000000000003918540Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.112f59fca1bcb4c52022-01-11 12:22:58.335root 11241100x80000000000000003918541Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63f8ba86a8dfdc752022-01-11 12:22:58.336root 11241100x80000000000000003918542Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8432bbdf6d184dfc2022-01-11 12:22:58.336root 11241100x80000000000000003918543Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77d01c59f7c946552022-01-11 12:22:58.336root 11241100x80000000000000003918544Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ea95a6e315acb9c2022-01-11 12:22:58.336root 11241100x80000000000000003918545Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.922c791627e43b492022-01-11 12:22:58.336root 11241100x80000000000000003918546Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a692891fa849b6c2022-01-11 12:22:58.336root 11241100x80000000000000003918547Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d39fb19e034c9722022-01-11 12:22:58.336root 11241100x80000000000000003918548Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aeeca69f9d762f632022-01-11 12:22:58.336root 11241100x80000000000000003918549Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.713680fed671cfc92022-01-11 12:22:58.336root 11241100x80000000000000003918550Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f06d64d91eeeeb32022-01-11 12:22:58.336root 11241100x80000000000000003918551Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e719880d9764ecc2022-01-11 12:22:58.336root 11241100x80000000000000003918552Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.59fb247e09068d362022-01-11 12:22:58.336root 11241100x80000000000000003918553Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8913d31c785c2cc2022-01-11 12:22:58.337root 11241100x80000000000000003918554Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a56a9cfda73be8392022-01-11 12:22:58.337root 11241100x80000000000000003918555Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f5791f097418ff72022-01-11 12:22:58.337root 11241100x80000000000000003918556Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b93ffba5afaa43e72022-01-11 12:22:58.337root 11241100x80000000000000003918557Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.373fecda4f5f58062022-01-11 12:22:58.833root 11241100x80000000000000003918558Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6deb911c2a2b77f2022-01-11 12:22:58.833root 11241100x80000000000000003918559Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.479d5fb9b9239d882022-01-11 12:22:58.833root 11241100x80000000000000003918560Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3676da19fc7b908e2022-01-11 12:22:58.833root 11241100x80000000000000003918561Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e3babedb144a8472022-01-11 12:22:58.834root 11241100x80000000000000003918562Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62ef112db05c43702022-01-11 12:22:58.834root 11241100x80000000000000003918563Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.737bb0fa247161222022-01-11 12:22:58.834root 11241100x80000000000000003918564Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86902b5199619e112022-01-11 12:22:58.834root 11241100x80000000000000003918565Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e64c23686e0c3182022-01-11 12:22:58.834root 11241100x80000000000000003918566Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.240957973fa0bdfb2022-01-11 12:22:58.834root 11241100x80000000000000003918567Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43b54b49bffbd1bc2022-01-11 12:22:58.834root 11241100x80000000000000003918568Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c6340e17a2003352022-01-11 12:22:58.834root 11241100x80000000000000003918569Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b9688f7c9612df82022-01-11 12:22:58.834root 11241100x80000000000000003918570Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b67c7b80ecc6f9732022-01-11 12:22:58.834root 11241100x80000000000000003918571Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.94861142ac49cde92022-01-11 12:22:58.835root 11241100x80000000000000003918572Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1781f3de88ba5062022-01-11 12:22:58.835root 11241100x80000000000000003918573Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37f2ea61bf12b06a2022-01-11 12:22:58.835root 11241100x80000000000000003918574Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4eba3951c78a4f272022-01-11 12:22:58.835root 11241100x80000000000000003918575Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c3c6853f55c37ff2022-01-11 12:22:58.835root 11241100x80000000000000003918576Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8dcbb928b2c71662022-01-11 12:22:58.835root 11241100x80000000000000003918577Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.75fabea3039b44372022-01-11 12:22:58.835root 11241100x80000000000000003918578Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0334a8c07a6fa08f2022-01-11 12:22:58.835root 11241100x80000000000000003918579Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0e6637e54c1fae32022-01-11 12:22:58.835root 11241100x80000000000000003918580Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f58abbca5ef756ae2022-01-11 12:22:58.835root 11241100x80000000000000003918581Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca322726f2cdf32e2022-01-11 12:22:58.836root 11241100x80000000000000003918582Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb37ab5774a35a2c2022-01-11 12:22:58.836root 11241100x80000000000000003918583Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d9235fec124f57362022-01-11 12:22:58.836root 11241100x80000000000000003918584Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d74e8b8e3eb88292022-01-11 12:22:58.836root 11241100x80000000000000003918585Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be34bc953c7633252022-01-11 12:22:58.836root 11241100x80000000000000003918586Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6210289932de30d32022-01-11 12:22:58.836root 11241100x80000000000000003918587Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf7930b7635fbabb2022-01-11 12:22:58.836root 11241100x80000000000000003918588Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57dca708cbeefea12022-01-11 12:22:58.837root 11241100x80000000000000003918589Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d54fb2a1d4477eb72022-01-11 12:22:58.837root 11241100x80000000000000003918590Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.103aa703b56f178f2022-01-11 12:22:58.837root 11241100x80000000000000003918591Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c54a9a9c3023a852022-01-11 12:22:58.837root 11241100x80000000000000003918592Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22c35302bb728ec82022-01-11 12:22:58.837root 11241100x80000000000000003918593Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ecb931e4b40532b2022-01-11 12:22:58.837root 11241100x80000000000000003918594Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1e9a52f6c1946cbd2022-01-11 12:22:58.837root 11241100x80000000000000003918595Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9b2e99b19809d812022-01-11 12:22:58.837root 11241100x80000000000000003918596Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.857aa705997cbe612022-01-11 12:22:58.837root 11241100x80000000000000003918597Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf494efd86feb4812022-01-11 12:22:58.838root 11241100x80000000000000003918598Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26d8a25a3199e4e82022-01-11 12:22:58.838root 11241100x80000000000000003918599Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c8bbf89cada96412022-01-11 12:22:58.838root 11241100x80000000000000003918600Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f99a9ca5aa373b222022-01-11 12:22:58.838root 11241100x80000000000000003918601Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d083308a321b1c4a2022-01-11 12:22:58.838root 11241100x80000000000000003918602Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe933a2391e697cf2022-01-11 12:22:58.838root 11241100x80000000000000003918603Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4207e6a4aeaabe92022-01-11 12:22:58.838root 11241100x80000000000000003918604Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d533380bc8b6dddd2022-01-11 12:22:58.838root 11241100x80000000000000003918605Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.874217748c9418a12022-01-11 12:22:58.838root 11241100x80000000000000003918606Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96dd6ae0b9df65432022-01-11 12:22:58.838root 11241100x80000000000000003918607Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dde1f5353bda4ad52022-01-11 12:22:58.838root 11241100x80000000000000003918608Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b44122f93e723c7d2022-01-11 12:22:58.839root 11241100x80000000000000003918609Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.179f7a4a5dd314722022-01-11 12:22:58.839root 11241100x80000000000000003918610Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1b07d5ac966d4582022-01-11 12:22:58.839root 11241100x80000000000000003918611Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49980345fdf6e6782022-01-11 12:22:58.839root 11241100x80000000000000003918612Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69b50df92ed905242022-01-11 12:22:58.839root 11241100x80000000000000003918613Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.635d01041e7b05d62022-01-11 12:22:58.839root 11241100x80000000000000003918614Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e5fa2f1d54015cf2022-01-11 12:22:58.839root 11241100x80000000000000003918615Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86ca90d8cfbf88712022-01-11 12:22:58.839root 11241100x80000000000000003918616Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.620e4201c815fb852022-01-11 12:22:58.840root 11241100x80000000000000003918617Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9623cf83358b43c2022-01-11 12:22:58.840root 11241100x80000000000000003918618Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee6ae797b366a11b2022-01-11 12:22:58.840root 11241100x80000000000000003918619Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4891993ef5f8b0262022-01-11 12:22:58.840root 11241100x80000000000000003918620Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0459f9967fd96eee2022-01-11 12:22:58.840root 11241100x80000000000000003918621Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da99cce8aff4c98b2022-01-11 12:22:58.840root 11241100x80000000000000003918622Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f5c96a080ef23be2022-01-11 12:22:58.840root 11241100x80000000000000003918623Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4602908a0eabad682022-01-11 12:22:58.840root 11241100x80000000000000003918624Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:58.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f3e43fd0d0973f32022-01-11 12:22:58.840root 11241100x80000000000000003918625Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a79a85283ceb37d2022-01-11 12:22:59.333root 11241100x80000000000000003918626Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4cf86da8dd5287fc2022-01-11 12:22:59.334root 11241100x80000000000000003918627Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2bd48887f3cf92e32022-01-11 12:22:59.334root 11241100x80000000000000003918628Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.735eef7365e471c32022-01-11 12:22:59.334root 11241100x80000000000000003918629Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5029690d7a2696aa2022-01-11 12:22:59.334root 11241100x80000000000000003918630Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c73c1c6c9d078cfb2022-01-11 12:22:59.334root 11241100x80000000000000003918631Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d1b9da566e16ae72022-01-11 12:22:59.334root 11241100x80000000000000003918632Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bbebdbce155326f62022-01-11 12:22:59.334root 11241100x80000000000000003918633Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ba3f4eac35ddfe22022-01-11 12:22:59.334root 11241100x80000000000000003918634Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c64a2e534b491f2c2022-01-11 12:22:59.334root 11241100x80000000000000003918635Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ba6195c67de8b862022-01-11 12:22:59.334root 11241100x80000000000000003918636Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.578f71e157c897252022-01-11 12:22:59.334root 11241100x80000000000000003918637Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17bd6bd1823f75022022-01-11 12:22:59.334root 11241100x80000000000000003918638Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b8e27ff493182c902022-01-11 12:22:59.335root 11241100x80000000000000003918639Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9442e4b688a4ae042022-01-11 12:22:59.335root 11241100x80000000000000003918640Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1cd40811512e3f22022-01-11 12:22:59.335root 11241100x80000000000000003918641Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89c34e62f4daa8702022-01-11 12:22:59.335root 11241100x80000000000000003918642Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dee630905068b3fe2022-01-11 12:22:59.335root 11241100x80000000000000003918643Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b109969652e70f32022-01-11 12:22:59.335root 11241100x80000000000000003918644Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.28dd0151bba3e2812022-01-11 12:22:59.335root 11241100x80000000000000003918645Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8cb57e38eaf8ab632022-01-11 12:22:59.335root 11241100x80000000000000003918646Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8fea3a5e3519aa72022-01-11 12:22:59.335root 11241100x80000000000000003918647Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.977b7426db918bd52022-01-11 12:22:59.335root 11241100x80000000000000003918648Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7daa70fcb100a1ff2022-01-11 12:22:59.335root 11241100x80000000000000003918649Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.45b022617c15d8b42022-01-11 12:22:59.335root 11241100x80000000000000003918650Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7ca163b4229aa9b2022-01-11 12:22:59.335root 11241100x80000000000000003918651Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.931139382402a95e2022-01-11 12:22:59.335root 11241100x80000000000000003918652Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff09b6216292e8432022-01-11 12:22:59.336root 11241100x80000000000000003918653Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f27333e564d73b9b2022-01-11 12:22:59.336root 11241100x80000000000000003918654Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.14112efa43a3f09f2022-01-11 12:22:59.336root 11241100x80000000000000003918655Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.31680c78e096989b2022-01-11 12:22:59.336root 11241100x80000000000000003918656Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f4eba98c8582ba692022-01-11 12:22:59.336root 11241100x80000000000000003918657Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ed3da1e4d4e03252022-01-11 12:22:59.336root 11241100x80000000000000003918658Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f516f3a7fd9e7db2022-01-11 12:22:59.336root 11241100x80000000000000003918659Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3eb08a3bae0966202022-01-11 12:22:59.336root 11241100x80000000000000003918660Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7547330df6377e9c2022-01-11 12:22:59.336root 11241100x80000000000000003918661Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74e9a133a2b69a882022-01-11 12:22:59.336root 11241100x80000000000000003918662Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed032835e43d146f2022-01-11 12:22:59.336root 11241100x80000000000000003918663Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d5bf02ff6b6fb062022-01-11 12:22:59.336root 11241100x80000000000000003918664Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10e435d7e12762832022-01-11 12:22:59.336root 11241100x80000000000000003918665Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3f6e1e9988bbd632022-01-11 12:22:59.336root 11241100x80000000000000003918666Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee6ef4d7fa2813a02022-01-11 12:22:59.336root 11241100x80000000000000003918667Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.598f74821fa3ef532022-01-11 12:22:59.337root 11241100x80000000000000003918668Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac6b8fc3403f97f42022-01-11 12:22:59.338root 11241100x80000000000000003918669Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26252d893868736c2022-01-11 12:22:59.339root 11241100x80000000000000003918670Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.339{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1d86d73763bd1162022-01-11 12:22:59.339root 11241100x80000000000000003918671Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02fce8e81d092a522022-01-11 12:22:59.833root 11241100x80000000000000003918672Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af093c1562b72ea72022-01-11 12:22:59.834root 11241100x80000000000000003918673Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f371cf0656fa5beb2022-01-11 12:22:59.834root 11241100x80000000000000003918674Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61a553996ec8152c2022-01-11 12:22:59.834root 11241100x80000000000000003918675Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc27491a932275172022-01-11 12:22:59.834root 11241100x80000000000000003918676Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48eb15af1e78624a2022-01-11 12:22:59.834root 11241100x80000000000000003918677Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7dbcf52f248e33d2022-01-11 12:22:59.834root 11241100x80000000000000003918678Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ae2cf93351973e32022-01-11 12:22:59.834root 11241100x80000000000000003918679Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a07bc448465a896d2022-01-11 12:22:59.834root 11241100x80000000000000003918680Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd10e9f5f04f42602022-01-11 12:22:59.835root 11241100x80000000000000003918681Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f59efe70ff59987b2022-01-11 12:22:59.835root 11241100x80000000000000003918682Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5247ea59813d98352022-01-11 12:22:59.835root 11241100x80000000000000003918683Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6f794df7589bd1a2022-01-11 12:22:59.835root 11241100x80000000000000003918684Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.98493df134aaf28b2022-01-11 12:22:59.835root 11241100x80000000000000003918685Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a10f51af1c6f9422022-01-11 12:22:59.835root 11241100x80000000000000003918686Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c67b5250a57a5f42022-01-11 12:22:59.835root 11241100x80000000000000003918687Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73b78c8df7e827e12022-01-11 12:22:59.835root 11241100x80000000000000003918688Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b258295f0ffdf7ec2022-01-11 12:22:59.835root 11241100x80000000000000003918689Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b46e1a44748feac92022-01-11 12:22:59.835root 11241100x80000000000000003918690Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25a7c5061e5761362022-01-11 12:22:59.835root 11241100x80000000000000003918691Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72c996a601b4a8c12022-01-11 12:22:59.835root 11241100x80000000000000003918692Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b1a5ecffc7950e92022-01-11 12:22:59.835root 11241100x80000000000000003918693Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5840d3f4ae768edc2022-01-11 12:22:59.836root 11241100x80000000000000003918694Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1be4fe2f18a72cc22022-01-11 12:22:59.836root 11241100x80000000000000003918695Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12840473aea1d8092022-01-11 12:22:59.836root 11241100x80000000000000003918696Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.30af1a40f6d893ab2022-01-11 12:22:59.836root 11241100x80000000000000003918697Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1abac48b36622292022-01-11 12:22:59.836root 11241100x80000000000000003918698Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b29d5b1593755e12022-01-11 12:22:59.836root 11241100x80000000000000003918699Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.257536c1370a27eb2022-01-11 12:22:59.836root 11241100x80000000000000003918700Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f781018be6d38df2022-01-11 12:22:59.836root 11241100x80000000000000003918701Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72ac80e4e2f2d6222022-01-11 12:22:59.836root 11241100x80000000000000003918702Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c4b5a8ee71022742022-01-11 12:22:59.836root 11241100x80000000000000003918703Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af0e630af719cf2d2022-01-11 12:22:59.836root 11241100x80000000000000003918704Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97df679f0f187f422022-01-11 12:22:59.836root 11241100x80000000000000003918705Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.757be21ce0413eba2022-01-11 12:22:59.836root 11241100x80000000000000003918706Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16f86a843ee402332022-01-11 12:22:59.836root 11241100x80000000000000003918707Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d63a2e3a4a2d51e2022-01-11 12:22:59.836root 11241100x80000000000000003918708Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f8f674a4826953b2022-01-11 12:22:59.837root 11241100x80000000000000003918709Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d55956d31e51ea202022-01-11 12:22:59.837root 11241100x80000000000000003918710Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08a6d85ed047e55c2022-01-11 12:22:59.837root 11241100x80000000000000003918711Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0632fcda7486ffc22022-01-11 12:22:59.837root 11241100x80000000000000003918712Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ceb86a5708e0ea112022-01-11 12:22:59.837root 11241100x80000000000000003918713Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.abd01398c290656e2022-01-11 12:22:59.837root 11241100x80000000000000003918714Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0706ff6559e3ff9f2022-01-11 12:22:59.837root 11241100x80000000000000003918715Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de4033494ae5601e2022-01-11 12:22:59.837root 11241100x80000000000000003918716Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a9e9618baf1e9c42022-01-11 12:22:59.837root 11241100x80000000000000003918717Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e81dc26f63afa3e12022-01-11 12:22:59.837root 11241100x80000000000000003918718Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.30299c3cba2dc60f2022-01-11 12:22:59.837root 11241100x80000000000000003918719Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9efca5020f07fa52022-01-11 12:22:59.837root 11241100x80000000000000003918720Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38940aab3814fc042022-01-11 12:22:59.837root 11241100x80000000000000003918721Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:22:59.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9981512eafa83aba2022-01-11 12:22:59.837root 354300x80000000000000003918722Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.228{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56356-false10.0.1.12-8000- 11241100x80000000000000003918723Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.230{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f5dd074d26bf2a62022-01-11 12:23:00.230root 11241100x80000000000000003918724Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.231{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d5481fd7427548a2022-01-11 12:23:00.231root 11241100x80000000000000003918725Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.231{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04a2f2a16634d2e22022-01-11 12:23:00.231root 11241100x80000000000000003918726Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.231{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1998d095a8a284cb2022-01-11 12:23:00.231root 11241100x80000000000000003918727Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.231{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7bfa9545c74eee262022-01-11 12:23:00.231root 11241100x80000000000000003918728Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.231{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9819fa50a8486e0e2022-01-11 12:23:00.231root 11241100x80000000000000003918729Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.231{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74bdef61f3c665082022-01-11 12:23:00.231root 11241100x80000000000000003918730Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.231{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17c08dbd1fa8f84b2022-01-11 12:23:00.231root 11241100x80000000000000003918731Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.231{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f5a08c9f410bc362022-01-11 12:23:00.231root 11241100x80000000000000003918732Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.231{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.188c64fbe258a0f32022-01-11 12:23:00.231root 11241100x80000000000000003918733Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.232{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.934f52aa4249121e2022-01-11 12:23:00.232root 11241100x80000000000000003918734Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.232{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d4f46f0f419906a2022-01-11 12:23:00.232root 11241100x80000000000000003918735Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.232{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8c48f188ea9e27f2022-01-11 12:23:00.232root 11241100x80000000000000003918736Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.232{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5ccc0301a9f47572022-01-11 12:23:00.232root 11241100x80000000000000003918737Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.232{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f80fc7666a1542b2022-01-11 12:23:00.232root 11241100x80000000000000003918738Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.232{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0eb6e67d3128b4da2022-01-11 12:23:00.232root 11241100x80000000000000003918739Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.232{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0fb4c076b14916cb2022-01-11 12:23:00.232root 11241100x80000000000000003918740Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.233{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a539349a209057252022-01-11 12:23:00.233root 11241100x80000000000000003918741Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.233{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8daaa52c4d1e8bc32022-01-11 12:23:00.233root 11241100x80000000000000003918742Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.233{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81c0286382a0016d2022-01-11 12:23:00.233root 11241100x80000000000000003918743Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.233{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb748c9cf4b156a52022-01-11 12:23:00.233root 11241100x80000000000000003918744Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.233{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.011980824ae746512022-01-11 12:23:00.233root 11241100x80000000000000003918745Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.233{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25f99927028edbb62022-01-11 12:23:00.233root 11241100x80000000000000003918746Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.233{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.295aeb745cfa040c2022-01-11 12:23:00.233root 11241100x80000000000000003918747Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.234{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.58bde6a4c019792a2022-01-11 12:23:00.234root 11241100x80000000000000003918748Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.234{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.642c00a93c1b69182022-01-11 12:23:00.234root 11241100x80000000000000003918749Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.234{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe9e06feea1892b22022-01-11 12:23:00.234root 11241100x80000000000000003918750Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.234{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b5bc3a16894ecda2022-01-11 12:23:00.234root 11241100x80000000000000003918751Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.234{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.937c4f69b69fdbd42022-01-11 12:23:00.234root 11241100x80000000000000003918752Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.234{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d076e831415c74f2022-01-11 12:23:00.234root 11241100x80000000000000003918753Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.234{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1cd6564f1e890522022-01-11 12:23:00.234root 11241100x80000000000000003918754Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.234{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e52032d8a4f4d172022-01-11 12:23:00.234root 11241100x80000000000000003918755Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.234{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.620e8ff7cdb5cf272022-01-11 12:23:00.234root 11241100x80000000000000003918756Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.235{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bab87877afebd6542022-01-11 12:23:00.235root 11241100x80000000000000003918757Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.235{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c6c54eca42d43772022-01-11 12:23:00.235root 11241100x80000000000000003918758Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.235{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eaa1ef22fe00e91c2022-01-11 12:23:00.235root 11241100x80000000000000003918759Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.235{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b543c77e8e0282202022-01-11 12:23:00.235root 11241100x80000000000000003918760Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c060dc3891fcb2e2022-01-11 12:23:00.583root 11241100x80000000000000003918761Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4aafcfb8b5008f272022-01-11 12:23:00.583root 11241100x80000000000000003918762Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.381ecdda307f6a572022-01-11 12:23:00.583root 11241100x80000000000000003918763Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7936ba13664daf12022-01-11 12:23:00.583root 11241100x80000000000000003918764Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e582fe6eebc74c82022-01-11 12:23:00.584root 11241100x80000000000000003918765Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.334fdf6cfb89cdec2022-01-11 12:23:00.584root 11241100x80000000000000003918766Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e65d0e6d1ca00a642022-01-11 12:23:00.584root 11241100x80000000000000003918767Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6914fa6b36e92d172022-01-11 12:23:00.584root 11241100x80000000000000003918768Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9bdb965d380b4b342022-01-11 12:23:00.584root 11241100x80000000000000003918769Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d78f64374bb25c72022-01-11 12:23:00.584root 11241100x80000000000000003918770Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42a39665f2db50a72022-01-11 12:23:00.584root 11241100x80000000000000003918771Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb28f7258e3ef98c2022-01-11 12:23:00.584root 11241100x80000000000000003918772Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.608f6f5f3ebf3e792022-01-11 12:23:00.584root 11241100x80000000000000003918773Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d20d4bb6781c6f332022-01-11 12:23:00.585root 11241100x80000000000000003918774Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76fa3a07d0b751d32022-01-11 12:23:00.585root 11241100x80000000000000003918775Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b29ec71ba27def52022-01-11 12:23:00.585root 11241100x80000000000000003918776Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62c8c95351e88a602022-01-11 12:23:00.585root 11241100x80000000000000003918777Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7befd2cf3c4fcd6e2022-01-11 12:23:00.585root 11241100x80000000000000003918778Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.127c98d0baa1e1832022-01-11 12:23:00.585root 11241100x80000000000000003918779Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d22b8e12626b1ff2022-01-11 12:23:00.585root 11241100x80000000000000003918780Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d9807a403a208972022-01-11 12:23:00.585root 11241100x80000000000000003918781Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41c22c0dec6109662022-01-11 12:23:00.586root 11241100x80000000000000003918782Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a71217eb56f5cc882022-01-11 12:23:00.586root 11241100x80000000000000003918783Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e433737964bebeae2022-01-11 12:23:00.586root 11241100x80000000000000003918784Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da631feeab187e812022-01-11 12:23:00.586root 11241100x80000000000000003918785Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6e3b58d9f0ab6e72022-01-11 12:23:00.586root 11241100x80000000000000003918786Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55791533cc5174c62022-01-11 12:23:00.586root 11241100x80000000000000003918787Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bdec7c8e544aa67f2022-01-11 12:23:00.586root 11241100x80000000000000003918788Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a1dc9bef4bbf30d2022-01-11 12:23:00.586root 11241100x80000000000000003918789Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e89b910792bcfda2022-01-11 12:23:00.586root 11241100x80000000000000003918790Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e1849bb2818d7662022-01-11 12:23:00.586root 11241100x80000000000000003918791Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e7568a482f666a72022-01-11 12:23:00.587root 11241100x80000000000000003918792Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83ea33f4883daddb2022-01-11 12:23:00.587root 11241100x80000000000000003918793Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.14f2485a5e5bcad12022-01-11 12:23:00.587root 11241100x80000000000000003918794Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04808c8a6c5d60852022-01-11 12:23:00.587root 11241100x80000000000000003918795Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e78652d6d69408d2022-01-11 12:23:00.587root 11241100x80000000000000003918796Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.516285ebb244e4812022-01-11 12:23:00.587root 11241100x80000000000000003918797Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.edff8b0c2fdbfd392022-01-11 12:23:00.587root 11241100x80000000000000003918798Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bdd7132962982d3f2022-01-11 12:23:00.587root 11241100x80000000000000003918799Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.374d59eeb4fc8b0f2022-01-11 12:23:00.591root 11241100x80000000000000003918800Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.594{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.feaf8dac215b78772022-01-11 12:23:00.594root 11241100x80000000000000003918801Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.594{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10bc5d7f39fd7dc02022-01-11 12:23:00.594root 11241100x80000000000000003918802Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.594{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef2a0592121052be2022-01-11 12:23:00.594root 11241100x80000000000000003918803Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.594{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fea132f8208ab2832022-01-11 12:23:00.594root 11241100x80000000000000003918804Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.594{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5fa4f8b086dd5b122022-01-11 12:23:00.594root 11241100x80000000000000003918805Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.595{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.701a8377f89c50c22022-01-11 12:23:00.595root 11241100x80000000000000003918806Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.595{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4539501de6efc6bf2022-01-11 12:23:00.595root 11241100x80000000000000003918807Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.595{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.923c037a73432d152022-01-11 12:23:00.595root 11241100x80000000000000003918808Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.595{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.495b197c9db905ab2022-01-11 12:23:00.595root 11241100x80000000000000003918809Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.595{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ec87f24c05fb1d42022-01-11 12:23:00.595root 11241100x80000000000000003918810Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.596{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8be8f54181a188212022-01-11 12:23:00.596root 11241100x80000000000000003918811Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.596{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.017464703527011f2022-01-11 12:23:00.596root 11241100x80000000000000003918812Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.596{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ebcbab792f08dd872022-01-11 12:23:00.596root 11241100x80000000000000003918813Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.596{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69032900056a093d2022-01-11 12:23:00.596root 11241100x80000000000000003918814Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.596{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89703fd342c8d74a2022-01-11 12:23:00.596root 11241100x80000000000000003918815Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.596{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.584029926ff286632022-01-11 12:23:00.596root 11241100x80000000000000003918816Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.596{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9211932d95579d392022-01-11 12:23:00.596root 11241100x80000000000000003918817Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.596{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97b79d5ac9b1639b2022-01-11 12:23:00.596root 11241100x80000000000000003918818Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.596{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4894f1037becad662022-01-11 12:23:00.596root 11241100x80000000000000003918819Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.596{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.271dc5d68ab192252022-01-11 12:23:00.596root 11241100x80000000000000003918820Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.596{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38900555711ddc052022-01-11 12:23:00.596root 11241100x80000000000000003918821Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.596{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38c8c4dacd56048e2022-01-11 12:23:00.596root 11241100x80000000000000003918822Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:00.596{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb5fcddc67497b2e2022-01-11 12:23:00.596root 11241100x80000000000000003918823Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f73113df7ad931f92022-01-11 12:23:01.083root 11241100x80000000000000003918824Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8b0ae825176c8e22022-01-11 12:23:01.083root 11241100x80000000000000003918825Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6cea29c79e1337ee2022-01-11 12:23:01.083root 11241100x80000000000000003918826Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.75a6bfe13e9ac65f2022-01-11 12:23:01.083root 11241100x80000000000000003918827Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d910506cf309ed482022-01-11 12:23:01.084root 11241100x80000000000000003918828Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2ee4156892c03f92022-01-11 12:23:01.084root 11241100x80000000000000003918829Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.983c604ff01321c12022-01-11 12:23:01.084root 11241100x80000000000000003918830Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6fefd18757209642022-01-11 12:23:01.084root 11241100x80000000000000003918831Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8bfc1d309d94dc092022-01-11 12:23:01.084root 11241100x80000000000000003918832Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6dee36a17d6d6bb2022-01-11 12:23:01.084root 11241100x80000000000000003918833Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.941395332f28e9512022-01-11 12:23:01.084root 11241100x80000000000000003918834Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.679497ecaf2115672022-01-11 12:23:01.084root 11241100x80000000000000003918835Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.59aa22d38156283a2022-01-11 12:23:01.084root 11241100x80000000000000003918836Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2081576d2705cb5d2022-01-11 12:23:01.085root 11241100x80000000000000003918837Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ccfe74b2927a37702022-01-11 12:23:01.085root 11241100x80000000000000003918838Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8d0789a811dcfb52022-01-11 12:23:01.085root 11241100x80000000000000003918839Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.157e64e0f9313d812022-01-11 12:23:01.085root 11241100x80000000000000003918840Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c3a88390d24722872022-01-11 12:23:01.085root 11241100x80000000000000003918841Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e7b98b1061b06e72022-01-11 12:23:01.085root 11241100x80000000000000003918842Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ab30036c21708272022-01-11 12:23:01.085root 11241100x80000000000000003918843Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74cac48354b4b8aa2022-01-11 12:23:01.085root 11241100x80000000000000003918844Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c482669cad6d6a92022-01-11 12:23:01.085root 11241100x80000000000000003918845Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7105abdc61a771c2022-01-11 12:23:01.085root 11241100x80000000000000003918846Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.841e9a2c95ec2d3a2022-01-11 12:23:01.085root 11241100x80000000000000003918847Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e1d39497f8a67f52022-01-11 12:23:01.086root 11241100x80000000000000003918848Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51977b2f6f00ccdd2022-01-11 12:23:01.086root 11241100x80000000000000003918849Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d8a31c6ed6010aa2022-01-11 12:23:01.086root 11241100x80000000000000003918850Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7827fa891525e4b72022-01-11 12:23:01.086root 11241100x80000000000000003918851Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7aa3f299e019a192022-01-11 12:23:01.086root 11241100x80000000000000003918852Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b1ed61a42c504b22022-01-11 12:23:01.086root 11241100x80000000000000003918853Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.352647cdcbbcdac32022-01-11 12:23:01.086root 11241100x80000000000000003918854Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2aa0c66b9bfcf5d02022-01-11 12:23:01.087root 11241100x80000000000000003918855Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36110088525e13262022-01-11 12:23:01.087root 11241100x80000000000000003918856Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae1dece23edbaeae2022-01-11 12:23:01.087root 11241100x80000000000000003918857Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7187b59620f6c1232022-01-11 12:23:01.087root 11241100x80000000000000003918858Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fdf19c0747235072022-01-11 12:23:01.087root 11241100x80000000000000003918859Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5de3445280ed1bef2022-01-11 12:23:01.087root 11241100x80000000000000003918860Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2933459e4b7ab2c2022-01-11 12:23:01.087root 11241100x80000000000000003918861Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.860192617440a42a2022-01-11 12:23:01.087root 11241100x80000000000000003918862Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00e5ff8d0ce6b00e2022-01-11 12:23:01.087root 11241100x80000000000000003918863Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0db86e9c1ce3809f2022-01-11 12:23:01.088root 11241100x80000000000000003918864Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1d96435964b84892022-01-11 12:23:01.088root 11241100x80000000000000003918865Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c552a24b51027212022-01-11 12:23:01.088root 11241100x80000000000000003918866Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b76e5dede04353cb2022-01-11 12:23:01.088root 11241100x80000000000000003918867Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d9c0cf8d095c1bc52022-01-11 12:23:01.088root 11241100x80000000000000003918868Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c41f0811f7ffcc662022-01-11 12:23:01.088root 11241100x80000000000000003918869Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.99105738b3f151772022-01-11 12:23:01.088root 11241100x80000000000000003918870Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7582e220a7247e7d2022-01-11 12:23:01.088root 11241100x80000000000000003918871Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01c96859b1ce62b32022-01-11 12:23:01.088root 11241100x80000000000000003918872Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f95772fe2ddeab552022-01-11 12:23:01.088root 11241100x80000000000000003918873Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46b5106c14fa285f2022-01-11 12:23:01.088root 11241100x80000000000000003918874Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bbe66740505732972022-01-11 12:23:01.088root 11241100x80000000000000003918875Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d52a85d1876dae02022-01-11 12:23:01.088root 11241100x80000000000000003918876Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3191a26141a0d582022-01-11 12:23:01.089root 11241100x80000000000000003918877Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd3aae9f0c5729132022-01-11 12:23:01.089root 11241100x80000000000000003918878Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a16373f11569857e2022-01-11 12:23:01.089root 11241100x80000000000000003918879Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69d4fdf78c6e35a12022-01-11 12:23:01.089root 11241100x80000000000000003918880Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.923fe63cac5ede6b2022-01-11 12:23:01.089root 11241100x80000000000000003918881Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b5c1a66bd3ee9702022-01-11 12:23:01.089root 11241100x80000000000000003918882Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ae6030203a85f9b2022-01-11 12:23:01.089root 11241100x80000000000000003918883Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fdcce05dec4d5bfd2022-01-11 12:23:01.089root 11241100x80000000000000003918884Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e2390e2623780a82022-01-11 12:23:01.089root 11241100x80000000000000003918885Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.058a16e2d55f4ae62022-01-11 12:23:01.583root 11241100x80000000000000003918886Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a4afa14306a0cc32022-01-11 12:23:01.583root 11241100x80000000000000003918887Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c4bb6ea88bd86b132022-01-11 12:23:01.583root 11241100x80000000000000003918888Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.78e4fe9f4ce9845c2022-01-11 12:23:01.583root 11241100x80000000000000003918889Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b07d68bc637106f2022-01-11 12:23:01.583root 11241100x80000000000000003918890Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.312ff0d6c79b46992022-01-11 12:23:01.583root 11241100x80000000000000003918891Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e897ded2d1626ed82022-01-11 12:23:01.584root 11241100x80000000000000003918892Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fedf9a580b5e08f72022-01-11 12:23:01.584root 11241100x80000000000000003918893Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ed5faadad9f1c462022-01-11 12:23:01.584root 11241100x80000000000000003918894Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c03c0f15bce58352022-01-11 12:23:01.584root 11241100x80000000000000003918895Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.85d7454bea64999c2022-01-11 12:23:01.584root 11241100x80000000000000003918896Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc226fc3f39911532022-01-11 12:23:01.584root 11241100x80000000000000003918897Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.833c759e4a3900d92022-01-11 12:23:01.584root 11241100x80000000000000003918898Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01bc55f02f81ac172022-01-11 12:23:01.584root 11241100x80000000000000003918899Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a710565a80388fde2022-01-11 12:23:01.584root 11241100x80000000000000003918900Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f6de862a8d491f32022-01-11 12:23:01.584root 11241100x80000000000000003918901Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa9485aca8d3c2ef2022-01-11 12:23:01.584root 11241100x80000000000000003918902Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dbd052d626f616ec2022-01-11 12:23:01.584root 11241100x80000000000000003918903Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3723d278ed18088a2022-01-11 12:23:01.584root 11241100x80000000000000003918904Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5794bf69d26365132022-01-11 12:23:01.584root 11241100x80000000000000003918905Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b5491b6a1c733b92022-01-11 12:23:01.584root 11241100x80000000000000003918906Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.71c0b13a1e497ae72022-01-11 12:23:01.584root 11241100x80000000000000003918907Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.78312d10997abd5a2022-01-11 12:23:01.585root 11241100x80000000000000003918908Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d12db3e5c65d0c92022-01-11 12:23:01.585root 11241100x80000000000000003918909Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.771412205ddbd2502022-01-11 12:23:01.585root 11241100x80000000000000003918910Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9d3fee7a3befee82022-01-11 12:23:01.585root 11241100x80000000000000003918911Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f70580d1fcfeaab22022-01-11 12:23:01.585root 11241100x80000000000000003918912Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d98b81e59eba3592022-01-11 12:23:01.585root 11241100x80000000000000003918913Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0c9c0e0c10ce0202022-01-11 12:23:01.585root 11241100x80000000000000003918914Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.27a48d66ebc9b8ba2022-01-11 12:23:01.585root 11241100x80000000000000003918915Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2db99985963731582022-01-11 12:23:01.585root 11241100x80000000000000003918916Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.92b4259f53e3aa172022-01-11 12:23:01.585root 11241100x80000000000000003918917Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f794f5e5da24a6ac2022-01-11 12:23:01.585root 11241100x80000000000000003918918Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7e12b1023ca4516d2022-01-11 12:23:01.585root 11241100x80000000000000003918919Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f9332c345853e7bd2022-01-11 12:23:01.585root 11241100x80000000000000003918920Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b7e3fe057483c9e2022-01-11 12:23:01.585root 11241100x80000000000000003918921Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2791b6049ed9d2b42022-01-11 12:23:01.586root 11241100x80000000000000003918922Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dba1b50909f4932f2022-01-11 12:23:01.586root 11241100x80000000000000003918923Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57ae09b4806b4a632022-01-11 12:23:01.586root 11241100x80000000000000003918924Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d125fe99cdff30002022-01-11 12:23:01.586root 11241100x80000000000000003918925Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.524fcb3c3dc576142022-01-11 12:23:01.586root 11241100x80000000000000003918926Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7f85bd1d11059d62022-01-11 12:23:01.586root 11241100x80000000000000003918927Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8131b5f935cb60172022-01-11 12:23:01.586root 11241100x80000000000000003918928Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.882ecdb4427ee6b62022-01-11 12:23:01.586root 11241100x80000000000000003918929Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe88961679af41532022-01-11 12:23:01.586root 11241100x80000000000000003918930Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2cf5c61db6ba7b372022-01-11 12:23:01.586root 11241100x80000000000000003918931Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c10302788f35db82022-01-11 12:23:01.586root 11241100x80000000000000003918932Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82fec99472e4addb2022-01-11 12:23:01.586root 11241100x80000000000000003918933Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:01.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.70f2c268b7fe9a822022-01-11 12:23:01.586root 11241100x80000000000000003918934Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b84ca64e9fd48c82022-01-11 12:23:02.084root 11241100x80000000000000003918935Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4df842b904b525dd2022-01-11 12:23:02.084root 11241100x80000000000000003918936Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e09f3bdb1767168b2022-01-11 12:23:02.084root 11241100x80000000000000003918937Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e55f5ff2a5ee14db2022-01-11 12:23:02.084root 11241100x80000000000000003918938Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ead0657ebe640832022-01-11 12:23:02.084root 11241100x80000000000000003918939Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a24417c85f6b38342022-01-11 12:23:02.084root 11241100x80000000000000003918940Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.877e1fb3397438142022-01-11 12:23:02.084root 11241100x80000000000000003918941Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d3a314f6eb58ba32022-01-11 12:23:02.085root 11241100x80000000000000003918942Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.360159f43c254b3d2022-01-11 12:23:02.085root 11241100x80000000000000003918943Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36ea205146cd8a7a2022-01-11 12:23:02.085root 11241100x80000000000000003918944Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ad6309290a4b5b82022-01-11 12:23:02.085root 11241100x80000000000000003918945Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89569be7bd3016a92022-01-11 12:23:02.085root 11241100x80000000000000003918946Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd450bcdf480122d2022-01-11 12:23:02.085root 11241100x80000000000000003918947Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d990f60a72b703992022-01-11 12:23:02.085root 11241100x80000000000000003918948Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf11a8d92a6b939d2022-01-11 12:23:02.085root 11241100x80000000000000003918949Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5188f229910786d2022-01-11 12:23:02.085root 11241100x80000000000000003918950Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.886ee3e2484b0f382022-01-11 12:23:02.085root 11241100x80000000000000003918951Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d8c5cd467b6493c2022-01-11 12:23:02.085root 11241100x80000000000000003918952Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ffddff6fc3b1e2752022-01-11 12:23:02.085root 11241100x80000000000000003918953Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1164b68be83bd2e2022-01-11 12:23:02.085root 11241100x80000000000000003918954Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eaf5f0a8e62a0ed32022-01-11 12:23:02.085root 11241100x80000000000000003918955Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd080024472294012022-01-11 12:23:02.086root 11241100x80000000000000003918956Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4bc0f08f380154ce2022-01-11 12:23:02.086root 11241100x80000000000000003918957Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c26f3d9d2156ce112022-01-11 12:23:02.086root 11241100x80000000000000003918958Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49a240ba883a9d622022-01-11 12:23:02.086root 11241100x80000000000000003918959Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7252ca944c2f41692022-01-11 12:23:02.086root 11241100x80000000000000003918960Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c48db86becaa3ef82022-01-11 12:23:02.086root 11241100x80000000000000003918961Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e7a131685a8266b2022-01-11 12:23:02.086root 11241100x80000000000000003918962Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.58c590a12e2054f42022-01-11 12:23:02.086root 11241100x80000000000000003918963Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7fe80980b1f17a62022-01-11 12:23:02.086root 11241100x80000000000000003918964Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc8b310900d4de382022-01-11 12:23:02.086root 11241100x80000000000000003918965Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3c4fb5059ff43e82022-01-11 12:23:02.086root 11241100x80000000000000003918966Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5161898df131ec12022-01-11 12:23:02.086root 11241100x80000000000000003918967Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.306e5203560059702022-01-11 12:23:02.086root 11241100x80000000000000003918968Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b889308a4709f892022-01-11 12:23:02.086root 11241100x80000000000000003918969Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.680692bb9f709be62022-01-11 12:23:02.086root 11241100x80000000000000003918970Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ed2748c94cd59702022-01-11 12:23:02.086root 11241100x80000000000000003918971Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63f3623c16bf4c552022-01-11 12:23:02.087root 11241100x80000000000000003918972Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbb80c543a03555a2022-01-11 12:23:02.583root 11241100x80000000000000003918973Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b5b8d6eb90ecf2492022-01-11 12:23:02.584root 11241100x80000000000000003918974Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef9f08f1c813ecdd2022-01-11 12:23:02.584root 11241100x80000000000000003918975Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.902c26e7350f7f812022-01-11 12:23:02.584root 11241100x80000000000000003918976Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65ff63445bd1dd742022-01-11 12:23:02.584root 11241100x80000000000000003918977Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20431af164bfc77b2022-01-11 12:23:02.584root 11241100x80000000000000003918978Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2aacb339e36f86db2022-01-11 12:23:02.584root 11241100x80000000000000003918979Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e02500352c2e97002022-01-11 12:23:02.584root 11241100x80000000000000003918980Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.439b595a4258ee922022-01-11 12:23:02.585root 11241100x80000000000000003918981Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0bdc7b6d6092a8972022-01-11 12:23:02.585root 11241100x80000000000000003918982Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8ea72979effa39b2022-01-11 12:23:02.585root 11241100x80000000000000003918983Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.28ebe1a9aef59da02022-01-11 12:23:02.585root 11241100x80000000000000003918984Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89b0f295a8d13d022022-01-11 12:23:02.585root 11241100x80000000000000003918985Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c03e377b2df18632022-01-11 12:23:02.585root 11241100x80000000000000003918986Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b463a98ee468c6022022-01-11 12:23:02.585root 11241100x80000000000000003918987Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.85b82f14c74963af2022-01-11 12:23:02.585root 11241100x80000000000000003918988Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6dcf8c058a2bd9e62022-01-11 12:23:02.585root 11241100x80000000000000003918989Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16d11a54bc6034af2022-01-11 12:23:02.585root 11241100x80000000000000003918990Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80a4c78d72595a212022-01-11 12:23:02.585root 11241100x80000000000000003918991Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68f835846120c6cf2022-01-11 12:23:02.585root 11241100x80000000000000003918992Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7030146d9911da032022-01-11 12:23:02.585root 11241100x80000000000000003918993Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.98edde2eb08cd1cb2022-01-11 12:23:02.586root 11241100x80000000000000003918994Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.729cd566fe10ec042022-01-11 12:23:02.586root 11241100x80000000000000003918995Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39b580a7eeba54102022-01-11 12:23:02.586root 11241100x80000000000000003918996Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79f5820ae56f34512022-01-11 12:23:02.586root 11241100x80000000000000003918997Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f4152ee585a973412022-01-11 12:23:02.586root 11241100x80000000000000003918998Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.753fed292113566c2022-01-11 12:23:02.586root 11241100x80000000000000003918999Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9db5af61f2b1ffa42022-01-11 12:23:02.586root 11241100x80000000000000003919000Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f9a435e2245a454d2022-01-11 12:23:02.586root 11241100x80000000000000003919001Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.24179d9bcec273e72022-01-11 12:23:02.586root 11241100x80000000000000003919002Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1227337b5b4a151c2022-01-11 12:23:02.586root 11241100x80000000000000003919003Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c4b59476e8f513c2022-01-11 12:23:02.586root 11241100x80000000000000003919004Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ddbd10eabb1cfcb62022-01-11 12:23:02.587root 11241100x80000000000000003919005Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.765a97c8e3295e9c2022-01-11 12:23:02.587root 11241100x80000000000000003919006Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0333728530045ddf2022-01-11 12:23:02.587root 11241100x80000000000000003919007Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d3e5c785e7e240f2022-01-11 12:23:02.587root 11241100x80000000000000003919008Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08a4101850b99bb02022-01-11 12:23:02.587root 11241100x80000000000000003919009Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73d6731040ae71d92022-01-11 12:23:02.587root 11241100x80000000000000003919010Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a651c0f3beb3b20d2022-01-11 12:23:02.587root 11241100x80000000000000003919011Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9286a9771a2736282022-01-11 12:23:02.587root 11241100x80000000000000003919012Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:02.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.338a9c4a92890ab32022-01-11 12:23:02.587root 11241100x80000000000000003919013Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ba669e3d1951506c2022-01-11 12:23:03.084root 11241100x80000000000000003919014Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.996c224770f21cc42022-01-11 12:23:03.084root 11241100x80000000000000003919015Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51684eb55b93028c2022-01-11 12:23:03.084root 11241100x80000000000000003919016Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04912966f40d8b8e2022-01-11 12:23:03.084root 11241100x80000000000000003919017Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65d96b07539dfb0d2022-01-11 12:23:03.084root 11241100x80000000000000003919018Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b91701799e672b82022-01-11 12:23:03.084root 11241100x80000000000000003919019Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d5832ea758aeb612022-01-11 12:23:03.085root 11241100x80000000000000003919020Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c028288d1ebb7cf2022-01-11 12:23:03.085root 11241100x80000000000000003919021Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4d4f677d716c0972022-01-11 12:23:03.085root 11241100x80000000000000003919022Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a0977081bf9224d2022-01-11 12:23:03.085root 11241100x80000000000000003919023Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.065dac936a7854492022-01-11 12:23:03.085root 11241100x80000000000000003919024Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7e69fc83a2413a62022-01-11 12:23:03.085root 11241100x80000000000000003919025Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.60277a9dff87cdb72022-01-11 12:23:03.085root 11241100x80000000000000003919026Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93c016141686e5472022-01-11 12:23:03.085root 11241100x80000000000000003919027Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a615e33a699fbf02022-01-11 12:23:03.085root 11241100x80000000000000003919028Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a91460fb70bc14a2022-01-11 12:23:03.085root 11241100x80000000000000003919029Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9e9727d01d0470d2022-01-11 12:23:03.085root 11241100x80000000000000003919030Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34a70843a3b8589d2022-01-11 12:23:03.085root 11241100x80000000000000003919031Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d6f9ff8305ebb102022-01-11 12:23:03.085root 11241100x80000000000000003919032Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9bef51ef59c041712022-01-11 12:23:03.086root 11241100x80000000000000003919033Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a29e85715e3cb4a2022-01-11 12:23:03.086root 11241100x80000000000000003919034Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be96240555fc1dff2022-01-11 12:23:03.086root 11241100x80000000000000003919035Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74a7267bb2368dc62022-01-11 12:23:03.086root 11241100x80000000000000003919036Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3992da13adfb23a2022-01-11 12:23:03.086root 11241100x80000000000000003919037Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d874e148fb09e8172022-01-11 12:23:03.086root 11241100x80000000000000003919038Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.165c34733f9e4b892022-01-11 12:23:03.086root 11241100x80000000000000003919039Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.562f85e45aec323c2022-01-11 12:23:03.086root 11241100x80000000000000003919040Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9730e433bd55c3c82022-01-11 12:23:03.087root 11241100x80000000000000003919041Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be16fc48516a0d7b2022-01-11 12:23:03.087root 11241100x80000000000000003919042Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c1e71232cb242ff2022-01-11 12:23:03.087root 11241100x80000000000000003919043Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1f672e7d5633cf52022-01-11 12:23:03.087root 11241100x80000000000000003919044Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.feff9eb569e2ccac2022-01-11 12:23:03.087root 11241100x80000000000000003919045Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a394f5ac8966b19c2022-01-11 12:23:03.088root 11241100x80000000000000003919046Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1eb53ea38bb193922022-01-11 12:23:03.088root 11241100x80000000000000003919047Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56940ef3fe682dd72022-01-11 12:23:03.088root 11241100x80000000000000003919048Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01f4ba7fee970c4f2022-01-11 12:23:03.088root 11241100x80000000000000003919049Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19a23f8111bbcb682022-01-11 12:23:03.088root 11241100x80000000000000003919050Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ecef15c0944dfc62022-01-11 12:23:03.088root 11241100x80000000000000003919051Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.906e78ba3537e8522022-01-11 12:23:03.090root 11241100x80000000000000003919052Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2eec5f89fad933132022-01-11 12:23:03.090root 11241100x80000000000000003919053Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.311d2b33fba0e3cc2022-01-11 12:23:03.583root 11241100x80000000000000003919054Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2998c0dc5eccdbd02022-01-11 12:23:03.584root 11241100x80000000000000003919055Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32b4c78c78d0e1a12022-01-11 12:23:03.584root 11241100x80000000000000003919056Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8fd3c7f8e29e4c272022-01-11 12:23:03.584root 11241100x80000000000000003919057Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5704e6c3d01b9e32022-01-11 12:23:03.584root 11241100x80000000000000003919058Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81dd1ce6b92256c92022-01-11 12:23:03.584root 11241100x80000000000000003919059Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df9940a4137b780a2022-01-11 12:23:03.584root 11241100x80000000000000003919060Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c7919695cc5ba122022-01-11 12:23:03.584root 11241100x80000000000000003919061Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7459b0ca8c599ad72022-01-11 12:23:03.584root 11241100x80000000000000003919062Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.925c72920d53ad532022-01-11 12:23:03.584root 11241100x80000000000000003919063Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d44389f07eb59642022-01-11 12:23:03.585root 11241100x80000000000000003919064Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4530e337d6aed712022-01-11 12:23:03.585root 11241100x80000000000000003919065Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a966db53b80071e2022-01-11 12:23:03.585root 11241100x80000000000000003919066Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d0896536fefd2dda2022-01-11 12:23:03.585root 11241100x80000000000000003919067Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6781b577c30aba32022-01-11 12:23:03.585root 11241100x80000000000000003919068Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2478d9cd17a8e2da2022-01-11 12:23:03.585root 11241100x80000000000000003919069Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d53c2a779b841d62022-01-11 12:23:03.585root 11241100x80000000000000003919070Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.331a0d0a826b28c52022-01-11 12:23:03.585root 11241100x80000000000000003919071Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0641efc1732faf92022-01-11 12:23:03.585root 11241100x80000000000000003919072Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb1334a9e7227d832022-01-11 12:23:03.586root 11241100x80000000000000003919073Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11331d0bc1dbd2562022-01-11 12:23:03.586root 11241100x80000000000000003919074Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d0fc10616ebb8a32022-01-11 12:23:03.586root 11241100x80000000000000003919075Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4d8daf2e828acb3f2022-01-11 12:23:03.586root 11241100x80000000000000003919076Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d174ed4d79ca2702022-01-11 12:23:03.586root 11241100x80000000000000003919077Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5bde244131f9b88b2022-01-11 12:23:03.586root 11241100x80000000000000003919078Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73221ed7ea8d9d242022-01-11 12:23:03.587root 11241100x80000000000000003919079Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b991143282316ef2022-01-11 12:23:03.587root 11241100x80000000000000003919080Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c7c7ced42dee9242022-01-11 12:23:03.587root 11241100x80000000000000003919081Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.943267b9e3f939872022-01-11 12:23:03.588root 11241100x80000000000000003919082Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8c9c6b1b323f9f72022-01-11 12:23:03.588root 11241100x80000000000000003919083Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.769c96954b5823f02022-01-11 12:23:03.588root 11241100x80000000000000003919084Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d31a102dbd26c8152022-01-11 12:23:03.588root 11241100x80000000000000003919085Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69b5d55914325e562022-01-11 12:23:03.589root 11241100x80000000000000003919086Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.567dc1c78ce4ef0a2022-01-11 12:23:03.589root 11241100x80000000000000003919087Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15e91cbe474262d92022-01-11 12:23:03.589root 11241100x80000000000000003919088Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ecbc257ae151e4432022-01-11 12:23:03.589root 11241100x80000000000000003919089Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96b481b90c27e8462022-01-11 12:23:03.589root 11241100x80000000000000003919090Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.368a1679a9da9c592022-01-11 12:23:03.589root 11241100x80000000000000003919091Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.430a3853373bc36c2022-01-11 12:23:03.589root 11241100x80000000000000003919092Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0b46a140945ed0c2022-01-11 12:23:03.589root 11241100x80000000000000003919093Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d61a16f0ad6ce31b2022-01-11 12:23:03.589root 11241100x80000000000000003919094Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eef14df00b81393e2022-01-11 12:23:03.590root 11241100x80000000000000003919095Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfb7335b1ba847472022-01-11 12:23:03.590root 11241100x80000000000000003919096Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c6978f30c7215382022-01-11 12:23:03.590root 11241100x80000000000000003919097Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ccf9d9989d65beca2022-01-11 12:23:03.590root 11241100x80000000000000003919098Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:03.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c7d491c6cec9a1b2022-01-11 12:23:03.591root 11241100x80000000000000003919099Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6bdc5a9aa84907c42022-01-11 12:23:04.084root 11241100x80000000000000003919100Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ac715d1aac213df2022-01-11 12:23:04.084root 11241100x80000000000000003919101Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88e853937f109e182022-01-11 12:23:04.084root 11241100x80000000000000003919102Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1160a8dceb65fd42022-01-11 12:23:04.084root 11241100x80000000000000003919103Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae5996091fdce15b2022-01-11 12:23:04.084root 11241100x80000000000000003919104Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0eb3011292eeed5d2022-01-11 12:23:04.084root 11241100x80000000000000003919105Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f43a8b18a4c36c6e2022-01-11 12:23:04.084root 11241100x80000000000000003919106Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.498d256a605b0a372022-01-11 12:23:04.084root 11241100x80000000000000003919107Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f13e665c2a8840d2022-01-11 12:23:04.084root 11241100x80000000000000003919108Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e53f8294e36bc9b72022-01-11 12:23:04.084root 11241100x80000000000000003919109Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00d082e3c277189e2022-01-11 12:23:04.084root 11241100x80000000000000003919110Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef6e455c5f8487142022-01-11 12:23:04.084root 11241100x80000000000000003919111Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0fddb60a3637ea792022-01-11 12:23:04.085root 11241100x80000000000000003919112Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac82c1c47deac9292022-01-11 12:23:04.085root 11241100x80000000000000003919113Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49082384c783218e2022-01-11 12:23:04.085root 11241100x80000000000000003919114Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c49f06e902466552022-01-11 12:23:04.085root 11241100x80000000000000003919115Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ac5898c8729e40e2022-01-11 12:23:04.085root 11241100x80000000000000003919116Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d2ceb72a97e58892022-01-11 12:23:04.085root 11241100x80000000000000003919117Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0165dc7873dafec82022-01-11 12:23:04.085root 11241100x80000000000000003919118Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09d24a64f168020d2022-01-11 12:23:04.085root 11241100x80000000000000003919119Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.13acaad71da214232022-01-11 12:23:04.085root 11241100x80000000000000003919120Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.965a04f3db0b377c2022-01-11 12:23:04.085root 11241100x80000000000000003919121Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.444a2af2e06bebb22022-01-11 12:23:04.085root 11241100x80000000000000003919122Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46a1738b6e890c732022-01-11 12:23:04.085root 11241100x80000000000000003919123Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3f7bdce66060b162022-01-11 12:23:04.086root 11241100x80000000000000003919124Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7335a379e1c04bed2022-01-11 12:23:04.086root 11241100x80000000000000003919125Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d4ffd8d149de4df2022-01-11 12:23:04.086root 11241100x80000000000000003919126Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18f20c53dfc04b852022-01-11 12:23:04.086root 11241100x80000000000000003919127Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a5f7d46728213c82022-01-11 12:23:04.087root 11241100x80000000000000003919128Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2324b2b708c2eca2022-01-11 12:23:04.087root 11241100x80000000000000003919129Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d77e9d85c0d068a2022-01-11 12:23:04.087root 11241100x80000000000000003919130Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.856e36473e3c50b72022-01-11 12:23:04.087root 11241100x80000000000000003919131Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4782ceccc1cedca42022-01-11 12:23:04.088root 11241100x80000000000000003919132Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12b123980ed06fad2022-01-11 12:23:04.088root 11241100x80000000000000003919133Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.71e6342b7d98c3e12022-01-11 12:23:04.088root 11241100x80000000000000003919134Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c44afdfc204250e32022-01-11 12:23:04.088root 11241100x80000000000000003919135Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4048231057cd30132022-01-11 12:23:04.088root 11241100x80000000000000003919136Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb40925d117a2b782022-01-11 12:23:04.089root 11241100x80000000000000003919137Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ceb25a3b0f5f1372022-01-11 12:23:04.089root 11241100x80000000000000003919138Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41a34f7e92833b772022-01-11 12:23:04.089root 11241100x80000000000000003919139Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f3e8f4885731c732022-01-11 12:23:04.090root 11241100x80000000000000003919140Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e71d72e3fbc7216a2022-01-11 12:23:04.090root 11241100x80000000000000003919141Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.58f9f57db454d6352022-01-11 12:23:04.090root 11241100x80000000000000003919142Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4efed5774b90c11f2022-01-11 12:23:04.090root 11241100x80000000000000003919143Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62e0a66f223118452022-01-11 12:23:04.090root 11241100x80000000000000003919144Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.71fd2b471a34c7a22022-01-11 12:23:04.090root 11241100x80000000000000003919145Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5a85126286dcf2b2022-01-11 12:23:04.091root 11241100x80000000000000003919146Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a87a800f0119c76f2022-01-11 12:23:04.091root 11241100x80000000000000003919147Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c03dd0773dd359e2022-01-11 12:23:04.091root 11241100x80000000000000003919148Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.093{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f1149644f2e7c8f2022-01-11 12:23:04.093root 11241100x80000000000000003919149Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.093{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c094253bb76205c32022-01-11 12:23:04.093root 11241100x80000000000000003919150Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.093{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e96545843e4126112022-01-11 12:23:04.093root 11241100x80000000000000003919151Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.093{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7be042f7ebe1012e2022-01-11 12:23:04.093root 11241100x80000000000000003919152Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.093{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9de42260a5ec9b972022-01-11 12:23:04.093root 11241100x80000000000000003919153Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.093{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.31cd516279f7d3042022-01-11 12:23:04.093root 11241100x80000000000000003919154Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.094{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f7d648cb6b7bc0412022-01-11 12:23:04.094root 11241100x80000000000000003919155Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.094{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd1bed97411bd5172022-01-11 12:23:04.094root 11241100x80000000000000003919156Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.094{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.677b8a7686cb93052022-01-11 12:23:04.094root 11241100x80000000000000003919157Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.094{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a65df8405fd88352022-01-11 12:23:04.094root 11241100x80000000000000003919158Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd6d04e65bbf3dc72022-01-11 12:23:04.584root 11241100x80000000000000003919159Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6abc0de1d1c58bb22022-01-11 12:23:04.584root 11241100x80000000000000003919160Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff991f4187c7dfad2022-01-11 12:23:04.584root 11241100x80000000000000003919161Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d0a5daa3ce9f5d22022-01-11 12:23:04.584root 11241100x80000000000000003919162Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e02b774272f0f4bd2022-01-11 12:23:04.584root 11241100x80000000000000003919163Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1abac17cb420d0c22022-01-11 12:23:04.584root 11241100x80000000000000003919164Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee378262d644d4032022-01-11 12:23:04.584root 11241100x80000000000000003919165Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2dca86ae327b28a62022-01-11 12:23:04.584root 11241100x80000000000000003919166Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.015ee7df0a58b8b02022-01-11 12:23:04.584root 11241100x80000000000000003919167Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa21e73d1a015dad2022-01-11 12:23:04.585root 11241100x80000000000000003919168Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ecefab30567318f32022-01-11 12:23:04.585root 11241100x80000000000000003919169Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.021dc3f59d41128a2022-01-11 12:23:04.585root 11241100x80000000000000003919170Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5978f64f5ab9ab912022-01-11 12:23:04.585root 11241100x80000000000000003919171Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5931d8eea94e61552022-01-11 12:23:04.585root 11241100x80000000000000003919172Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d98e084bb8c0e152022-01-11 12:23:04.585root 11241100x80000000000000003919173Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e5db3c81f3e6af52022-01-11 12:23:04.585root 11241100x80000000000000003919174Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc3f8abfe26b8a532022-01-11 12:23:04.585root 11241100x80000000000000003919175Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06fed26dd83c0d082022-01-11 12:23:04.585root 11241100x80000000000000003919176Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2784f2d098d46b8f2022-01-11 12:23:04.585root 11241100x80000000000000003919177Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc28881b22b9e16b2022-01-11 12:23:04.586root 11241100x80000000000000003919178Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bdb7fb7b87e27a202022-01-11 12:23:04.586root 11241100x80000000000000003919179Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22c999a9475ee5062022-01-11 12:23:04.586root 11241100x80000000000000003919180Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.247edd14abe684152022-01-11 12:23:04.586root 11241100x80000000000000003919181Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac88774cdbfba1f82022-01-11 12:23:04.586root 11241100x80000000000000003919182Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f00e9849f76eaa522022-01-11 12:23:04.586root 11241100x80000000000000003919183Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f83b4da3cac9970f2022-01-11 12:23:04.586root 11241100x80000000000000003919184Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a2e68bf8e0134752022-01-11 12:23:04.586root 11241100x80000000000000003919185Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.784cad60f6504ab52022-01-11 12:23:04.586root 11241100x80000000000000003919186Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4fdebea91bf083762022-01-11 12:23:04.586root 11241100x80000000000000003919187Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8c3c009414befe52022-01-11 12:23:04.586root 11241100x80000000000000003919188Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e6e5534f23401432022-01-11 12:23:04.587root 11241100x80000000000000003919189Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a197aca9defa8e202022-01-11 12:23:04.587root 11241100x80000000000000003919190Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b20e381c666606d42022-01-11 12:23:04.587root 11241100x80000000000000003919191Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e217123063027602022-01-11 12:23:04.587root 11241100x80000000000000003919192Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d67890d8b954eb532022-01-11 12:23:04.588root 11241100x80000000000000003919193Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d5e113df494d2c32022-01-11 12:23:04.588root 11241100x80000000000000003919194Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.927e987087ebbb652022-01-11 12:23:04.588root 11241100x80000000000000003919195Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21f5fb6fe8026a6b2022-01-11 12:23:04.588root 11241100x80000000000000003919196Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a0550cda7f938ba2022-01-11 12:23:04.588root 11241100x80000000000000003919197Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:04.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6cf180c5422a47e2022-01-11 12:23:04.588root 11241100x80000000000000003919198Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b483395cbc4bb4992022-01-11 12:23:05.084root 11241100x80000000000000003919199Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.346b86bbb9380c212022-01-11 12:23:05.084root 11241100x80000000000000003919200Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d5fa8499f7a295c2022-01-11 12:23:05.084root 11241100x80000000000000003919201Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd91692a5605aea72022-01-11 12:23:05.084root 11241100x80000000000000003919202Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.58c5d332417e07342022-01-11 12:23:05.084root 11241100x80000000000000003919203Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d0a00ca3834d8092022-01-11 12:23:05.084root 11241100x80000000000000003919204Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c47d379f5e200d3b2022-01-11 12:23:05.084root 11241100x80000000000000003919205Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66417a4fd07718c12022-01-11 12:23:05.084root 11241100x80000000000000003919206Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5556d7086a23f2352022-01-11 12:23:05.084root 11241100x80000000000000003919207Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4f6f62331c63c922022-01-11 12:23:05.085root 11241100x80000000000000003919208Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2ecd2147d7e74392022-01-11 12:23:05.085root 11241100x80000000000000003919209Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.98d166e087af1e972022-01-11 12:23:05.085root 11241100x80000000000000003919210Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dcb307330d05d9bb2022-01-11 12:23:05.085root 11241100x80000000000000003919211Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2ce30d3d53b58412022-01-11 12:23:05.085root 11241100x80000000000000003919212Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d8607644fb2ffd62022-01-11 12:23:05.085root 11241100x80000000000000003919213Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05b86709eccc63ff2022-01-11 12:23:05.085root 11241100x80000000000000003919214Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0f4dceef50bbad72022-01-11 12:23:05.085root 11241100x80000000000000003919215Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.59313f09ffe62e2f2022-01-11 12:23:05.085root 11241100x80000000000000003919216Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d1980c6045c6aa92022-01-11 12:23:05.085root 11241100x80000000000000003919217Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e3e4018dfdae4fb2022-01-11 12:23:05.085root 11241100x80000000000000003919218Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0bec632a48a598292022-01-11 12:23:05.085root 11241100x80000000000000003919219Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.94378cda0ebc16532022-01-11 12:23:05.085root 11241100x80000000000000003919220Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.64ee8540911ef7932022-01-11 12:23:05.086root 11241100x80000000000000003919221Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ac512b85adffba32022-01-11 12:23:05.086root 11241100x80000000000000003919222Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4428439783b92142022-01-11 12:23:05.086root 11241100x80000000000000003919223Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.afb05618722e9ea42022-01-11 12:23:05.086root 11241100x80000000000000003919224Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d5d0c86467a682e2022-01-11 12:23:05.086root 11241100x80000000000000003919225Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3db7c40dd8b2a9af2022-01-11 12:23:05.086root 11241100x80000000000000003919226Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be37a497149bf2e12022-01-11 12:23:05.086root 11241100x80000000000000003919227Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8e349789455a9e32022-01-11 12:23:05.086root 11241100x80000000000000003919228Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e08c334e2726f072022-01-11 12:23:05.086root 11241100x80000000000000003919229Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e83b554bd4091efc2022-01-11 12:23:05.086root 11241100x80000000000000003919230Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3c856cb97f36a3e2022-01-11 12:23:05.086root 11241100x80000000000000003919231Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aac3be80a49641af2022-01-11 12:23:05.086root 11241100x80000000000000003919232Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d27aee7e1ba1383f2022-01-11 12:23:05.086root 11241100x80000000000000003919233Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82d95f5b9b7b679a2022-01-11 12:23:05.086root 11241100x80000000000000003919234Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2cff366dce0cd3ab2022-01-11 12:23:05.087root 11241100x80000000000000003919235Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c7d593c372f3e042022-01-11 12:23:05.584root 11241100x80000000000000003919236Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e41bbc1f947c30d2022-01-11 12:23:05.584root 11241100x80000000000000003919237Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.246e582712e1495f2022-01-11 12:23:05.584root 11241100x80000000000000003919238Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01a964feb41b39992022-01-11 12:23:05.584root 11241100x80000000000000003919239Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e733bfdfaa734ba92022-01-11 12:23:05.585root 11241100x80000000000000003919240Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd8c0d64347e54cf2022-01-11 12:23:05.585root 11241100x80000000000000003919241Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77bcdebe8269b9b22022-01-11 12:23:05.585root 11241100x80000000000000003919242Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe2ced29b33c95e62022-01-11 12:23:05.585root 11241100x80000000000000003919243Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ea0bb3aba21046b2022-01-11 12:23:05.585root 11241100x80000000000000003919244Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02b886cdd3a0139e2022-01-11 12:23:05.585root 11241100x80000000000000003919245Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9285c51173cea02e2022-01-11 12:23:05.585root 11241100x80000000000000003919246Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab3c24f972eaea212022-01-11 12:23:05.585root 11241100x80000000000000003919247Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ffe605271d0e6a352022-01-11 12:23:05.585root 11241100x80000000000000003919248Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8144a7eb97141e8d2022-01-11 12:23:05.585root 11241100x80000000000000003919249Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42bd27dbbd1d6c812022-01-11 12:23:05.585root 11241100x80000000000000003919250Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b423e042536730cb2022-01-11 12:23:05.585root 11241100x80000000000000003919251Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bcf796e9a7735ddc2022-01-11 12:23:05.585root 11241100x80000000000000003919252Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3dea2dd4caef74fd2022-01-11 12:23:05.585root 11241100x80000000000000003919253Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.03a6805492cac08a2022-01-11 12:23:05.585root 11241100x80000000000000003919254Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.28b80e8110f3a0d52022-01-11 12:23:05.586root 11241100x80000000000000003919255Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f0efa06e6378a972022-01-11 12:23:05.586root 11241100x80000000000000003919256Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.465ae8d8dfdf30242022-01-11 12:23:05.586root 11241100x80000000000000003919257Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0255e65008aab9652022-01-11 12:23:05.586root 11241100x80000000000000003919258Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.98e105889e18a3b52022-01-11 12:23:05.586root 11241100x80000000000000003919259Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.684816e6028f49a12022-01-11 12:23:05.586root 11241100x80000000000000003919260Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.630024e0da7c7a972022-01-11 12:23:05.586root 11241100x80000000000000003919261Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c2ca5aece80f0022022-01-11 12:23:05.587root 11241100x80000000000000003919262Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f33387fc327fd442022-01-11 12:23:05.587root 11241100x80000000000000003919263Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68f81ec601bbea462022-01-11 12:23:05.587root 11241100x80000000000000003919264Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a77fca9fd20aad62022-01-11 12:23:05.587root 11241100x80000000000000003919265Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce1770c29a6e6be32022-01-11 12:23:05.587root 11241100x80000000000000003919266Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af9ea16b4c874de72022-01-11 12:23:05.587root 11241100x80000000000000003919267Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c505354628f838c72022-01-11 12:23:05.587root 11241100x80000000000000003919268Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b3612c88637e8012022-01-11 12:23:05.587root 11241100x80000000000000003919269Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15ac3272b45087262022-01-11 12:23:05.587root 11241100x80000000000000003919270Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6112a1f03991047e2022-01-11 12:23:05.587root 11241100x80000000000000003919271Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:05.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77193c42a0285c702022-01-11 12:23:05.587root 11241100x80000000000000003919272Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5f50bcc4b86a4902022-01-11 12:23:06.084root 11241100x80000000000000003919273Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cce6a13b07c281202022-01-11 12:23:06.084root 11241100x80000000000000003919274Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd4b33a200b56ab32022-01-11 12:23:06.084root 11241100x80000000000000003919275Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.012af01c8abcf03c2022-01-11 12:23:06.084root 11241100x80000000000000003919276Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1770346c095dd8e32022-01-11 12:23:06.084root 11241100x80000000000000003919277Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0401a6989fbc19862022-01-11 12:23:06.084root 11241100x80000000000000003919278Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b17b5528406dbe442022-01-11 12:23:06.084root 11241100x80000000000000003919279Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5cf952497dffa74c2022-01-11 12:23:06.084root 11241100x80000000000000003919280Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0b8cc4dbc9c8ade2022-01-11 12:23:06.084root 11241100x80000000000000003919281Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1606c9605f492332022-01-11 12:23:06.085root 11241100x80000000000000003919282Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.366cd6709f39041e2022-01-11 12:23:06.085root 11241100x80000000000000003919283Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33cc261c69d237cd2022-01-11 12:23:06.085root 11241100x80000000000000003919284Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3b1dedcd9e2e3432022-01-11 12:23:06.085root 11241100x80000000000000003919285Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b5b3770ee60fb3432022-01-11 12:23:06.085root 11241100x80000000000000003919286Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1c7d1e4adf855212022-01-11 12:23:06.085root 11241100x80000000000000003919287Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aed6d113178a69582022-01-11 12:23:06.085root 11241100x80000000000000003919288Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f7e131afe40d6e12022-01-11 12:23:06.085root 11241100x80000000000000003919289Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e5c19371d7622bb82022-01-11 12:23:06.085root 11241100x80000000000000003919290Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12cf16c1f85cacc72022-01-11 12:23:06.086root 11241100x80000000000000003919291Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2917a390ee35e99f2022-01-11 12:23:06.086root 11241100x80000000000000003919292Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df06fa1588ad5dd22022-01-11 12:23:06.087root 11241100x80000000000000003919293Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1e8ac6fd07dd4b82022-01-11 12:23:06.087root 11241100x80000000000000003919294Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7eba16160fe67bc2022-01-11 12:23:06.087root 11241100x80000000000000003919295Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11dd019fa3e080a02022-01-11 12:23:06.087root 11241100x80000000000000003919296Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.278bfaa36f5690502022-01-11 12:23:06.087root 11241100x80000000000000003919297Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb1dc4f28104d8fb2022-01-11 12:23:06.087root 11241100x80000000000000003919298Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef744b3df91706f32022-01-11 12:23:06.087root 11241100x80000000000000003919299Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f74f2bd289c57db12022-01-11 12:23:06.088root 11241100x80000000000000003919300Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d220c80c1a184e7e2022-01-11 12:23:06.088root 11241100x80000000000000003919301Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac925cd48133a9ea2022-01-11 12:23:06.088root 11241100x80000000000000003919302Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9ae7bf748b28d502022-01-11 12:23:06.088root 11241100x80000000000000003919303Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5b583ad0c187acb2022-01-11 12:23:06.088root 11241100x80000000000000003919304Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50b51e26eae15fb72022-01-11 12:23:06.088root 11241100x80000000000000003919305Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7dd173a881c8d642022-01-11 12:23:06.088root 11241100x80000000000000003919306Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.31cb9068ea507e8b2022-01-11 12:23:06.088root 11241100x80000000000000003919307Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc7cc2f9d23c93fe2022-01-11 12:23:06.088root 11241100x80000000000000003919308Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c17f96225a1cf242022-01-11 12:23:06.088root 11241100x80000000000000003919309Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21e8e781ae392ba02022-01-11 12:23:06.088root 11241100x80000000000000003919310Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a371cd991812fc852022-01-11 12:23:06.088root 11241100x80000000000000003919311Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c2dbd84a6f773e02022-01-11 12:23:06.089root 11241100x80000000000000003919312Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.919b154d5969b8282022-01-11 12:23:06.089root 11241100x80000000000000003919313Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82aa4eaaa18de23b2022-01-11 12:23:06.089root 11241100x80000000000000003919314Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22e03f79a9fa873a2022-01-11 12:23:06.089root 11241100x80000000000000003919315Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c343396def7568af2022-01-11 12:23:06.089root 11241100x80000000000000003919316Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.92a27f5bcf52327d2022-01-11 12:23:06.089root 11241100x80000000000000003919317Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.169aad8a40d8e7d02022-01-11 12:23:06.089root 11241100x80000000000000003919318Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c9e70735d2aef232022-01-11 12:23:06.089root 11241100x80000000000000003919319Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad93eef6c0da559e2022-01-11 12:23:06.089root 11241100x80000000000000003919320Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e7923623a8b94b42022-01-11 12:23:06.089root 11241100x80000000000000003919321Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f58ba81e5a03d9dd2022-01-11 12:23:06.090root 354300x80000000000000003919322Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.159{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56358-false10.0.1.12-8000- 11241100x80000000000000003919323Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d9ebe3f8feb7ea42022-01-11 12:23:06.584root 11241100x80000000000000003919324Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c948d1e2f470afa92022-01-11 12:23:06.584root 11241100x80000000000000003919325Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ded70f0c316ce7a2022-01-11 12:23:06.584root 11241100x80000000000000003919326Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbdf473d71ca9a2f2022-01-11 12:23:06.584root 11241100x80000000000000003919327Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.076764836d22fe672022-01-11 12:23:06.584root 11241100x80000000000000003919328Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bcdaa8a95de4d0342022-01-11 12:23:06.584root 11241100x80000000000000003919329Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.584239901855758a2022-01-11 12:23:06.584root 11241100x80000000000000003919330Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b65d0f04eed38b52022-01-11 12:23:06.584root 11241100x80000000000000003919331Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48f6d07f67ce80d02022-01-11 12:23:06.584root 11241100x80000000000000003919332Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e171b2120e634eb82022-01-11 12:23:06.584root 11241100x80000000000000003919333Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.75e9ff8114c82f7b2022-01-11 12:23:06.584root 11241100x80000000000000003919334Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9820d4d3ff0868092022-01-11 12:23:06.584root 11241100x80000000000000003919335Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7bbb024a27a462742022-01-11 12:23:06.584root 11241100x80000000000000003919336Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f57cd95b2cdcb2d52022-01-11 12:23:06.585root 11241100x80000000000000003919337Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5fc8fd2b48aa8f0f2022-01-11 12:23:06.585root 11241100x80000000000000003919338Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c596ba0823afe9012022-01-11 12:23:06.585root 11241100x80000000000000003919339Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5ea39673d38b7902022-01-11 12:23:06.585root 11241100x80000000000000003919340Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.75be2ccf5bc6ac6b2022-01-11 12:23:06.585root 11241100x80000000000000003919341Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b25b9c50301190442022-01-11 12:23:06.585root 11241100x80000000000000003919342Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.33f561b3151299652022-01-11 12:23:06.585root 11241100x80000000000000003919343Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b6851a6fbd385642022-01-11 12:23:06.585root 11241100x80000000000000003919344Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.376794dcda275f4b2022-01-11 12:23:06.585root 11241100x80000000000000003919345Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e913cdff7b5339e2022-01-11 12:23:06.585root 11241100x80000000000000003919346Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9350220358caebf02022-01-11 12:23:06.586root 11241100x80000000000000003919347Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3016663c9f1280a02022-01-11 12:23:06.586root 11241100x80000000000000003919348Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3aac73a8fabaa5562022-01-11 12:23:06.586root 11241100x80000000000000003919349Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.256f58c7a8224f882022-01-11 12:23:06.586root 11241100x80000000000000003919350Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c01dcc4268e513362022-01-11 12:23:06.586root 11241100x80000000000000003919351Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c32849cc75fc5a92022-01-11 12:23:06.586root 11241100x80000000000000003919352Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0bf04629a43bd4462022-01-11 12:23:06.586root 11241100x80000000000000003919353Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d0522f49a0976c62022-01-11 12:23:06.586root 11241100x80000000000000003919354Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f8d43cdb8a6af242022-01-11 12:23:06.586root 11241100x80000000000000003919355Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ae5661a9f48d6202022-01-11 12:23:06.587root 11241100x80000000000000003919356Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6690a78b588e40542022-01-11 12:23:06.587root 11241100x80000000000000003919357Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c033480960cb9cc2022-01-11 12:23:06.587root 11241100x80000000000000003919358Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c595133d2e360112022-01-11 12:23:06.587root 11241100x80000000000000003919359Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d27f2313c1decb892022-01-11 12:23:06.591root 11241100x80000000000000003919360Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a1f132f1f99f9352022-01-11 12:23:06.591root 11241100x80000000000000003919361Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dfa42b91a50d9c7e2022-01-11 12:23:06.591root 11241100x80000000000000003919362Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.592{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd3aecfd73f56bf62022-01-11 12:23:06.592root 11241100x80000000000000003919363Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.592{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dfd5378ab2fe4d162022-01-11 12:23:06.592root 11241100x80000000000000003919364Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.592{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.081f5f8bddd10c5d2022-01-11 12:23:06.592root 11241100x80000000000000003919365Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.592{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.935366d4dc8c03402022-01-11 12:23:06.592root 11241100x80000000000000003919366Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.592{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5dea131a4854551e2022-01-11 12:23:06.592root 11241100x80000000000000003919367Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.592{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be0e7db9c300b3372022-01-11 12:23:06.592root 11241100x80000000000000003919368Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.592{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4812b67e10de85442022-01-11 12:23:06.592root 11241100x80000000000000003919369Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.592{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ffe01f6b5c1ac7852022-01-11 12:23:06.592root 11241100x80000000000000003919370Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.592{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1c9a2e4307552252022-01-11 12:23:06.592root 11241100x80000000000000003919371Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.592{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.99a04fe1b293fa332022-01-11 12:23:06.592root 11241100x80000000000000003919372Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.592{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c8f057fb4bffd9d2022-01-11 12:23:06.592root 11241100x80000000000000003919373Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.593{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b2dde7bafea7f422022-01-11 12:23:06.593root 11241100x80000000000000003919374Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.593{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.afa5b467129b125e2022-01-11 12:23:06.593root 11241100x80000000000000003919375Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.593{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10c4b8fd9d0fa3d72022-01-11 12:23:06.593root 11241100x80000000000000003919376Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.593{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8f4ddc63c2d36f62022-01-11 12:23:06.593root 11241100x80000000000000003919377Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.593{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6527becc21adba722022-01-11 12:23:06.593root 11241100x80000000000000003919378Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.593{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.174ab33536d790e82022-01-11 12:23:06.593root 11241100x80000000000000003919379Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.593{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.555bcae8c76ddf682022-01-11 12:23:06.593root 11241100x80000000000000003919380Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.593{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.03ae2e6579054eca2022-01-11 12:23:06.593root 11241100x80000000000000003919381Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.593{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.701fb0a3123182ab2022-01-11 12:23:06.593root 11241100x80000000000000003919382Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.593{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19e15d244e42cc4d2022-01-11 12:23:06.593root 11241100x80000000000000003919383Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.594{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb3684065cdd15dc2022-01-11 12:23:06.594root 11241100x80000000000000003919384Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.594{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1442fc4c78c9e7c72022-01-11 12:23:06.594root 11241100x80000000000000003919385Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.594{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b1f9430f29badb62022-01-11 12:23:06.594root 11241100x80000000000000003919386Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.594{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b5eb976872afb902022-01-11 12:23:06.594root 11241100x80000000000000003919387Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.594{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4bf8ff01b2cd98a62022-01-11 12:23:06.594root 11241100x80000000000000003919388Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.594{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a3b9f57facac5e42022-01-11 12:23:06.594root 11241100x80000000000000003919389Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.594{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c09fed50001b98d32022-01-11 12:23:06.594root 11241100x80000000000000003919390Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.594{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7923cbfd9d09234e2022-01-11 12:23:06.594root 11241100x80000000000000003919391Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.594{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1994cd52ea6175f2022-01-11 12:23:06.594root 11241100x80000000000000003919392Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.594{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ef626cf814fe33a2022-01-11 12:23:06.594root 11241100x80000000000000003919393Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.595{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ffc404c4e9f9ed92022-01-11 12:23:06.595root 11241100x80000000000000003919394Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.595{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e5d401a0b322f6592022-01-11 12:23:06.595root 11241100x80000000000000003919395Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.595{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f053abedb64ed7d42022-01-11 12:23:06.595root 11241100x80000000000000003919396Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:06.595{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0fb765eae122e3e02022-01-11 12:23:06.595root 11241100x80000000000000003919397Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81451977d91e8bfb2022-01-11 12:23:07.083root 11241100x80000000000000003919398Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f6aa580466460102022-01-11 12:23:07.083root 11241100x80000000000000003919399Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a32f5932afa1ac642022-01-11 12:23:07.083root 11241100x80000000000000003919400Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b8f42d265d7ca9402022-01-11 12:23:07.083root 11241100x80000000000000003919401Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d240e61d3c48ebf2022-01-11 12:23:07.084root 11241100x80000000000000003919402Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.64da44531ab2250b2022-01-11 12:23:07.084root 11241100x80000000000000003919403Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b58ba0fd5d6698252022-01-11 12:23:07.084root 11241100x80000000000000003919404Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.897320cd19c928992022-01-11 12:23:07.084root 11241100x80000000000000003919405Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b87fe6ba992f64c2022-01-11 12:23:07.084root 11241100x80000000000000003919406Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.229f94700516961d2022-01-11 12:23:07.084root 11241100x80000000000000003919407Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47575f535ec8835f2022-01-11 12:23:07.085root 11241100x80000000000000003919408Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04623c3b80d138a52022-01-11 12:23:07.085root 11241100x80000000000000003919409Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2bcd76e0254caa9b2022-01-11 12:23:07.085root 11241100x80000000000000003919410Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.533f20bffa189ca62022-01-11 12:23:07.085root 11241100x80000000000000003919411Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ebf1c60cdd1299802022-01-11 12:23:07.085root 11241100x80000000000000003919412Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43e73820a7ba38e52022-01-11 12:23:07.085root 11241100x80000000000000003919413Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6770faf7970a81d22022-01-11 12:23:07.085root 11241100x80000000000000003919414Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42920d9933277caf2022-01-11 12:23:07.085root 11241100x80000000000000003919415Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ff6bcec58a540222022-01-11 12:23:07.085root 11241100x80000000000000003919416Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ade80816692b01362022-01-11 12:23:07.086root 11241100x80000000000000003919417Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8df800ac5f7b9a32022-01-11 12:23:07.086root 11241100x80000000000000003919418Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.775425e1c1d533062022-01-11 12:23:07.086root 11241100x80000000000000003919419Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d9a8f8b474314c172022-01-11 12:23:07.086root 11241100x80000000000000003919420Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf9ecee69e4b194c2022-01-11 12:23:07.086root 11241100x80000000000000003919421Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d0456e19e622d832022-01-11 12:23:07.087root 11241100x80000000000000003919422Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cbdcf185af7769a12022-01-11 12:23:07.087root 11241100x80000000000000003919423Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b1b63d27562bcfd2022-01-11 12:23:07.087root 11241100x80000000000000003919424Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de03aa2b6966ad742022-01-11 12:23:07.087root 11241100x80000000000000003919425Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee22f666d1a525072022-01-11 12:23:07.087root 11241100x80000000000000003919426Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c02440bb8739e0ff2022-01-11 12:23:07.087root 11241100x80000000000000003919427Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b43fabf4bc2d29e42022-01-11 12:23:07.087root 11241100x80000000000000003919428Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9b4052bdc9f0e932022-01-11 12:23:07.087root 11241100x80000000000000003919429Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4bb9fea863ca05eb2022-01-11 12:23:07.087root 11241100x80000000000000003919430Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.14926a97db3258242022-01-11 12:23:07.088root 11241100x80000000000000003919431Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21891cb881c4c56d2022-01-11 12:23:07.088root 11241100x80000000000000003919432Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e960a452293f9cce2022-01-11 12:23:07.088root 11241100x80000000000000003919433Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3cf8ea56628b25bb2022-01-11 12:23:07.088root 11241100x80000000000000003919434Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56b08161a1af0a242022-01-11 12:23:07.088root 11241100x80000000000000003919435Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.088{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5dac1d2dc1f82f92022-01-11 12:23:07.088root 11241100x80000000000000003919436Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1fe2b414fb5209c2022-01-11 12:23:07.089root 11241100x80000000000000003919437Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.539a503f15fea6502022-01-11 12:23:07.089root 11241100x80000000000000003919438Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17bffe335e66f01b2022-01-11 12:23:07.089root 11241100x80000000000000003919439Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7586c6f5445b0c4b2022-01-11 12:23:07.089root 11241100x80000000000000003919440Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab63ee5eb25259552022-01-11 12:23:07.089root 11241100x80000000000000003919441Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.310cd1a075898b752022-01-11 12:23:07.089root 11241100x80000000000000003919442Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7972f35b99b492c2022-01-11 12:23:07.089root 11241100x80000000000000003919443Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.854052250d9a53c92022-01-11 12:23:07.089root 11241100x80000000000000003919444Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.089{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.631e8b8b5fcfee6a2022-01-11 12:23:07.089root 11241100x80000000000000003919445Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fcadf9956dbbd5e92022-01-11 12:23:07.090root 11241100x80000000000000003919446Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9e4400da02920432022-01-11 12:23:07.090root 11241100x80000000000000003919447Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01111e5107679cc22022-01-11 12:23:07.090root 11241100x80000000000000003919448Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.928181ae96838ffe2022-01-11 12:23:07.090root 11241100x80000000000000003919449Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.090{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17f7b9a2618558ed2022-01-11 12:23:07.090root 11241100x80000000000000003919450Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e5217a9611edc0b62022-01-11 12:23:07.091root 11241100x80000000000000003919451Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.acd8be6a82846bf02022-01-11 12:23:07.091root 11241100x80000000000000003919452Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5b6d4420e09519a2022-01-11 12:23:07.091root 11241100x80000000000000003919453Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca2595cf50ebab8f2022-01-11 12:23:07.091root 11241100x80000000000000003919454Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b02039a06949d7e22022-01-11 12:23:07.091root 11241100x80000000000000003919455Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d76a57be397432b52022-01-11 12:23:07.091root 11241100x80000000000000003919456Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.488b6189dafe3bef2022-01-11 12:23:07.091root 11241100x80000000000000003919457Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.412ea5f61ae17a6b2022-01-11 12:23:07.091root 11241100x80000000000000003919458Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.091{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49c78960ae3b51cf2022-01-11 12:23:07.091root 11241100x80000000000000003919459Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.092{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.85a2c99602af2d272022-01-11 12:23:07.092root 11241100x80000000000000003919460Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.092{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e5d3bb354f283712022-01-11 12:23:07.092root 11241100x80000000000000003919461Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.092{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e797a8addc216da82022-01-11 12:23:07.092root 11241100x80000000000000003919462Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.092{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.312df36698d95ae72022-01-11 12:23:07.092root 11241100x80000000000000003919463Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.092{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.766d7e360d6493b42022-01-11 12:23:07.092root 11241100x80000000000000003919464Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.092{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2be3446ff24519642022-01-11 12:23:07.092root 11241100x80000000000000003919465Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.093{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f89a28a51ed0a62f2022-01-11 12:23:07.093root 11241100x80000000000000003919466Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.093{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0dba6eae91f06e372022-01-11 12:23:07.093root 11241100x80000000000000003919467Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.093{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35c2323b11d604102022-01-11 12:23:07.093root 11241100x80000000000000003919468Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.093{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2f8ddd7373776d82022-01-11 12:23:07.093root 11241100x80000000000000003919469Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.093{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c42781a3505f5f3c2022-01-11 12:23:07.093root 11241100x80000000000000003919470Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.093{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ee99d74a167e1b12022-01-11 12:23:07.093root 11241100x80000000000000003919471Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.093{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ca200a31c62a34d2022-01-11 12:23:07.093root 11241100x80000000000000003919472Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.093{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.525e0b5b5e9008da2022-01-11 12:23:07.093root 11241100x80000000000000003919473Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.093{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c01518acf8ed42962022-01-11 12:23:07.093root 11241100x80000000000000003919474Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.093{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b560cbf7e4f4b5dc2022-01-11 12:23:07.093root 11241100x80000000000000003919475Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.093{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca4fb87f025c35d42022-01-11 12:23:07.093root 11241100x80000000000000003919476Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.093{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b8ffe83eafadec2a2022-01-11 12:23:07.093root 11241100x80000000000000003919477Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.093{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b3abfbb331512c62022-01-11 12:23:07.093root 11241100x80000000000000003919478Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.093{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a0a5ae81736e4612022-01-11 12:23:07.093root 11241100x80000000000000003919479Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.093{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7532c23930a92632022-01-11 12:23:07.093root 11241100x80000000000000003919480Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.093{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d164aad2fa6d8962022-01-11 12:23:07.093root 11241100x80000000000000003919481Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.094{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d448a8e75fef69132022-01-11 12:23:07.094root 11241100x80000000000000003919482Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.094{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f65fd664e5151a322022-01-11 12:23:07.094root 11241100x80000000000000003919483Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.094{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2feb896e7720c88d2022-01-11 12:23:07.094root 11241100x80000000000000003919484Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.094{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.75c1aca07bb9a39e2022-01-11 12:23:07.094root 11241100x80000000000000003919485Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b76b96b03d06a1682022-01-11 12:23:07.583root 11241100x80000000000000003919486Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a47b1bdfa9043a202022-01-11 12:23:07.584root 11241100x80000000000000003919487Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c703e4ef055da0e52022-01-11 12:23:07.584root 11241100x80000000000000003919488Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6bf35b45a66366872022-01-11 12:23:07.584root 11241100x80000000000000003919489Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ea34d965c6dde482022-01-11 12:23:07.584root 11241100x80000000000000003919490Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f215fa0c690f7372022-01-11 12:23:07.584root 11241100x80000000000000003919491Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.70ee8256b0afc7b42022-01-11 12:23:07.584root 11241100x80000000000000003919492Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34849f374803771f2022-01-11 12:23:07.584root 11241100x80000000000000003919493Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5fc7b7db7d098ae22022-01-11 12:23:07.584root 11241100x80000000000000003919494Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4fb60ca4de3bf9e12022-01-11 12:23:07.584root 11241100x80000000000000003919495Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ebd248d96136e032022-01-11 12:23:07.585root 11241100x80000000000000003919496Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90188b8c518d40402022-01-11 12:23:07.585root 11241100x80000000000000003919497Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5402a2af57e4fb82022-01-11 12:23:07.585root 11241100x80000000000000003919498Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.92e65701dabb1b642022-01-11 12:23:07.585root 11241100x80000000000000003919499Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8963982ab0eaac812022-01-11 12:23:07.586root 11241100x80000000000000003919500Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.234eb472b0c937a82022-01-11 12:23:07.586root 11241100x80000000000000003919501Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e48191849de73f72022-01-11 12:23:07.586root 11241100x80000000000000003919502Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ad376b00496a69c2022-01-11 12:23:07.586root 11241100x80000000000000003919503Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1e9ed0c2db1d0db2022-01-11 12:23:07.586root 11241100x80000000000000003919504Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19f889aac602df752022-01-11 12:23:07.587root 11241100x80000000000000003919505Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c2b5808290471cc2022-01-11 12:23:07.587root 11241100x80000000000000003919506Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.45ee64233558326d2022-01-11 12:23:07.587root 11241100x80000000000000003919507Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9653b3a8d2631de92022-01-11 12:23:07.588root 11241100x80000000000000003919508Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42d59b34bb7d2a812022-01-11 12:23:07.588root 11241100x80000000000000003919509Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.514ad357b01ca5622022-01-11 12:23:07.588root 11241100x80000000000000003919510Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21e6579d208ed8e22022-01-11 12:23:07.588root 11241100x80000000000000003919511Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0bbcce48130a9652022-01-11 12:23:07.588root 11241100x80000000000000003919512Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f091a78554f72f02022-01-11 12:23:07.589root 11241100x80000000000000003919513Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.570f800f11e8dc132022-01-11 12:23:07.589root 11241100x80000000000000003919514Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ba5a1dc27374d422022-01-11 12:23:07.589root 11241100x80000000000000003919515Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.082c5a68e8063cb92022-01-11 12:23:07.589root 11241100x80000000000000003919516Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1be216a2fbdd42332022-01-11 12:23:07.589root 11241100x80000000000000003919517Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6dd7d50b2bfc0c42022-01-11 12:23:07.590root 11241100x80000000000000003919518Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7bc0ea12a6c84e32022-01-11 12:23:07.590root 11241100x80000000000000003919519Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ce4277c943de93d2022-01-11 12:23:07.590root 11241100x80000000000000003919520Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de5cbb0d4ea816372022-01-11 12:23:07.590root 11241100x80000000000000003919521Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9774c5db23d9d0042022-01-11 12:23:07.590root 11241100x80000000000000003919522Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.590{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a659b2a0923cea5c2022-01-11 12:23:07.590root 11241100x80000000000000003919523Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e62f48a98cf0724d2022-01-11 12:23:07.591root 11241100x80000000000000003919524Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be57af1f570815072022-01-11 12:23:07.591root 11241100x80000000000000003919525Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1153c418ae7cefae2022-01-11 12:23:07.591root 11241100x80000000000000003919526Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ad9ad17e40835f52022-01-11 12:23:07.591root 11241100x80000000000000003919527Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.591{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.409a6197b3ba4b592022-01-11 12:23:07.591root 11241100x80000000000000003919528Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.592{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7615997089703d002022-01-11 12:23:07.592root 11241100x80000000000000003919529Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.592{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e694c79b4a4bf6b42022-01-11 12:23:07.592root 11241100x80000000000000003919530Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.592{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e6fc6882e6e7c402022-01-11 12:23:07.592root 11241100x80000000000000003919531Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.592{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f7dc7ada9e019fe2022-01-11 12:23:07.592root 11241100x80000000000000003919532Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.593{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42b15e60af43e9d42022-01-11 12:23:07.593root 11241100x80000000000000003919533Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.593{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca96cff25bdccd7e2022-01-11 12:23:07.593root 11241100x80000000000000003919534Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.593{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5fd29c43899b2cd02022-01-11 12:23:07.593root 11241100x80000000000000003919535Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.593{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.456072af3dbf450e2022-01-11 12:23:07.593root 11241100x80000000000000003919536Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.593{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23498550a4ba08632022-01-11 12:23:07.593root 11241100x80000000000000003919537Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.593{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1ff9444172d63c72022-01-11 12:23:07.593root 11241100x80000000000000003919538Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.593{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b9e0f898acbce8c2022-01-11 12:23:07.593root 11241100x80000000000000003919539Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.593{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e01b7f680f2e5f72022-01-11 12:23:07.593root 11241100x80000000000000003919540Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:23:07.593{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f22cebc7327c92502022-01-11 12:23:07.593root