354300x80000000000000003904893Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.176{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56238-false10.0.1.12-8000- 11241100x80000000000000003904894Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.176{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc11ad7540d7f4372022-01-11 12:18:08.176root 11241100x80000000000000003904895Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.176{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96bf085f449daba42022-01-11 12:18:08.176root 11241100x80000000000000003904896Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.177{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db32b0c0ba30a47f2022-01-11 12:18:08.177root 11241100x80000000000000003904897Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.177{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b1b57b11f35958d2022-01-11 12:18:08.177root 11241100x80000000000000003904898Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.177{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0758e9354852a882022-01-11 12:18:08.177root 11241100x80000000000000003904899Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.177{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.324b66ef3fbe410a2022-01-11 12:18:08.177root 11241100x80000000000000003904900Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.177{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae2464790da4c9602022-01-11 12:18:08.177root 11241100x80000000000000003904901Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.177{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ad1529a19a77f012022-01-11 12:18:08.177root 11241100x80000000000000003904902Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.177{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6333089d0dda49e42022-01-11 12:18:08.177root 11241100x80000000000000003904903Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.177{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ad52a79da4716de2022-01-11 12:18:08.177root 11241100x80000000000000003904904Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.177{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5dda1a4e4794d9a62022-01-11 12:18:08.177root 11241100x80000000000000003904905Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.177{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e4a1096feb263e82022-01-11 12:18:08.177root 11241100x80000000000000003904906Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.177{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1e2f4c1fd4c9c232022-01-11 12:18:08.177root 11241100x80000000000000003904907Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.177{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dad3f56d9030a5422022-01-11 12:18:08.177root 11241100x80000000000000003904908Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.177{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ae7b347ab6e70ad2022-01-11 12:18:08.177root 11241100x80000000000000003904909Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.178{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05834bb164eb92652022-01-11 12:18:08.178root 11241100x80000000000000003904910Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.178{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b55d014ca38aed32022-01-11 12:18:08.178root 11241100x80000000000000003904911Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.178{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a97656b8e05ee45c2022-01-11 12:18:08.178root 11241100x80000000000000003904912Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.178{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f00d005787abee942022-01-11 12:18:08.178root 11241100x80000000000000003904913Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.178{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00a5c6454bea26382022-01-11 12:18:08.178root 11241100x80000000000000003904914Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a0ada31372131822022-01-11 12:18:08.583root 11241100x80000000000000003904915Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9032f05d73871d72022-01-11 12:18:08.583root 11241100x80000000000000003904916Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d66181c2f187fea42022-01-11 12:18:08.583root 11241100x80000000000000003904917Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.853e5317e95fd8322022-01-11 12:18:08.583root 11241100x80000000000000003904918Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd7490125c2f6ac22022-01-11 12:18:08.584root 11241100x80000000000000003904919Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a43d79f38daabf8a2022-01-11 12:18:08.584root 11241100x80000000000000003904920Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b7612e9a92f12e32022-01-11 12:18:08.584root 11241100x80000000000000003904921Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5393482ce353ef792022-01-11 12:18:08.584root 11241100x80000000000000003904922Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e2dc115869d1a6a2022-01-11 12:18:08.584root 11241100x80000000000000003904923Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2ab3bcde701ff1f2022-01-11 12:18:08.584root 11241100x80000000000000003904924Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e053baf03275e5b52022-01-11 12:18:08.585root 11241100x80000000000000003904925Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43df7c4362f05e1c2022-01-11 12:18:08.585root 11241100x80000000000000003904926Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.257d981c91dbaf332022-01-11 12:18:08.585root 11241100x80000000000000003904927Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f58beafb5e6175402022-01-11 12:18:08.585root 11241100x80000000000000003904928Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d91eb7c31630ddea2022-01-11 12:18:08.586root 11241100x80000000000000003904929Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49b345ea9e0273dd2022-01-11 12:18:08.586root 11241100x80000000000000003904930Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ec17d28803b6c202022-01-11 12:18:08.587root 11241100x80000000000000003904931Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d9580dbf628fbf12022-01-11 12:18:08.588root 11241100x80000000000000003904932Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c468c475d0dd7972022-01-11 12:18:08.588root 11241100x80000000000000003904933Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:08.589{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1505af7d8054358d2022-01-11 12:18:08.589root 11241100x80000000000000003904934Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c41bfd4e8e1fc84c2022-01-11 12:18:09.083root 11241100x80000000000000003904935Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d12f9f4db18431f22022-01-11 12:18:09.083root 11241100x80000000000000003904936Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.499bf8bf6c21f4f62022-01-11 12:18:09.084root 11241100x80000000000000003904937Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.27bc3c07751c80b12022-01-11 12:18:09.084root 11241100x80000000000000003904938Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.837991c13a67ade72022-01-11 12:18:09.084root 11241100x80000000000000003904939Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9b856782b0e05fa2022-01-11 12:18:09.084root 11241100x80000000000000003904940Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8ff63bb345095a72022-01-11 12:18:09.084root 11241100x80000000000000003904941Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ac5505fb93bcad12022-01-11 12:18:09.084root 11241100x80000000000000003904942Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd7a27d6757a08f42022-01-11 12:18:09.084root 11241100x80000000000000003904943Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.edfd55d9d8f8e8732022-01-11 12:18:09.084root 11241100x80000000000000003904944Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9038b29d35d7dcf12022-01-11 12:18:09.085root 11241100x80000000000000003904945Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5cf6019679d5962c2022-01-11 12:18:09.085root 11241100x80000000000000003904946Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1661a270265c9fe82022-01-11 12:18:09.085root 11241100x80000000000000003904947Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54aa0b48812ccad62022-01-11 12:18:09.085root 11241100x80000000000000003904948Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6d6a05c01c1672d2022-01-11 12:18:09.085root 11241100x80000000000000003904949Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f9ff62a62811c8072022-01-11 12:18:09.085root 11241100x80000000000000003904950Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02ff47740451bed42022-01-11 12:18:09.085root 11241100x80000000000000003904951Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e62ccb7a91ef4b332022-01-11 12:18:09.085root 11241100x80000000000000003904952Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25356d30c9424c472022-01-11 12:18:09.085root 11241100x80000000000000003904953Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3221c41fe327739f2022-01-11 12:18:09.086root 11241100x80000000000000003904954Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f360bd4cb5822e792022-01-11 12:18:09.086root 11241100x80000000000000003904955Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11497742b86355452022-01-11 12:18:09.086root 11241100x80000000000000003904956Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2552c6395b4cfd862022-01-11 12:18:09.086root 11241100x80000000000000003904957Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb2079dbded8ad832022-01-11 12:18:09.583root 11241100x80000000000000003904958Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b905f7c17b279272022-01-11 12:18:09.583root 11241100x80000000000000003904959Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a0975c02499b8012022-01-11 12:18:09.583root 11241100x80000000000000003904960Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57b7e3d4a87cb08e2022-01-11 12:18:09.583root 11241100x80000000000000003904961Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6556916314b4f0f2022-01-11 12:18:09.584root 11241100x80000000000000003904962Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0dbcc7b89fa6ebb22022-01-11 12:18:09.584root 11241100x80000000000000003904963Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc67081a39fbf3e22022-01-11 12:18:09.584root 11241100x80000000000000003904964Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.71643eea6ddd285e2022-01-11 12:18:09.584root 11241100x80000000000000003904965Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc7aa8e43274d01a2022-01-11 12:18:09.584root 11241100x80000000000000003904966Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a01817c50ef16e562022-01-11 12:18:09.584root 11241100x80000000000000003904967Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5943adfe7a8e3d2b2022-01-11 12:18:09.584root 11241100x80000000000000003904968Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.92a623fe97ca8d8a2022-01-11 12:18:09.584root 11241100x80000000000000003904969Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dcd280a7afd9362e2022-01-11 12:18:09.585root 11241100x80000000000000003904970Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1d27f9cbd3804932022-01-11 12:18:09.585root 11241100x80000000000000003904971Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c1902c988504b4d2022-01-11 12:18:09.585root 11241100x80000000000000003904972Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a95f1a07b1ccdc582022-01-11 12:18:09.585root 11241100x80000000000000003904973Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.442ff8aa591881ba2022-01-11 12:18:09.585root 11241100x80000000000000003904974Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76c7c9f1a469714b2022-01-11 12:18:09.585root 11241100x80000000000000003904975Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a34d4beb2747cd82022-01-11 12:18:09.586root 11241100x80000000000000003904976Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:09.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a98b7cc2237e8772022-01-11 12:18:09.586root 11241100x80000000000000003904977Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c932670a979343032022-01-11 12:18:10.084root 11241100x80000000000000003904978Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4fc6f88a200a3932022-01-11 12:18:10.084root 11241100x80000000000000003904979Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.704f703792c86a492022-01-11 12:18:10.084root 11241100x80000000000000003904980Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd4d64ddfd850a592022-01-11 12:18:10.084root 11241100x80000000000000003904981Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c30239a165e5acf62022-01-11 12:18:10.084root 11241100x80000000000000003904982Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39053893f7e007aa2022-01-11 12:18:10.084root 11241100x80000000000000003904983Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cbf36d203eacc2142022-01-11 12:18:10.084root 11241100x80000000000000003904984Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef5bde50b1b0d3b32022-01-11 12:18:10.084root 11241100x80000000000000003904985Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.582c71449a28c4db2022-01-11 12:18:10.085root 11241100x80000000000000003904986Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16c717630307de542022-01-11 12:18:10.085root 11241100x80000000000000003904987Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.efbb4a3ae414f4aa2022-01-11 12:18:10.085root 11241100x80000000000000003904988Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8399e435c4346252022-01-11 12:18:10.085root 11241100x80000000000000003904989Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7aa5e7d3fec7a8d72022-01-11 12:18:10.085root 11241100x80000000000000003904990Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd525c982721ac0f2022-01-11 12:18:10.085root 11241100x80000000000000003904991Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6daea813d570c712022-01-11 12:18:10.085root 11241100x80000000000000003904992Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef74998fbf7bf0b22022-01-11 12:18:10.085root 11241100x80000000000000003904993Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f38fbff72e742aea2022-01-11 12:18:10.086root 11241100x80000000000000003904994Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4295afd3aed0c9b82022-01-11 12:18:10.086root 11241100x80000000000000003904995Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f20123b8b6ed0ee2022-01-11 12:18:10.086root 11241100x80000000000000003904996Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbabf3593bb6dbb42022-01-11 12:18:10.086root 11241100x80000000000000003904997Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc4965adfd8a71922022-01-11 12:18:10.583root 11241100x80000000000000003904998Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aad3c695b10f6d062022-01-11 12:18:10.583root 11241100x80000000000000003904999Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa768fcd0745b1d42022-01-11 12:18:10.583root 11241100x80000000000000003905000Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7c04f54ca81066b2022-01-11 12:18:10.583root 11241100x80000000000000003905001Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4735e5b538b3d2ed2022-01-11 12:18:10.583root 11241100x80000000000000003905002Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.308c8c71bb9b896d2022-01-11 12:18:10.583root 11241100x80000000000000003905003Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47fc886f28bf287d2022-01-11 12:18:10.584root 11241100x80000000000000003905004Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6fdce5c0510aa0b72022-01-11 12:18:10.584root 11241100x80000000000000003905005Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec5c8599475dcbe32022-01-11 12:18:10.584root 11241100x80000000000000003905006Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b012c2754f1ab0352022-01-11 12:18:10.584root 11241100x80000000000000003905007Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.057d4535967275d02022-01-11 12:18:10.584root 11241100x80000000000000003905008Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3649062c41ead302022-01-11 12:18:10.584root 11241100x80000000000000003905009Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.750f758dd33956f62022-01-11 12:18:10.584root 11241100x80000000000000003905010Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6beb818a3ab1b5b22022-01-11 12:18:10.584root 11241100x80000000000000003905011Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1639c0ad547b7452022-01-11 12:18:10.584root 11241100x80000000000000003905012Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e18b42171ddb91bb2022-01-11 12:18:10.584root 11241100x80000000000000003905013Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4213a5155fd10d972022-01-11 12:18:10.584root 11241100x80000000000000003905014Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96010b1fad652c1b2022-01-11 12:18:10.584root 11241100x80000000000000003905015Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.032f15cf05c38b802022-01-11 12:18:10.584root 11241100x80000000000000003905016Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:10.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ef3ce6939004c0d2022-01-11 12:18:10.584root 11241100x80000000000000003905017Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2cd1e28c3b394b202022-01-11 12:18:11.083root 11241100x80000000000000003905018Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9dc8daa124dbd0662022-01-11 12:18:11.083root 11241100x80000000000000003905019Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0d7228150c7fcef2022-01-11 12:18:11.083root 11241100x80000000000000003905020Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe89cd55fa937f182022-01-11 12:18:11.083root 11241100x80000000000000003905021Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc19df8fc7bb45bb2022-01-11 12:18:11.084root 11241100x80000000000000003905022Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47b78a0de956aa562022-01-11 12:18:11.084root 11241100x80000000000000003905023Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f4d7d73646fa3d822022-01-11 12:18:11.084root 11241100x80000000000000003905024Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1e0facd8bd6498da2022-01-11 12:18:11.084root 11241100x80000000000000003905025Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.52c24d90adf07ac22022-01-11 12:18:11.084root 11241100x80000000000000003905026Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f113dec12f9242972022-01-11 12:18:11.084root 11241100x80000000000000003905027Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.667a2660442c5c422022-01-11 12:18:11.084root 11241100x80000000000000003905028Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91fd04fed3a98ea02022-01-11 12:18:11.084root 11241100x80000000000000003905029Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad03c2add84206e32022-01-11 12:18:11.084root 11241100x80000000000000003905030Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62213d091cd60f932022-01-11 12:18:11.085root 11241100x80000000000000003905031Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6be1e8639850823f2022-01-11 12:18:11.085root 11241100x80000000000000003905032Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9661e9c1131a1ffe2022-01-11 12:18:11.085root 11241100x80000000000000003905033Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.075b975c148415df2022-01-11 12:18:11.085root 11241100x80000000000000003905034Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.629fc9ec212253bc2022-01-11 12:18:11.085root 11241100x80000000000000003905035Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c200a02de459b6272022-01-11 12:18:11.085root 11241100x80000000000000003905036Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b16f965d61315482022-01-11 12:18:11.085root 11241100x80000000000000003905037Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0b1c80a8ff0f0f62022-01-11 12:18:11.583root 11241100x80000000000000003905038Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b803fa9af8be44812022-01-11 12:18:11.583root 11241100x80000000000000003905039Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.921aa21d79a957d62022-01-11 12:18:11.583root 11241100x80000000000000003905040Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de25dcd0b6a050ab2022-01-11 12:18:11.584root 11241100x80000000000000003905041Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ebcbed4631833add2022-01-11 12:18:11.584root 11241100x80000000000000003905042Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b12f854f935fcec2022-01-11 12:18:11.584root 11241100x80000000000000003905043Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8dcd20c6c2b174402022-01-11 12:18:11.584root 11241100x80000000000000003905044Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1e4d794739e5d8792022-01-11 12:18:11.584root 11241100x80000000000000003905045Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.380a61afa4ab05b32022-01-11 12:18:11.584root 11241100x80000000000000003905046Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ba0e8d7e51cb9a22022-01-11 12:18:11.584root 11241100x80000000000000003905047Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.645388f126e49e2c2022-01-11 12:18:11.584root 11241100x80000000000000003905048Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c00c2c5aaa9ad2c02022-01-11 12:18:11.584root 11241100x80000000000000003905049Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1df0e96f700e95dd2022-01-11 12:18:11.585root 11241100x80000000000000003905050Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6cf8cb3a018509012022-01-11 12:18:11.585root 11241100x80000000000000003905051Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4595980667cac4cd2022-01-11 12:18:11.585root 11241100x80000000000000003905052Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63e067b73f2c72442022-01-11 12:18:11.585root 11241100x80000000000000003905053Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a54136c0d0a1f37a2022-01-11 12:18:11.585root 11241100x80000000000000003905054Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d62c98236b565892022-01-11 12:18:11.585root 11241100x80000000000000003905055Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.113e155fff28c7a12022-01-11 12:18:11.585root 11241100x80000000000000003905056Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:11.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb2a621761c4e2b52022-01-11 12:18:11.585root 11241100x80000000000000003905057Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c4f580f6285ab1672022-01-11 12:18:12.084root 11241100x80000000000000003905058Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.edfa491da1630dbe2022-01-11 12:18:12.084root 11241100x80000000000000003905059Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfceee9f434fef5e2022-01-11 12:18:12.084root 11241100x80000000000000003905060Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.337edc5de7d1466c2022-01-11 12:18:12.084root 11241100x80000000000000003905061Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.014f533650bfb41b2022-01-11 12:18:12.084root 11241100x80000000000000003905062Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e060a5097e1f35ca2022-01-11 12:18:12.084root 11241100x80000000000000003905063Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9cdaf34ad34d590c2022-01-11 12:18:12.084root 11241100x80000000000000003905064Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ee3beb64fc292c02022-01-11 12:18:12.084root 11241100x80000000000000003905065Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53e0653dc73917c52022-01-11 12:18:12.084root 11241100x80000000000000003905066Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c18e784b1a66c002022-01-11 12:18:12.084root 11241100x80000000000000003905067Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9201185e0803a732022-01-11 12:18:12.084root 11241100x80000000000000003905068Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5cc7813351113b962022-01-11 12:18:12.085root 11241100x80000000000000003905069Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5df995f28b6a9cd62022-01-11 12:18:12.085root 11241100x80000000000000003905070Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e282ca05cb6619362022-01-11 12:18:12.085root 11241100x80000000000000003905071Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1c05b1b5350c33352022-01-11 12:18:12.085root 11241100x80000000000000003905072Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48c63835fa800eb82022-01-11 12:18:12.085root 11241100x80000000000000003905073Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bdf2e9a7f87ba81c2022-01-11 12:18:12.085root 11241100x80000000000000003905074Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf77204af5c79de32022-01-11 12:18:12.085root 11241100x80000000000000003905075Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed1adc23c20272742022-01-11 12:18:12.085root 11241100x80000000000000003905076Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.edf4cdd4266d2c6e2022-01-11 12:18:12.085root 11241100x80000000000000003905077Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e2171316f7fa1652022-01-11 12:18:12.583root 11241100x80000000000000003905078Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6c67b47cf1542b62022-01-11 12:18:12.583root 11241100x80000000000000003905079Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa8a17171b4766dc2022-01-11 12:18:12.583root 11241100x80000000000000003905080Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.759795d5039d1ad82022-01-11 12:18:12.584root 11241100x80000000000000003905081Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77f6a7acfbf3c7442022-01-11 12:18:12.584root 11241100x80000000000000003905082Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2fef95fe3d8086bb2022-01-11 12:18:12.584root 11241100x80000000000000003905083Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43c21a23b0e6bc172022-01-11 12:18:12.584root 11241100x80000000000000003905084Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.347cf2f333bf37262022-01-11 12:18:12.584root 11241100x80000000000000003905085Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1c239580e4fc1d02022-01-11 12:18:12.584root 11241100x80000000000000003905086Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.725121f7dfe905a02022-01-11 12:18:12.585root 11241100x80000000000000003905087Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.925499d8b77951112022-01-11 12:18:12.585root 11241100x80000000000000003905088Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6021c8be654b01752022-01-11 12:18:12.585root 11241100x80000000000000003905089Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6fbd58cabf04f83e2022-01-11 12:18:12.585root 11241100x80000000000000003905090Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.013056c692a078302022-01-11 12:18:12.586root 11241100x80000000000000003905091Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c42540b0f6dd4d502022-01-11 12:18:12.586root 11241100x80000000000000003905092Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62d89a0f6310742b2022-01-11 12:18:12.586root 11241100x80000000000000003905093Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d49f342e563143dc2022-01-11 12:18:12.586root 11241100x80000000000000003905094Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c30b460a9a03ab52022-01-11 12:18:12.587root 11241100x80000000000000003905095Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7e030442b8d039c2022-01-11 12:18:12.587root 11241100x80000000000000003905096Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ee9ad4a4a6d4c9a2022-01-11 12:18:12.587root 11241100x80000000000000003905097Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66a3fda54338b1bb2022-01-11 12:18:12.587root 11241100x80000000000000003905098Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:12.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5882a14dc27f4bfd2022-01-11 12:18:12.588root 11241100x80000000000000003905099Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66d1cdc51e3700e62022-01-11 12:18:13.084root 11241100x80000000000000003905100Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b3453a8451ec6e72022-01-11 12:18:13.084root 11241100x80000000000000003905101Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3bff0756e1f65db22022-01-11 12:18:13.084root 11241100x80000000000000003905102Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4bc5df798bd571632022-01-11 12:18:13.084root 11241100x80000000000000003905103Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.293000e18580c3522022-01-11 12:18:13.084root 11241100x80000000000000003905104Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5959cdc4a470a4a52022-01-11 12:18:13.084root 11241100x80000000000000003905105Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d7f07ebbd5dc9c12022-01-11 12:18:13.084root 11241100x80000000000000003905106Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be4e2d3ab785dbc32022-01-11 12:18:13.085root 11241100x80000000000000003905107Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.638497c73c926dc02022-01-11 12:18:13.085root 11241100x80000000000000003905108Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.27affb6444dfff162022-01-11 12:18:13.085root 11241100x80000000000000003905109Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0af3f960e0be54b2022-01-11 12:18:13.085root 11241100x80000000000000003905110Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e24df88937a3c912022-01-11 12:18:13.085root 11241100x80000000000000003905111Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2993fe08ea0369332022-01-11 12:18:13.086root 11241100x80000000000000003905112Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.849da916904105042022-01-11 12:18:13.086root 11241100x80000000000000003905113Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f16ad4b28fae38392022-01-11 12:18:13.086root 11241100x80000000000000003905114Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.891db97fa0b8ba012022-01-11 12:18:13.086root 11241100x80000000000000003905115Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a62206b1528b7bf2022-01-11 12:18:13.086root 11241100x80000000000000003905116Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a9fecf43155e12d2022-01-11 12:18:13.086root 11241100x80000000000000003905117Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6dd1526296b01e02022-01-11 12:18:13.086root 11241100x80000000000000003905118Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8153e97e561cfd962022-01-11 12:18:13.086root 354300x80000000000000003905119Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.244{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56240-false10.0.1.12-8000- 11241100x80000000000000003905120Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.266c495be9eda16a2022-01-11 12:18:13.584root 11241100x80000000000000003905121Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4d3c73c2a51e74e2022-01-11 12:18:13.584root 11241100x80000000000000003905122Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.116c2a80f7e0e3202022-01-11 12:18:13.584root 11241100x80000000000000003905123Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce5c3f6a895743782022-01-11 12:18:13.584root 11241100x80000000000000003905124Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a294d6bcf500bba2022-01-11 12:18:13.584root 11241100x80000000000000003905125Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d3d35933d9b28d42022-01-11 12:18:13.584root 11241100x80000000000000003905126Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7c5174dec6633bb2022-01-11 12:18:13.585root 11241100x80000000000000003905127Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d43cb9b5a93c5442022-01-11 12:18:13.585root 11241100x80000000000000003905128Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.caf5dc9d4c5791092022-01-11 12:18:13.585root 11241100x80000000000000003905129Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e88c4c511ba8ca12022-01-11 12:18:13.585root 11241100x80000000000000003905130Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b5d1b0fd23aaa6a22022-01-11 12:18:13.586root 11241100x80000000000000003905131Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc432e401b8b7d272022-01-11 12:18:13.586root 11241100x80000000000000003905132Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.634b55a569462ed22022-01-11 12:18:13.586root 11241100x80000000000000003905133Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7036ed33d6d57e622022-01-11 12:18:13.586root 11241100x80000000000000003905134Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42f832a83a185e162022-01-11 12:18:13.586root 11241100x80000000000000003905135Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2666138fc6c8a90f2022-01-11 12:18:13.586root 11241100x80000000000000003905136Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15e65b8628f83b082022-01-11 12:18:13.586root 11241100x80000000000000003905137Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.070aea4fbc008ea22022-01-11 12:18:13.586root 11241100x80000000000000003905138Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.871ee507071c311a2022-01-11 12:18:13.587root 11241100x80000000000000003905139Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.011f8938ba0f62552022-01-11 12:18:13.587root 11241100x80000000000000003905140Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:13.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f6193288fa4c0c72022-01-11 12:18:13.587root 11241100x80000000000000003905141Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3ed4bb5b27e324f2022-01-11 12:18:14.083root 11241100x80000000000000003905142Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61901b7147f6d91e2022-01-11 12:18:14.083root 11241100x80000000000000003905143Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04de3527a8dcb1a82022-01-11 12:18:14.083root 11241100x80000000000000003905144Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.92d0a9b36a522e212022-01-11 12:18:14.083root 11241100x80000000000000003905145Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0e1632556ed37d92022-01-11 12:18:14.084root 11241100x80000000000000003905146Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce7d212c84caec502022-01-11 12:18:14.084root 11241100x80000000000000003905147Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.daf8047246e18b512022-01-11 12:18:14.084root 11241100x80000000000000003905148Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ecea566dafffc5ec2022-01-11 12:18:14.084root 11241100x80000000000000003905149Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69f7d0d15dc4830c2022-01-11 12:18:14.084root 11241100x80000000000000003905150Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef96bfb104036ae22022-01-11 12:18:14.084root 11241100x80000000000000003905151Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e78f368285b96982022-01-11 12:18:14.084root 11241100x80000000000000003905152Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c87fd14db8b0af02022-01-11 12:18:14.084root 11241100x80000000000000003905153Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ccd2c7fc147f37a52022-01-11 12:18:14.084root 11241100x80000000000000003905154Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2131e7b5019989512022-01-11 12:18:14.084root 11241100x80000000000000003905155Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3214e6c3fe1f0b662022-01-11 12:18:14.085root 11241100x80000000000000003905156Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a5d34819a6a50992022-01-11 12:18:14.085root 11241100x80000000000000003905157Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a63a50bf8c90eb3e2022-01-11 12:18:14.085root 11241100x80000000000000003905158Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86351482dc262f4f2022-01-11 12:18:14.085root 11241100x80000000000000003905159Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f874139a088d6242022-01-11 12:18:14.085root 11241100x80000000000000003905160Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1032d4a7591887ee2022-01-11 12:18:14.085root 11241100x80000000000000003905161Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7724bc018a454f372022-01-11 12:18:14.085root 11241100x80000000000000003905162Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ace3a4df4aded9c2022-01-11 12:18:14.085root 11241100x80000000000000003905163Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff21b2dba2cf1c082022-01-11 12:18:14.085root 11241100x80000000000000003905164Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de882cff4e2554282022-01-11 12:18:14.085root 11241100x80000000000000003905165Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.428622f53beb74d72022-01-11 12:18:14.583root 11241100x80000000000000003905166Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4989e3c06d44e312022-01-11 12:18:14.584root 11241100x80000000000000003905167Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.502844f1b12e77b62022-01-11 12:18:14.584root 11241100x80000000000000003905168Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f54bd098f91708e2022-01-11 12:18:14.584root 11241100x80000000000000003905169Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2bf5981f5a87d3902022-01-11 12:18:14.584root 11241100x80000000000000003905170Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0eb1afcb445286582022-01-11 12:18:14.584root 11241100x80000000000000003905171Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7c2948cfc2ae72d92022-01-11 12:18:14.584root 11241100x80000000000000003905172Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de9ecff339f822482022-01-11 12:18:14.584root 11241100x80000000000000003905173Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ebef1d65158065092022-01-11 12:18:14.584root 11241100x80000000000000003905174Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0af62da29dcacd32022-01-11 12:18:14.585root 11241100x80000000000000003905175Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa64a2b1d259513e2022-01-11 12:18:14.585root 11241100x80000000000000003905176Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.419b54e22a2db7732022-01-11 12:18:14.585root 11241100x80000000000000003905177Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d68a2cc4b4d67ea2022-01-11 12:18:14.585root 11241100x80000000000000003905178Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cbbd7f86a28cc83e2022-01-11 12:18:14.585root 11241100x80000000000000003905179Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfa81a88bd1123c22022-01-11 12:18:14.585root 11241100x80000000000000003905180Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1932ec870ce22b682022-01-11 12:18:14.586root 11241100x80000000000000003905181Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8fccb51a2e2b5f02022-01-11 12:18:14.586root 11241100x80000000000000003905182Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1311838db885cef72022-01-11 12:18:14.586root 11241100x80000000000000003905183Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82c2bc9338a2023d2022-01-11 12:18:14.586root 11241100x80000000000000003905184Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17456603ca0398162022-01-11 12:18:14.586root 11241100x80000000000000003905185Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:14.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7d004f9a811e5672022-01-11 12:18:14.586root 11241100x80000000000000003905186Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ed0d27868e1d1cd2022-01-11 12:18:15.083root 11241100x80000000000000003905187Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d51805da12c8db192022-01-11 12:18:15.083root 11241100x80000000000000003905188Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d19da11a3a0c91d92022-01-11 12:18:15.084root 11241100x80000000000000003905189Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2665702c4f6207e2022-01-11 12:18:15.084root 11241100x80000000000000003905190Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f21afb6a13d77f552022-01-11 12:18:15.084root 11241100x80000000000000003905191Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26059849a26d94552022-01-11 12:18:15.084root 11241100x80000000000000003905192Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2967717e5b8fa4692022-01-11 12:18:15.084root 11241100x80000000000000003905193Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81a206ce7d56caf02022-01-11 12:18:15.084root 11241100x80000000000000003905194Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5435607b76b796222022-01-11 12:18:15.085root 11241100x80000000000000003905195Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.723357837404bfe92022-01-11 12:18:15.085root 11241100x80000000000000003905196Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.87022b2350dde9f72022-01-11 12:18:15.085root 11241100x80000000000000003905197Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e84e3c308122f222022-01-11 12:18:15.085root 11241100x80000000000000003905198Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec973ac4a098453f2022-01-11 12:18:15.085root 11241100x80000000000000003905199Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67511fc5482d8a302022-01-11 12:18:15.085root 11241100x80000000000000003905200Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.618c81a29f95fca62022-01-11 12:18:15.085root 11241100x80000000000000003905201Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3854105a9d05a6832022-01-11 12:18:15.086root 11241100x80000000000000003905202Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d5fd76e25494de92022-01-11 12:18:15.086root 11241100x80000000000000003905203Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.308ce157ccd16ffe2022-01-11 12:18:15.086root 11241100x80000000000000003905204Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c55133381cd7efe22022-01-11 12:18:15.086root 11241100x80000000000000003905205Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c32500df0c7ff9612022-01-11 12:18:15.086root 11241100x80000000000000003905206Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b1ccca0cc3c502e2022-01-11 12:18:15.086root 11241100x80000000000000003905207Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0fc0ef6069f456372022-01-11 12:18:15.086root 11241100x80000000000000003905208Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.087{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5747448953249082022-01-11 12:18:15.087root 11241100x80000000000000003905209Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.94e56ce905ae5bf52022-01-11 12:18:15.583root 11241100x80000000000000003905210Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0318f4d284de66732022-01-11 12:18:15.583root 11241100x80000000000000003905211Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.628da2336a7c048f2022-01-11 12:18:15.584root 11241100x80000000000000003905212Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff35e59f70cbd2b32022-01-11 12:18:15.584root 11241100x80000000000000003905213Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fef9b18162101e032022-01-11 12:18:15.584root 11241100x80000000000000003905214Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe0d714ca32a56d12022-01-11 12:18:15.584root 11241100x80000000000000003905215Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ec4b9e55bea42cd2022-01-11 12:18:15.584root 11241100x80000000000000003905216Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7487717a8a2f08162022-01-11 12:18:15.584root 11241100x80000000000000003905217Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cee34716cb9f17652022-01-11 12:18:15.584root 11241100x80000000000000003905218Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.75d7e5e50058c9b42022-01-11 12:18:15.585root 11241100x80000000000000003905219Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b42f2a5e2fff9deb2022-01-11 12:18:15.585root 11241100x80000000000000003905220Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cff163492543de412022-01-11 12:18:15.585root 11241100x80000000000000003905221Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4cef4442fcf782322022-01-11 12:18:15.585root 11241100x80000000000000003905222Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8ea3a149371630b2022-01-11 12:18:15.585root 11241100x80000000000000003905223Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ba17266e2f19ce12022-01-11 12:18:15.586root 11241100x80000000000000003905224Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90ce93d205e5e6022022-01-11 12:18:15.586root 11241100x80000000000000003905225Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e7798e29dad70f02022-01-11 12:18:15.586root 11241100x80000000000000003905226Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca6bd775a304557e2022-01-11 12:18:15.586root 11241100x80000000000000003905227Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee0b9febea5a91192022-01-11 12:18:15.586root 11241100x80000000000000003905228Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38a800f0475c75582022-01-11 12:18:15.587root 11241100x80000000000000003905229Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a22ebc61a63565b2022-01-11 12:18:15.587root 11241100x80000000000000003905230Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38d781f4541a8abf2022-01-11 12:18:15.587root 11241100x80000000000000003905231Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4eb5c331195504a2022-01-11 12:18:15.587root 11241100x80000000000000003905232Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.587{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e73a182357c4699f2022-01-11 12:18:15.587root 11241100x80000000000000003905233Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e25d6bc697a972f2022-01-11 12:18:15.588root 11241100x80000000000000003905234Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:15.588{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f65602d48039cd522022-01-11 12:18:15.588root 11241100x80000000000000003905235Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0953fc60f18bc4b52022-01-11 12:18:16.083root 11241100x80000000000000003905236Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3de2308a781360b52022-01-11 12:18:16.084root 11241100x80000000000000003905237Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.892f6116c22d6afe2022-01-11 12:18:16.084root 11241100x80000000000000003905238Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.468ed33b938741802022-01-11 12:18:16.084root 11241100x80000000000000003905239Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.797376e189d3c49f2022-01-11 12:18:16.084root 11241100x80000000000000003905240Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.60d1e8565fe01dda2022-01-11 12:18:16.084root 11241100x80000000000000003905241Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c3819507db4f60bd2022-01-11 12:18:16.084root 11241100x80000000000000003905242Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69b5f3695493c96a2022-01-11 12:18:16.084root 11241100x80000000000000003905243Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7baab67090297fb22022-01-11 12:18:16.084root 11241100x80000000000000003905244Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55ada4eccbd91fb72022-01-11 12:18:16.085root 11241100x80000000000000003905245Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9583e0e8729e9b3b2022-01-11 12:18:16.085root 11241100x80000000000000003905246Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee40879208eaa19e2022-01-11 12:18:16.085root 11241100x80000000000000003905247Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1dc7268ff8b626e2022-01-11 12:18:16.085root 11241100x80000000000000003905248Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56ee7774b554a4ce2022-01-11 12:18:16.085root 11241100x80000000000000003905249Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a63b38078f147122022-01-11 12:18:16.085root 11241100x80000000000000003905250Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79048545c42461482022-01-11 12:18:16.085root 11241100x80000000000000003905251Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9dd0f3798e2897c2022-01-11 12:18:16.086root 11241100x80000000000000003905252Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae61d43fa4bc2ade2022-01-11 12:18:16.086root 11241100x80000000000000003905253Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9db350e2602bff2c2022-01-11 12:18:16.086root 11241100x80000000000000003905254Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bde055a8ba65103e2022-01-11 12:18:16.086root 11241100x80000000000000003905255Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32c8d4597269ad272022-01-11 12:18:16.086root 11241100x80000000000000003905256Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c75178e0506a7fd2022-01-11 12:18:16.584root 11241100x80000000000000003905257Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.71198a2f0027c0b72022-01-11 12:18:16.584root 11241100x80000000000000003905258Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.24f7a5a958fbbd052022-01-11 12:18:16.584root 11241100x80000000000000003905259Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.567f4cbc3c0011d92022-01-11 12:18:16.584root 11241100x80000000000000003905260Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2675caa15570ddbd2022-01-11 12:18:16.584root 11241100x80000000000000003905261Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a8487b49342bd1e2022-01-11 12:18:16.584root 11241100x80000000000000003905262Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65abf10cf7be81f92022-01-11 12:18:16.584root 11241100x80000000000000003905263Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.07b9a2c1b93e31182022-01-11 12:18:16.584root 11241100x80000000000000003905264Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbefca617ca5f5e82022-01-11 12:18:16.585root 11241100x80000000000000003905265Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.255a655f6e1b71c92022-01-11 12:18:16.585root 11241100x80000000000000003905266Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19a4a4b9fbc3824e2022-01-11 12:18:16.585root 11241100x80000000000000003905267Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81ad6ef1bb172ec62022-01-11 12:18:16.585root 11241100x80000000000000003905268Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f38bb873037127a2022-01-11 12:18:16.585root 11241100x80000000000000003905269Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23eee873dac43c842022-01-11 12:18:16.585root 11241100x80000000000000003905270Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a2da5e62d72856622022-01-11 12:18:16.585root 11241100x80000000000000003905271Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46d09b4fd3b3c7b62022-01-11 12:18:16.585root 11241100x80000000000000003905272Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49d3b3eeb0068eb62022-01-11 12:18:16.585root 11241100x80000000000000003905273Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d26521df2de5076e2022-01-11 12:18:16.585root 11241100x80000000000000003905274Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e5064ef31a69dbd2022-01-11 12:18:16.585root 11241100x80000000000000003905275Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.64210dda16932eca2022-01-11 12:18:16.585root 11241100x80000000000000003905276Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:16.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.815feeed986a3b272022-01-11 12:18:16.585root 11241100x80000000000000003905277Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1dbf2eb30266be672022-01-11 12:18:17.083root 11241100x80000000000000003905278Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd741f381bfd5dcc2022-01-11 12:18:17.083root 11241100x80000000000000003905279Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6a119e564cb722c2022-01-11 12:18:17.083root 11241100x80000000000000003905280Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19ef2cb9a9fcec5c2022-01-11 12:18:17.083root 11241100x80000000000000003905281Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23a5bc20253ba15d2022-01-11 12:18:17.084root 11241100x80000000000000003905282Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e672be93f2f2ee442022-01-11 12:18:17.084root 11241100x80000000000000003905283Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91b93cc97046a6bf2022-01-11 12:18:17.084root 11241100x80000000000000003905284Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a7a6f3a84fb679f92022-01-11 12:18:17.084root 11241100x80000000000000003905285Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dfd2be0ff59d9ccf2022-01-11 12:18:17.084root 11241100x80000000000000003905286Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.461ab386e2ee91062022-01-11 12:18:17.084root 11241100x80000000000000003905287Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f346d496ea361f72022-01-11 12:18:17.084root 11241100x80000000000000003905288Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3fd2f25102cb3cb52022-01-11 12:18:17.084root 11241100x80000000000000003905289Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d6d7699386c9da22022-01-11 12:18:17.085root 11241100x80000000000000003905290Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa87dc2c572fa1fb2022-01-11 12:18:17.085root 11241100x80000000000000003905291Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b93c31cc82c57b972022-01-11 12:18:17.085root 11241100x80000000000000003905292Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4aafb2a68147b5712022-01-11 12:18:17.085root 11241100x80000000000000003905293Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.14c2382d4a60d8bc2022-01-11 12:18:17.085root 11241100x80000000000000003905294Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9303c40a31501f8a2022-01-11 12:18:17.085root 11241100x80000000000000003905295Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f754e5e4cd7574c22022-01-11 12:18:17.085root 11241100x80000000000000003905296Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f73e1c658765c272022-01-11 12:18:17.085root 11241100x80000000000000003905297Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b8bfa9517831fe872022-01-11 12:18:17.086root 11241100x80000000000000003905298Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac49560362fc142c2022-01-11 12:18:17.086root 11241100x80000000000000003905299Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.086{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.784b13ca20af89f52022-01-11 12:18:17.086root 11241100x80000000000000003905300Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4d0e6a0f2331be162022-01-11 12:18:17.583root 11241100x80000000000000003905301Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0726d6fe3979d78f2022-01-11 12:18:17.583root 11241100x80000000000000003905302Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d21b8d0e46fe4222022-01-11 12:18:17.583root 11241100x80000000000000003905303Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81927349fb3019e82022-01-11 12:18:17.583root 11241100x80000000000000003905304Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ecd8faf2da24823c2022-01-11 12:18:17.584root 11241100x80000000000000003905305Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f9c3b3816bc80772022-01-11 12:18:17.584root 11241100x80000000000000003905306Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.401ffb34a87563cc2022-01-11 12:18:17.584root 11241100x80000000000000003905307Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9a2b488294f912c2022-01-11 12:18:17.584root 11241100x80000000000000003905308Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e23529894159804a2022-01-11 12:18:17.584root 11241100x80000000000000003905309Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.510b9b5c33e8654b2022-01-11 12:18:17.584root 11241100x80000000000000003905310Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6aeb6b538fd720d2022-01-11 12:18:17.584root 11241100x80000000000000003905311Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8cda26723683ac862022-01-11 12:18:17.584root 11241100x80000000000000003905312Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f618536ed03b5d62022-01-11 12:18:17.584root 11241100x80000000000000003905313Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff72861cd1b5cddd2022-01-11 12:18:17.584root 11241100x80000000000000003905314Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bfb543e82bd5654d2022-01-11 12:18:17.584root 11241100x80000000000000003905315Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.546323c4a00db0102022-01-11 12:18:17.585root 11241100x80000000000000003905316Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab21e4953c3da6632022-01-11 12:18:17.585root 11241100x80000000000000003905317Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a4a04ba7509a5402022-01-11 12:18:17.585root 11241100x80000000000000003905318Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca10804cda576a8f2022-01-11 12:18:17.585root 11241100x80000000000000003905319Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.353e60e7762f7dd42022-01-11 12:18:17.585root 11241100x80000000000000003905320Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae49e586973bbc8e2022-01-11 12:18:17.585root 11241100x80000000000000003905321Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1e33eeabf2fe23a2022-01-11 12:18:17.585root 11241100x80000000000000003905322Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:17.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e429fdda14ae43b2022-01-11 12:18:17.585root 11241100x80000000000000003905323Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4a8e3ff410ba30c2022-01-11 12:18:18.083root 11241100x80000000000000003905324Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86d0eb44ec3d883f2022-01-11 12:18:18.083root 11241100x80000000000000003905325Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3341be3c21bde2262022-01-11 12:18:18.083root 11241100x80000000000000003905326Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e9a60a98ce3d9e02022-01-11 12:18:18.083root 11241100x80000000000000003905327Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8743c8f9edaec85e2022-01-11 12:18:18.083root 11241100x80000000000000003905328Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.083{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6b933146a445b272022-01-11 12:18:18.083root 11241100x80000000000000003905329Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e49dc60276eec3d12022-01-11 12:18:18.084root 11241100x80000000000000003905330Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73496d8580a933f72022-01-11 12:18:18.084root 11241100x80000000000000003905331Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd20c90ed4ecda812022-01-11 12:18:18.084root 11241100x80000000000000003905332Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.422cb834293282a42022-01-11 12:18:18.084root 11241100x80000000000000003905333Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7c8c7d16c937d892022-01-11 12:18:18.084root 11241100x80000000000000003905334Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32ce12b031d74a442022-01-11 12:18:18.084root 11241100x80000000000000003905335Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2cf4fd1b24de30d12022-01-11 12:18:18.084root 11241100x80000000000000003905336Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3cc37bc54ba45e92022-01-11 12:18:18.084root 11241100x80000000000000003905337Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4c800fe6065722a2022-01-11 12:18:18.084root 11241100x80000000000000003905338Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4de62d3ba2e532d92022-01-11 12:18:18.084root 11241100x80000000000000003905339Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2251428cfd3860d82022-01-11 12:18:18.084root 11241100x80000000000000003905340Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0f8cf752c69b8832022-01-11 12:18:18.084root 11241100x80000000000000003905341Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.084{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2332dea9f03f4ab62022-01-11 12:18:18.084root 11241100x80000000000000003905342Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3055d66f8e1cd2192022-01-11 12:18:18.085root 11241100x80000000000000003905343Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c90d1474fb376a0e2022-01-11 12:18:18.085root 11241100x80000000000000003905344Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.085{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d644d4c30d602ba2022-01-11 12:18:18.085root 11241100x80000000000000003905345Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c05ef83066c7d6982022-01-11 12:18:18.583root 11241100x80000000000000003905346Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61abb639042328942022-01-11 12:18:18.583root 11241100x80000000000000003905347Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74ac547663d213952022-01-11 12:18:18.583root 11241100x80000000000000003905348Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a821bceeb17bb04a2022-01-11 12:18:18.583root 11241100x80000000000000003905349Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.583{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4622a10b4e1fe7fd2022-01-11 12:18:18.583root 11241100x80000000000000003905350Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.27b48d4159a33f1f2022-01-11 12:18:18.584root 11241100x80000000000000003905351Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.913e974b815d7dae2022-01-11 12:18:18.584root 11241100x80000000000000003905352Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.24e291b6b75947b72022-01-11 12:18:18.584root 11241100x80000000000000003905353Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.304aef772a8a0a142022-01-11 12:18:18.584root 11241100x80000000000000003905354Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12f630a0e7b22cf72022-01-11 12:18:18.584root 11241100x80000000000000003905355Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0e3c20d2d624983e2022-01-11 12:18:18.584root 11241100x80000000000000003905356Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a23ab5f7359417fd2022-01-11 12:18:18.584root 11241100x80000000000000003905357Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.131c241e50a2dbc72022-01-11 12:18:18.585root 11241100x80000000000000003905358Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ecb8be6323c9bf92022-01-11 12:18:18.585root 11241100x80000000000000003905359Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f738a1698c8f8662022-01-11 12:18:18.585root 11241100x80000000000000003905360Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3715c6ff9cac149f2022-01-11 12:18:18.585root 11241100x80000000000000003905361Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.98caf47011431d882022-01-11 12:18:18.585root 11241100x80000000000000003905362Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbde4f7cdeb4ab732022-01-11 12:18:18.585root 11241100x80000000000000003905363Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cdde67f73ff0c2c02022-01-11 12:18:18.585root 11241100x80000000000000003905364Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.24587993d6e83acc2022-01-11 12:18:18.586root 11241100x80000000000000003905365Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b4937e18c8958232022-01-11 12:18:18.586root 11241100x80000000000000003905366Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c3f64d5b57c94d12022-01-11 12:18:18.586root 11241100x80000000000000003905367Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:18.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.150da9f0cae2c1692022-01-11 12:18:18.586root 354300x80000000000000003905368Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.072{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56242-false10.0.1.12-8000- 11241100x80000000000000003905369Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.073{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e49aeb16e391cac22022-01-11 12:18:19.073root 11241100x80000000000000003905370Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.073{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a074df7d889cdee2022-01-11 12:18:19.073root 11241100x80000000000000003905371Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.074{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.916c2b287c93ce462022-01-11 12:18:19.074root 11241100x80000000000000003905372Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.074{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.345b79e0250671f12022-01-11 12:18:19.074root 11241100x80000000000000003905373Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.074{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ecb99c88d162d282022-01-11 12:18:19.074root 11241100x80000000000000003905374Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.074{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c89b4ca74f16e832022-01-11 12:18:19.074root 11241100x80000000000000003905375Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.074{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96697f8f8425159f2022-01-11 12:18:19.074root 11241100x80000000000000003905376Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.074{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83435e2083de3e852022-01-11 12:18:19.074root 11241100x80000000000000003905377Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.074{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f30c3246e5c555ba2022-01-11 12:18:19.074root 11241100x80000000000000003905378Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.075{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19aec5597ce9fe8b2022-01-11 12:18:19.075root 11241100x80000000000000003905379Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.075{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.98e30793947c56bc2022-01-11 12:18:19.075root 11241100x80000000000000003905380Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.075{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0abbc3a7041ffc442022-01-11 12:18:19.075root 11241100x80000000000000003905381Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.075{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.545cfed003d992412022-01-11 12:18:19.075root 11241100x80000000000000003905382Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.075{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97f02e516543497d2022-01-11 12:18:19.075root 11241100x80000000000000003905383Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.075{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d96951641e3daa52022-01-11 12:18:19.075root 11241100x80000000000000003905384Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.075{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7675876dd27ce94a2022-01-11 12:18:19.075root 11241100x80000000000000003905385Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.075{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6e5c1b37baf61972022-01-11 12:18:19.075root 11241100x80000000000000003905386Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.075{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7549e08617a296b2022-01-11 12:18:19.075root 11241100x80000000000000003905387Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.076{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82cfc0b399bf90462022-01-11 12:18:19.076root 11241100x80000000000000003905388Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.076{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51577c444de9b4f82022-01-11 12:18:19.076root 11241100x80000000000000003905389Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.076{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c7d3ab6d3070ae32022-01-11 12:18:19.076root 11241100x80000000000000003905390Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.076{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6898aa24c6b279722022-01-11 12:18:19.076root 11241100x80000000000000003905391Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.076{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f0fea6f8563a42cd2022-01-11 12:18:19.076root 11241100x80000000000000003905392Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.076{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5aa92c2aba18fb8a2022-01-11 12:18:19.076root 11241100x80000000000000003905393Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.026f5d63fb68a99b2022-01-11 12:18:19.334root 11241100x80000000000000003905394Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2e1777ef5f7c2be2022-01-11 12:18:19.334root 11241100x80000000000000003905395Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed5d0382f767a6bf2022-01-11 12:18:19.334root 11241100x80000000000000003905396Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3557b713cb3c0732022-01-11 12:18:19.334root 11241100x80000000000000003905397Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.481f8d403aa082c42022-01-11 12:18:19.334root 11241100x80000000000000003905398Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16418b71f97b73152022-01-11 12:18:19.334root 11241100x80000000000000003905399Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c76244b58dd02bdf2022-01-11 12:18:19.334root 11241100x80000000000000003905400Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c84aa3e71149c852022-01-11 12:18:19.334root 11241100x80000000000000003905401Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2b96752bf68a1192022-01-11 12:18:19.335root 11241100x80000000000000003905402Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d34bcaed730d79182022-01-11 12:18:19.335root 11241100x80000000000000003905403Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1a9afdfa237938f2022-01-11 12:18:19.335root 11241100x80000000000000003905404Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0815df3c0db002662022-01-11 12:18:19.335root 11241100x80000000000000003905405Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95a6dfd2f3d7337f2022-01-11 12:18:19.335root 11241100x80000000000000003905406Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9fbe4753e573ccc2022-01-11 12:18:19.335root 11241100x80000000000000003905407Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8de5f90f68ff4a202022-01-11 12:18:19.336root 11241100x80000000000000003905408Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dffb5c3aa04617ad2022-01-11 12:18:19.336root 11241100x80000000000000003905409Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.208266d7830129f12022-01-11 12:18:19.336root 11241100x80000000000000003905410Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.721a04ee2ed4a4f92022-01-11 12:18:19.336root 11241100x80000000000000003905411Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5b0dc3f9c0f8da82022-01-11 12:18:19.336root 11241100x80000000000000003905412Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff3d80d6019f7fff2022-01-11 12:18:19.336root 11241100x80000000000000003905413Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d97cdcc35d0680a22022-01-11 12:18:19.336root 11241100x80000000000000003905414Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9645c796523e63952022-01-11 12:18:19.337root 11241100x80000000000000003905415Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20b533b545c4649e2022-01-11 12:18:19.833root 11241100x80000000000000003905416Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b561afa849a701c62022-01-11 12:18:19.833root 11241100x80000000000000003905417Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4285cd12aa8a3162022-01-11 12:18:19.834root 11241100x80000000000000003905418Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5406ad14806e5eb2022-01-11 12:18:19.834root 11241100x80000000000000003905419Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9bb8302c5ca8cc4d2022-01-11 12:18:19.834root 11241100x80000000000000003905420Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5799371a8d0cae22022-01-11 12:18:19.834root 11241100x80000000000000003905421Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7852ad98359ccd582022-01-11 12:18:19.834root 11241100x80000000000000003905422Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2c103123233a23b2022-01-11 12:18:19.834root 11241100x80000000000000003905423Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f55a409ab2edf3c2022-01-11 12:18:19.834root 11241100x80000000000000003905424Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc895d1ab6e6efcf2022-01-11 12:18:19.834root 11241100x80000000000000003905425Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20818f3c6791bc542022-01-11 12:18:19.834root 11241100x80000000000000003905426Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93e9e7d467ad16832022-01-11 12:18:19.834root 11241100x80000000000000003905427Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3cd33d2b5f91ef502022-01-11 12:18:19.834root 11241100x80000000000000003905428Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.985a4b7082c42c812022-01-11 12:18:19.835root 11241100x80000000000000003905429Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b8c5bee10028df92022-01-11 12:18:19.835root 11241100x80000000000000003905430Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f38e52f507796f02022-01-11 12:18:19.835root 11241100x80000000000000003905431Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.418bba584a02d2d22022-01-11 12:18:19.835root 11241100x80000000000000003905432Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d233b80b40d03b412022-01-11 12:18:19.835root 11241100x80000000000000003905433Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.140956d58066306a2022-01-11 12:18:19.835root 11241100x80000000000000003905434Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3e1202e36ac78c32022-01-11 12:18:19.835root 11241100x80000000000000003905435Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4582525ab8c372ab2022-01-11 12:18:19.835root 11241100x80000000000000003905436Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:19.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54c2be5fab19c81d2022-01-11 12:18:19.835root 11241100x80000000000000003905437Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7179100cae116b42022-01-11 12:18:20.334root 11241100x80000000000000003905438Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce1a3ffec6df6b3e2022-01-11 12:18:20.334root 11241100x80000000000000003905439Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dbf75a27cc2000012022-01-11 12:18:20.334root 11241100x80000000000000003905440Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4d85ed72934f23dc2022-01-11 12:18:20.335root 11241100x80000000000000003905441Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c6ee3005abf59d92022-01-11 12:18:20.335root 11241100x80000000000000003905442Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93849956d3627e112022-01-11 12:18:20.335root 11241100x80000000000000003905443Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80814fc821ca1aa12022-01-11 12:18:20.336root 11241100x80000000000000003905444Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51f03a8efe1d502e2022-01-11 12:18:20.336root 11241100x80000000000000003905445Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d77cff7e59c9c5602022-01-11 12:18:20.336root 11241100x80000000000000003905446Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d0f6f72af97f33f92022-01-11 12:18:20.336root 11241100x80000000000000003905447Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5361f48b0d997c52022-01-11 12:18:20.336root 11241100x80000000000000003905448Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af3486fdf24bc5792022-01-11 12:18:20.336root 11241100x80000000000000003905449Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4eb90e672ad5c00e2022-01-11 12:18:20.337root 11241100x80000000000000003905450Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de1142b8ff7d23822022-01-11 12:18:20.337root 11241100x80000000000000003905451Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c4d001415b1d8fb2022-01-11 12:18:20.337root 11241100x80000000000000003905452Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26abb756d76b73d32022-01-11 12:18:20.337root 11241100x80000000000000003905453Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.799681dfd9ba10922022-01-11 12:18:20.337root 11241100x80000000000000003905454Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eea14e0ed14e662f2022-01-11 12:18:20.337root 11241100x80000000000000003905455Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.27090cf98975393b2022-01-11 12:18:20.337root 11241100x80000000000000003905456Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5200d7ca192023b2022-01-11 12:18:20.337root 11241100x80000000000000003905457Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb9cd968578574fd2022-01-11 12:18:20.337root 11241100x80000000000000003905458Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f1dd147d75b4a5a2022-01-11 12:18:20.337root 11241100x80000000000000003905459Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0fa6e05abcca86f2022-01-11 12:18:20.833root 11241100x80000000000000003905460Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.adca8f7aa43925732022-01-11 12:18:20.833root 11241100x80000000000000003905461Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9a861e70220f7742022-01-11 12:18:20.834root 11241100x80000000000000003905462Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4577bac74641104a2022-01-11 12:18:20.834root 11241100x80000000000000003905463Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.882b583df35997142022-01-11 12:18:20.834root 11241100x80000000000000003905464Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8906698ad8b36e232022-01-11 12:18:20.834root 11241100x80000000000000003905465Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77d331464bdbb4362022-01-11 12:18:20.834root 11241100x80000000000000003905466Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4180b0fc2fde63362022-01-11 12:18:20.834root 11241100x80000000000000003905467Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0624e2f1cf0702bc2022-01-11 12:18:20.834root 11241100x80000000000000003905468Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.428a66a2ecdd91112022-01-11 12:18:20.834root 11241100x80000000000000003905469Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08397c6c3633d4552022-01-11 12:18:20.834root 11241100x80000000000000003905470Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6e4d1ee7172b1cc2022-01-11 12:18:20.834root 11241100x80000000000000003905471Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97850ccdbecfc15b2022-01-11 12:18:20.835root 11241100x80000000000000003905472Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3f981ffa8d1d8ae2022-01-11 12:18:20.835root 11241100x80000000000000003905473Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f34aa75b560c1892022-01-11 12:18:20.835root 11241100x80000000000000003905474Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9df1e571af42d7cc2022-01-11 12:18:20.835root 11241100x80000000000000003905475Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad61140a8fa75c342022-01-11 12:18:20.835root 11241100x80000000000000003905476Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e070c0f6339644eb2022-01-11 12:18:20.835root 11241100x80000000000000003905477Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49380a45a4d6e0092022-01-11 12:18:20.835root 11241100x80000000000000003905478Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d5f47439411fb332022-01-11 12:18:20.836root 11241100x80000000000000003905479Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83e9ad33c3c039c22022-01-11 12:18:20.836root 11241100x80000000000000003905480Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:20.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9de44f2d3a4ff6db2022-01-11 12:18:20.836root 11241100x80000000000000003905481Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a661b7670f7e2352022-01-11 12:18:21.334root 11241100x80000000000000003905482Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.783a3af25bb202de2022-01-11 12:18:21.334root 11241100x80000000000000003905483Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d56aff0a638ba6da2022-01-11 12:18:21.334root 11241100x80000000000000003905484Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ebc00cb6a4f104d2022-01-11 12:18:21.335root 11241100x80000000000000003905485Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b339aa2b7082c1e42022-01-11 12:18:21.335root 11241100x80000000000000003905486Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da85f4adb31fb3ee2022-01-11 12:18:21.335root 11241100x80000000000000003905487Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.28e791d832b0f00e2022-01-11 12:18:21.335root 11241100x80000000000000003905488Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa902af7ead74fdf2022-01-11 12:18:21.335root 11241100x80000000000000003905489Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6de3b03dcebf15e2022-01-11 12:18:21.335root 11241100x80000000000000003905490Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.336873986393e8482022-01-11 12:18:21.336root 11241100x80000000000000003905491Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.060ec81d73f8b5702022-01-11 12:18:21.336root 11241100x80000000000000003905492Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3841fb3a71f702c92022-01-11 12:18:21.336root 11241100x80000000000000003905493Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b09dce4cd4e2db7d2022-01-11 12:18:21.336root 11241100x80000000000000003905494Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97f37424a579536c2022-01-11 12:18:21.336root 11241100x80000000000000003905495Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e7ce147898d15cd2022-01-11 12:18:21.336root 11241100x80000000000000003905496Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4418c6e3264f3bd82022-01-11 12:18:21.336root 11241100x80000000000000003905497Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8fa9e6fff57778682022-01-11 12:18:21.336root 11241100x80000000000000003905498Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5f16f1e7c51357e2022-01-11 12:18:21.336root 11241100x80000000000000003905499Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e22970ce7ba457202022-01-11 12:18:21.336root 11241100x80000000000000003905500Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84e8fd94768165152022-01-11 12:18:21.336root 11241100x80000000000000003905501Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2958f7b3fc09ed102022-01-11 12:18:21.338root 11241100x80000000000000003905502Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91a5c21330a56f922022-01-11 12:18:21.338root 11241100x80000000000000003905503Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.87d305844c5ab2bc2022-01-11 12:18:21.338root 11241100x80000000000000003905504Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9f96cdff016b8342022-01-11 12:18:21.338root 11241100x80000000000000003905505Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.748209391cca9ca12022-01-11 12:18:21.338root 11241100x80000000000000003905506Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ac0dcc3a03b2f632022-01-11 12:18:21.338root 11241100x80000000000000003905507Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42ef9729fd365a462022-01-11 12:18:21.338root 11241100x80000000000000003905508Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.338{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e917bddeed623972022-01-11 12:18:21.338root 11241100x80000000000000003905509Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae8d0571813255ae2022-01-11 12:18:21.833root 11241100x80000000000000003905510Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51a68ee9584f8b062022-01-11 12:18:21.833root 11241100x80000000000000003905511Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dcb1b33809307ab22022-01-11 12:18:21.833root 11241100x80000000000000003905512Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f31aa733828cd9c2022-01-11 12:18:21.834root 11241100x80000000000000003905513Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9dd24c684346fadd2022-01-11 12:18:21.834root 11241100x80000000000000003905514Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.24145395096c72332022-01-11 12:18:21.834root 11241100x80000000000000003905515Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2685c7ebbc580ee22022-01-11 12:18:21.834root 11241100x80000000000000003905516Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9321e6af89739f5a2022-01-11 12:18:21.835root 11241100x80000000000000003905517Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c21fb5fdd3932472022-01-11 12:18:21.835root 11241100x80000000000000003905518Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d645e5ca2f228fe2022-01-11 12:18:21.835root 11241100x80000000000000003905519Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d381b4ac6749f122022-01-11 12:18:21.835root 11241100x80000000000000003905520Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.425d7f282f0f621d2022-01-11 12:18:21.835root 11241100x80000000000000003905521Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3a407bbcf141e4bf2022-01-11 12:18:21.835root 11241100x80000000000000003905522Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee6848283a84b80c2022-01-11 12:18:21.835root 11241100x80000000000000003905523Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec85b2f5399b2c682022-01-11 12:18:21.836root 11241100x80000000000000003905524Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e5ee0a63af145c772022-01-11 12:18:21.836root 11241100x80000000000000003905525Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dff62161e45a7a5a2022-01-11 12:18:21.836root 11241100x80000000000000003905526Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bbaa659cf1ea119a2022-01-11 12:18:21.836root 11241100x80000000000000003905527Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ff160bcb7db8e5a2022-01-11 12:18:21.836root 11241100x80000000000000003905528Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.71af8071f95192402022-01-11 12:18:21.836root 11241100x80000000000000003905529Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.edad98082775c37a2022-01-11 12:18:21.836root 11241100x80000000000000003905530Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:21.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e160c4d20bf4d822022-01-11 12:18:21.836root 11241100x80000000000000003905531Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d19e0c031a30f5202022-01-11 12:18:22.334root 11241100x80000000000000003905532Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.567aabb1d531ad312022-01-11 12:18:22.334root 11241100x80000000000000003905533Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0752fc4d541b8f102022-01-11 12:18:22.334root 11241100x80000000000000003905534Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.068380276e2cf8df2022-01-11 12:18:22.334root 11241100x80000000000000003905535Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b12353528198dbe2022-01-11 12:18:22.334root 11241100x80000000000000003905536Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de40c2c9a064a70c2022-01-11 12:18:22.334root 11241100x80000000000000003905537Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11009e2f174f3d652022-01-11 12:18:22.335root 11241100x80000000000000003905538Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f5315f86f9d54e0c2022-01-11 12:18:22.335root 11241100x80000000000000003905539Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1471195ba8a1435d2022-01-11 12:18:22.335root 11241100x80000000000000003905540Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc4cbcf43874ba1e2022-01-11 12:18:22.335root 11241100x80000000000000003905541Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b8db050790caf042022-01-11 12:18:22.335root 11241100x80000000000000003905542Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a732162ea1de9452022-01-11 12:18:22.335root 11241100x80000000000000003905543Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4ad347214d6937d2022-01-11 12:18:22.335root 11241100x80000000000000003905544Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5fd4cc26c1a302b22022-01-11 12:18:22.335root 11241100x80000000000000003905545Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4a65b240c1e2e692022-01-11 12:18:22.335root 11241100x80000000000000003905546Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01be0f05d16f73ae2022-01-11 12:18:22.336root 11241100x80000000000000003905547Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ebdfc51fae862922022-01-11 12:18:22.336root 11241100x80000000000000003905548Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a9695613ff4cc632022-01-11 12:18:22.336root 11241100x80000000000000003905549Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.868e10feae7ad59e2022-01-11 12:18:22.336root 11241100x80000000000000003905550Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd502305974eb8182022-01-11 12:18:22.336root 11241100x80000000000000003905551Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cab70e1539cfea7e2022-01-11 12:18:22.336root 11241100x80000000000000003905552Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.611abbf4ada3f28b2022-01-11 12:18:22.336root 11241100x80000000000000003905553Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7593f0e41ddbc28f2022-01-11 12:18:22.834root 11241100x80000000000000003905554Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b9c999ad7c4d58b2022-01-11 12:18:22.834root 11241100x80000000000000003905555Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db0b2b4fef9f4acc2022-01-11 12:18:22.834root 11241100x80000000000000003905556Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ee4e6923f2e709d2022-01-11 12:18:22.834root 11241100x80000000000000003905557Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9004aa3809f796a2022-01-11 12:18:22.835root 11241100x80000000000000003905558Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.547e2372105fa7ed2022-01-11 12:18:22.835root 11241100x80000000000000003905559Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d9950bc46a89d122022-01-11 12:18:22.835root 11241100x80000000000000003905560Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.58f94d790cf4b53c2022-01-11 12:18:22.835root 11241100x80000000000000003905561Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7eefdb81f2a51b82022-01-11 12:18:22.835root 11241100x80000000000000003905562Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b07b472a394f5fc2022-01-11 12:18:22.835root 11241100x80000000000000003905563Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d35b1975c8cbe4052022-01-11 12:18:22.836root 11241100x80000000000000003905564Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e5f27e7d52b37742022-01-11 12:18:22.836root 11241100x80000000000000003905565Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.964dd91d44da6b3c2022-01-11 12:18:22.836root 11241100x80000000000000003905566Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8ada7ef82dcbacd2022-01-11 12:18:22.836root 11241100x80000000000000003905567Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e06409f780af9bb42022-01-11 12:18:22.836root 11241100x80000000000000003905568Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1975662694172fd2022-01-11 12:18:22.836root 11241100x80000000000000003905569Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f70807e4def22892022-01-11 12:18:22.836root 11241100x80000000000000003905570Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79914326d01a012c2022-01-11 12:18:22.836root 11241100x80000000000000003905571Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1185d04b870309162022-01-11 12:18:22.836root 11241100x80000000000000003905572Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02e7c0753b1abc642022-01-11 12:18:22.836root 11241100x80000000000000003905573Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac71d993c15153372022-01-11 12:18:22.837root 11241100x80000000000000003905574Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:22.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.106c28c2071292422022-01-11 12:18:22.837root 11241100x80000000000000003905575Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e8283a2296e0e6d2022-01-11 12:18:23.334root 11241100x80000000000000003905576Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5542b1a0b23fbf682022-01-11 12:18:23.334root 11241100x80000000000000003905577Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7cedd20cd5f41872022-01-11 12:18:23.334root 11241100x80000000000000003905578Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.865bc3b7f9e8ab3b2022-01-11 12:18:23.334root 11241100x80000000000000003905579Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41d5d7d9a36b7e032022-01-11 12:18:23.334root 11241100x80000000000000003905580Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.797cbca21c732f9a2022-01-11 12:18:23.334root 11241100x80000000000000003905581Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f3ff66700d9a1cd62022-01-11 12:18:23.334root 11241100x80000000000000003905582Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3820eb98fc3bab592022-01-11 12:18:23.334root 11241100x80000000000000003905583Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d62f0f309ecf4952022-01-11 12:18:23.335root 11241100x80000000000000003905584Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f77727d13b9a25a2022-01-11 12:18:23.335root 11241100x80000000000000003905585Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa9093bb0db933ef2022-01-11 12:18:23.335root 11241100x80000000000000003905586Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95cdfc6bf31afec32022-01-11 12:18:23.335root 11241100x80000000000000003905587Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62c532c7dc06f5902022-01-11 12:18:23.335root 11241100x80000000000000003905588Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc436b64b7882d392022-01-11 12:18:23.335root 11241100x80000000000000003905589Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9074841f6619f1a32022-01-11 12:18:23.335root 11241100x80000000000000003905590Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f3b8459e8532c70a2022-01-11 12:18:23.335root 11241100x80000000000000003905591Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a171c952fbd271412022-01-11 12:18:23.335root 11241100x80000000000000003905592Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a73c09a80d84edf82022-01-11 12:18:23.335root 11241100x80000000000000003905593Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1e807bc8a6eea4fd2022-01-11 12:18:23.335root 11241100x80000000000000003905594Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5347ff6b492151d2022-01-11 12:18:23.336root 11241100x80000000000000003905595Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2cc1dcc849356b442022-01-11 12:18:23.336root 11241100x80000000000000003905596Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad6e2dd38603dff62022-01-11 12:18:23.336root 11241100x80000000000000003905597Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ea93e652e0ea6b12022-01-11 12:18:23.834root 11241100x80000000000000003905598Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be7da126f466870b2022-01-11 12:18:23.834root 11241100x80000000000000003905599Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0957041508beee8a2022-01-11 12:18:23.834root 11241100x80000000000000003905600Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5dd296f87c7cce482022-01-11 12:18:23.834root 11241100x80000000000000003905601Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.932c3e5e5dbde9d32022-01-11 12:18:23.834root 11241100x80000000000000003905602Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bca9f17b388b75ad2022-01-11 12:18:23.834root 11241100x80000000000000003905603Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.565bd77e0427fdef2022-01-11 12:18:23.834root 11241100x80000000000000003905604Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6cfceca97ed9d0852022-01-11 12:18:23.834root 11241100x80000000000000003905605Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d7e17741b19d5882022-01-11 12:18:23.834root 11241100x80000000000000003905606Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d90924cf8df27d0a2022-01-11 12:18:23.835root 11241100x80000000000000003905607Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.60e9ad55eca4b0e02022-01-11 12:18:23.835root 11241100x80000000000000003905608Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b9459d48f6d26aa62022-01-11 12:18:23.835root 11241100x80000000000000003905609Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fb32556fd46e0a82022-01-11 12:18:23.835root 11241100x80000000000000003905610Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89922e5378e003812022-01-11 12:18:23.835root 11241100x80000000000000003905611Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ee0db26fceaa6ab2022-01-11 12:18:23.835root 11241100x80000000000000003905612Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06a7ad9ae431807b2022-01-11 12:18:23.836root 11241100x80000000000000003905613Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c47de9f8603c2ee2022-01-11 12:18:23.836root 11241100x80000000000000003905614Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0df0eccc382a1162022-01-11 12:18:23.836root 11241100x80000000000000003905615Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.530be859107b16bb2022-01-11 12:18:23.836root 11241100x80000000000000003905616Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c307154400538282022-01-11 12:18:23.836root 11241100x80000000000000003905617Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db03ed68426cdce52022-01-11 12:18:23.836root 11241100x80000000000000003905618Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:23.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66a2c0cbef5ff2352022-01-11 12:18:23.836root 354300x80000000000000003905619Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.191{ec2d504d-f101-61db-5175-3a0400000000}5464/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.25-56244-false10.0.1.12-8000- 11241100x80000000000000003905620Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.192{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8079d8cdab95c71b2022-01-11 12:18:24.192root 11241100x80000000000000003905621Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.192{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bdf7ce96252cbe462022-01-11 12:18:24.192root 11241100x80000000000000003905622Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.192{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57c5c115224e45762022-01-11 12:18:24.192root 11241100x80000000000000003905623Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.192{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd8b8d9867bf0dd22022-01-11 12:18:24.192root 11241100x80000000000000003905624Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.192{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.343b31df65b5d0d82022-01-11 12:18:24.192root 11241100x80000000000000003905625Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.192{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8852aaf6047b9cb2022-01-11 12:18:24.192root 11241100x80000000000000003905626Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.192{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4299cacd812756452022-01-11 12:18:24.192root 11241100x80000000000000003905627Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.193{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48e87b6b57274bff2022-01-11 12:18:24.193root 11241100x80000000000000003905628Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.193{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e583f1f31fb5419b2022-01-11 12:18:24.193root 11241100x80000000000000003905629Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.193{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10a9c04b544216462022-01-11 12:18:24.193root 11241100x80000000000000003905630Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.193{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7942eb9bc9acfe662022-01-11 12:18:24.193root 11241100x80000000000000003905631Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.193{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f09603c6f8d619f2022-01-11 12:18:24.193root 11241100x80000000000000003905632Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.193{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d96a15814763039e2022-01-11 12:18:24.193root 11241100x80000000000000003905633Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.194{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.218284bae2ba98352022-01-11 12:18:24.194root 11241100x80000000000000003905634Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.194{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d108bc5a84782e162022-01-11 12:18:24.194root 11241100x80000000000000003905635Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.194{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb041059c7365a0b2022-01-11 12:18:24.194root 11241100x80000000000000003905636Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.194{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11c4436833a966ad2022-01-11 12:18:24.194root 11241100x80000000000000003905637Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.194{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ee3d17fb5724b3452022-01-11 12:18:24.194root 11241100x80000000000000003905638Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.194{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5bcfb8728521601f2022-01-11 12:18:24.194root 11241100x80000000000000003905639Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.194{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15f08f0df958bf4f2022-01-11 12:18:24.194root 11241100x80000000000000003905640Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.194{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d495bbc718be50d2022-01-11 12:18:24.194root 11241100x80000000000000003905641Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.194{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ebab2ebd85504da2022-01-11 12:18:24.194root 11241100x80000000000000003905642Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.194{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50e2ec596d5914552022-01-11 12:18:24.194root 11241100x80000000000000003905643Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.194{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a80bc15b7bed346b2022-01-11 12:18:24.194root 11241100x80000000000000003905644Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.194{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ac8c347c800f2d12022-01-11 12:18:24.194root 11241100x80000000000000003905645Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.194{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2665f7378572e342022-01-11 12:18:24.194root 11241100x80000000000000003905646Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.195{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d5310d7dd562bb62022-01-11 12:18:24.195root 11241100x80000000000000003905647Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.195{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39300a674b69d10b2022-01-11 12:18:24.195root 11241100x80000000000000003905648Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.20821beb1d9a134f2022-01-11 12:18:24.584root 11241100x80000000000000003905649Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d17593e6b5ca57f2022-01-11 12:18:24.584root 11241100x80000000000000003905650Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f4e869f17082cf12022-01-11 12:18:24.584root 11241100x80000000000000003905651Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.584{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb75c3bb436f160e2022-01-11 12:18:24.584root 11241100x80000000000000003905652Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d9685fbf4e554de2022-01-11 12:18:24.585root 11241100x80000000000000003905653Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aab92ac2db9004c32022-01-11 12:18:24.585root 11241100x80000000000000003905654Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea13d948c1b1ef852022-01-11 12:18:24.585root 11241100x80000000000000003905655Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8dfff6661ac13c702022-01-11 12:18:24.585root 11241100x80000000000000003905656Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88859e654897e77d2022-01-11 12:18:24.585root 11241100x80000000000000003905657Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f5872d231fb26fec2022-01-11 12:18:24.585root 11241100x80000000000000003905658Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e25866ab03d59c322022-01-11 12:18:24.585root 11241100x80000000000000003905659Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad302540d133a6b62022-01-11 12:18:24.585root 11241100x80000000000000003905660Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a67b6e8247621d8d2022-01-11 12:18:24.585root 11241100x80000000000000003905661Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.585{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc517748cb3b10a32022-01-11 12:18:24.585root 11241100x80000000000000003905662Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18f9dc4685043a2b2022-01-11 12:18:24.586root 11241100x80000000000000003905663Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4471a43630c4f7fd2022-01-11 12:18:24.586root 11241100x80000000000000003905664Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b5ba7aa5375c5ee2022-01-11 12:18:24.586root 11241100x80000000000000003905665Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19c95c5aa0ebf8b62022-01-11 12:18:24.586root 11241100x80000000000000003905666Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76940c475db2db9a2022-01-11 12:18:24.586root 11241100x80000000000000003905667Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44b7a09b061373a82022-01-11 12:18:24.586root 11241100x80000000000000003905668Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a02ae427fdee97342022-01-11 12:18:24.586root 11241100x80000000000000003905669Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50ab1d117f5599362022-01-11 12:18:24.586root 11241100x80000000000000003905670Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.586{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4cf4f35c68dfefc12022-01-11 12:18:24.586root 11241100x80000000000000003905671Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.896{ec2d504d-f0f9-61db-30a8-2a40f5550000}5391/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log2022-01-11 12:18:24.896root 11241100x80000000000000003905672Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.951c9e169b9a4e8b2022-01-11 12:18:24.897root 11241100x80000000000000003905673Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a91fc48bfdcc12e2022-01-11 12:18:24.897root 11241100x80000000000000003905674Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2bff53d9ee0c7f432022-01-11 12:18:24.897root 11241100x80000000000000003905675Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4af7e72e1dc685862022-01-11 12:18:24.897root 11241100x80000000000000003905676Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f3db165c71168b02022-01-11 12:18:24.897root 11241100x80000000000000003905677Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.66e66383da5cbb882022-01-11 12:18:24.897root 11241100x80000000000000003905678Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96a4eb920f634b882022-01-11 12:18:24.897root 11241100x80000000000000003905679Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02c799bd13e6f27f2022-01-11 12:18:24.897root 11241100x80000000000000003905680Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4a9739a63cfecc4d2022-01-11 12:18:24.897root 11241100x80000000000000003905681Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d9ce3755823992e2022-01-11 12:18:24.897root 11241100x80000000000000003905682Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80624cde4c24fc6b2022-01-11 12:18:24.897root 11241100x80000000000000003905683Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.897{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5aa793b417ba5462022-01-11 12:18:24.897root 11241100x80000000000000003905684Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68640ae69d22f24e2022-01-11 12:18:24.898root 11241100x80000000000000003905685Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.678174b5985d92522022-01-11 12:18:24.898root 11241100x80000000000000003905686Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e05e8c6b520b95e2022-01-11 12:18:24.898root 11241100x80000000000000003905687Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.124160771e224f592022-01-11 12:18:24.898root 11241100x80000000000000003905688Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3698ac043d613f022022-01-11 12:18:24.898root 11241100x80000000000000003905689Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10f40a4a62c31f4f2022-01-11 12:18:24.898root 11241100x80000000000000003905690Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25fede11cc3f52252022-01-11 12:18:24.898root 11241100x80000000000000003905691Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c048ac08d4d8f22a2022-01-11 12:18:24.898root 11241100x80000000000000003905692Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8ec34e7a329d3132022-01-11 12:18:24.898root 11241100x80000000000000003905693Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.898{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0f04d47019f184a2022-01-11 12:18:24.898root 11241100x80000000000000003905694Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.899{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e87077afbced6e2a2022-01-11 12:18:24.899root 11241100x80000000000000003905695Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.899{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.198291967294bad42022-01-11 12:18:24.899root 11241100x80000000000000003905696Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.899{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c79e5126ae2b41f2022-01-11 12:18:24.899root 11241100x80000000000000003905697Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.899{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3809cdaf3fe37bdb2022-01-11 12:18:24.899root 11241100x80000000000000003905698Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.899{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f9ab143ea04b741e2022-01-11 12:18:24.899root 354300x80000000000000003905699Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:24.942{ec2d504d-f0f9-61db-30a8-2a40f5550000}5391/opt/splunkforwarder/bin/splunkdroottcptruefalse10.0.1.25-34178-false10.0.1.12-8089- 11241100x80000000000000003905700Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06eefd92ee2415992022-01-11 12:18:25.333root 11241100x80000000000000003905701Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6abc7403349295d2022-01-11 12:18:25.333root 11241100x80000000000000003905702Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.083a32cfd82aed8d2022-01-11 12:18:25.334root 11241100x80000000000000003905703Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c70366440716eed2022-01-11 12:18:25.334root 11241100x80000000000000003905704Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.492c9e7532d09a8a2022-01-11 12:18:25.334root 11241100x80000000000000003905705Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d5b34c5dd88f7cf2022-01-11 12:18:25.334root 11241100x80000000000000003905706Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.25dbf1804fb66bd92022-01-11 12:18:25.334root 11241100x80000000000000003905707Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f79f80cafdb1b1972022-01-11 12:18:25.334root 11241100x80000000000000003905708Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c6b89c04b655ed02022-01-11 12:18:25.335root 11241100x80000000000000003905709Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3714d39a5b03a31d2022-01-11 12:18:25.335root 11241100x80000000000000003905710Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a739b320f2d84742022-01-11 12:18:25.335root 11241100x80000000000000003905711Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4711bc6bacc1d1d02022-01-11 12:18:25.335root 11241100x80000000000000003905712Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.102050e496aa60bd2022-01-11 12:18:25.335root 11241100x80000000000000003905713Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1d6de4b500b4ae02022-01-11 12:18:25.335root 11241100x80000000000000003905714Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.775715bde03c73022022-01-11 12:18:25.335root 11241100x80000000000000003905715Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8a635627e86d8be2022-01-11 12:18:25.335root 11241100x80000000000000003905716Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8440d6352a1b84932022-01-11 12:18:25.336root 11241100x80000000000000003905717Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.381fc4f37d0a31332022-01-11 12:18:25.336root 11241100x80000000000000003905718Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d21f757d3fc52722022-01-11 12:18:25.336root 11241100x80000000000000003905719Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7f875c49631cab462022-01-11 12:18:25.336root 11241100x80000000000000003905720Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54c52d38006036062022-01-11 12:18:25.336root 11241100x80000000000000003905721Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc747aba3666d1f32022-01-11 12:18:25.336root 11241100x80000000000000003905722Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4d11844ff1d2e2b2022-01-11 12:18:25.336root 11241100x80000000000000003905723Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b352e63b46f1ce992022-01-11 12:18:25.336root 11241100x80000000000000003905724Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9624e97e5233ff5c2022-01-11 12:18:25.336root 11241100x80000000000000003905725Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00dce7b0678e1de02022-01-11 12:18:25.833root 11241100x80000000000000003905726Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5ba1e59c6eb749302022-01-11 12:18:25.833root 11241100x80000000000000003905727Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69eec3015c175e1e2022-01-11 12:18:25.834root 11241100x80000000000000003905728Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1ba66148c46db592022-01-11 12:18:25.834root 11241100x80000000000000003905729Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d86519c2864be7a2022-01-11 12:18:25.834root 11241100x80000000000000003905730Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95cab08581cd42dc2022-01-11 12:18:25.835root 11241100x80000000000000003905731Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc4807412a16da4f2022-01-11 12:18:25.835root 11241100x80000000000000003905732Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6ccc690921f5409e2022-01-11 12:18:25.835root 11241100x80000000000000003905733Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2bb982edf32de5e52022-01-11 12:18:25.835root 11241100x80000000000000003905734Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef3819c028c841442022-01-11 12:18:25.835root 11241100x80000000000000003905735Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.94279a79ebd32f9e2022-01-11 12:18:25.835root 11241100x80000000000000003905736Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c01670231d7535bc2022-01-11 12:18:25.835root 11241100x80000000000000003905737Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1c2523498aeb7c92022-01-11 12:18:25.835root 11241100x80000000000000003905738Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.868766cf6a048d262022-01-11 12:18:25.835root 11241100x80000000000000003905739Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb31a68382977ab82022-01-11 12:18:25.835root 11241100x80000000000000003905740Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48e74d67f821816c2022-01-11 12:18:25.836root 11241100x80000000000000003905741Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8834ce60d64cbd332022-01-11 12:18:25.836root 11241100x80000000000000003905742Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.743539803464cf912022-01-11 12:18:25.836root 11241100x80000000000000003905743Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.24b61edc5a89da102022-01-11 12:18:25.836root 11241100x80000000000000003905744Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93656c7304173ccf2022-01-11 12:18:25.836root 11241100x80000000000000003905745Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0defb93938410502022-01-11 12:18:25.836root 11241100x80000000000000003905746Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02f91db09e16e7dd2022-01-11 12:18:25.836root 11241100x80000000000000003905747Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69946a7061c4c4ba2022-01-11 12:18:25.836root 11241100x80000000000000003905748Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0809f834f340df72022-01-11 12:18:25.836root 11241100x80000000000000003905749Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9736d51f986db7bd2022-01-11 12:18:25.836root 11241100x80000000000000003905750Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c5d1cd4ce11bfe22022-01-11 12:18:25.836root 11241100x80000000000000003905751Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36e41e7a72ca763c2022-01-11 12:18:25.836root 11241100x80000000000000003905752Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53f81e942ff9bb5e2022-01-11 12:18:25.836root 11241100x80000000000000003905753Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:25.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35429f6dddd4162a2022-01-11 12:18:25.836root 11241100x80000000000000003905754Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2291900edf829f052022-01-11 12:18:26.333root 11241100x80000000000000003905755Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d05b9c5de7afacb2022-01-11 12:18:26.333root 11241100x80000000000000003905756Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7bffc5ae752eb0832022-01-11 12:18:26.333root 11241100x80000000000000003905757Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7fad2184bd337e092022-01-11 12:18:26.334root 11241100x80000000000000003905758Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69e8603a1aae62792022-01-11 12:18:26.334root 11241100x80000000000000003905759Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0892f6a76490d6922022-01-11 12:18:26.334root 11241100x80000000000000003905760Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.023e29be4b289d1d2022-01-11 12:18:26.334root 11241100x80000000000000003905761Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.94150ee1efa8bfeb2022-01-11 12:18:26.334root 11241100x80000000000000003905762Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5dd1c052d56de11e2022-01-11 12:18:26.334root 11241100x80000000000000003905763Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4f499ac7b14b6602022-01-11 12:18:26.334root 11241100x80000000000000003905764Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8437962668d40d822022-01-11 12:18:26.334root 11241100x80000000000000003905765Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.752d23ab111cc6122022-01-11 12:18:26.334root 11241100x80000000000000003905766Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f4b781bdc6adab22022-01-11 12:18:26.334root 11241100x80000000000000003905767Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7cab0f3cd89a4e802022-01-11 12:18:26.334root 11241100x80000000000000003905768Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3147e89a019d7e8d2022-01-11 12:18:26.334root 11241100x80000000000000003905769Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8ef815e3d570cdf2022-01-11 12:18:26.334root 11241100x80000000000000003905770Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b56c6afb332bef82022-01-11 12:18:26.335root 11241100x80000000000000003905771Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f1fac6917a7fdbf2022-01-11 12:18:26.335root 11241100x80000000000000003905772Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b51de4a410c5b3bd2022-01-11 12:18:26.335root 11241100x80000000000000003905773Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b46495b8b7f897e2022-01-11 12:18:26.335root 11241100x80000000000000003905774Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90942a6a9f8ca09f2022-01-11 12:18:26.335root 11241100x80000000000000003905775Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f8beee67027c629c2022-01-11 12:18:26.335root 11241100x80000000000000003905776Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe67bb35ba92a78e2022-01-11 12:18:26.335root 11241100x80000000000000003905777Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.31783b150710c0262022-01-11 12:18:26.335root 11241100x80000000000000003905778Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00cd5ddfb5b5f4fe2022-01-11 12:18:26.335root 11241100x80000000000000003905779Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7eaaf0e3367f69f2022-01-11 12:18:26.833root 11241100x80000000000000003905780Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.69755f30a5d57fe72022-01-11 12:18:26.833root 11241100x80000000000000003905781Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e359e1c37898ef802022-01-11 12:18:26.833root 11241100x80000000000000003905782Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.833{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb73db00b6ba56d62022-01-11 12:18:26.833root 11241100x80000000000000003905783Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef6668db5e4c98fc2022-01-11 12:18:26.834root 11241100x80000000000000003905784Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4571907d332116ef2022-01-11 12:18:26.834root 11241100x80000000000000003905785Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.883c464dc14899c22022-01-11 12:18:26.834root 11241100x80000000000000003905786Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ac601feecaaa6fa2022-01-11 12:18:26.834root 11241100x80000000000000003905787Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2051e6c6c1414fa52022-01-11 12:18:26.834root 11241100x80000000000000003905788Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dac72ed833865f692022-01-11 12:18:26.834root 11241100x80000000000000003905789Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.894a08fefc3e3ec92022-01-11 12:18:26.834root 11241100x80000000000000003905790Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3424241acd59eae72022-01-11 12:18:26.834root 11241100x80000000000000003905791Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.145c02a41e4d1d352022-01-11 12:18:26.834root 11241100x80000000000000003905792Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c572d6ba60933bef2022-01-11 12:18:26.834root 11241100x80000000000000003905793Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18343cdf8f44c91d2022-01-11 12:18:26.835root 11241100x80000000000000003905794Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.975442608737846d2022-01-11 12:18:26.835root 11241100x80000000000000003905795Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.28f5da404ff963152022-01-11 12:18:26.835root 11241100x80000000000000003905796Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac56853785b6d9d22022-01-11 12:18:26.835root 11241100x80000000000000003905797Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.576412e593a88caf2022-01-11 12:18:26.835root 11241100x80000000000000003905798Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fdee9faaf088a20c2022-01-11 12:18:26.835root 11241100x80000000000000003905799Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.981868eabe3721662022-01-11 12:18:26.835root 11241100x80000000000000003905800Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c51982d0c51e97a2022-01-11 12:18:26.835root 11241100x80000000000000003905801Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e81dfaf0a72122aa2022-01-11 12:18:26.835root 11241100x80000000000000003905802Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21e3862d1231cceb2022-01-11 12:18:26.836root 11241100x80000000000000003905803Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ef59ffcd710c83d72022-01-11 12:18:26.836root 11241100x80000000000000003905804Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb8265a65cea52ad2022-01-11 12:18:26.836root 11241100x80000000000000003905805Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76d40639233495e62022-01-11 12:18:26.836root 11241100x80000000000000003905806Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f5c4c211773674b92022-01-11 12:18:26.836root 11241100x80000000000000003905807Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.792026432db871912022-01-11 12:18:26.836root 11241100x80000000000000003905808Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce59e5ea57a82d732022-01-11 12:18:26.836root 11241100x80000000000000003905809Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62bf533801cb6ba02022-01-11 12:18:26.836root 11241100x80000000000000003905810Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1939724033ab3d62022-01-11 12:18:26.836root 11241100x80000000000000003905811Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5eef4830d9223c582022-01-11 12:18:26.836root 11241100x80000000000000003905812Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1eb534483dcc64612022-01-11 12:18:26.837root 11241100x80000000000000003905813Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68f357b92a04c3302022-01-11 12:18:26.837root 11241100x80000000000000003905814Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e597d08dd0c097e2022-01-11 12:18:26.837root 11241100x80000000000000003905815Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d139740b78f1d5ed2022-01-11 12:18:26.837root 11241100x80000000000000003905816Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6bb6daae1b4237232022-01-11 12:18:26.837root 11241100x80000000000000003905817Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e657713dc257ad112022-01-11 12:18:26.837root 11241100x80000000000000003905818Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d24a612489135d02022-01-11 12:18:26.837root 11241100x80000000000000003905819Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09da2e59e9d1ff362022-01-11 12:18:26.837root 11241100x80000000000000003905820Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f3c253c399104fd52022-01-11 12:18:26.837root 11241100x80000000000000003905821Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df4ae991852dcfda2022-01-11 12:18:26.837root 11241100x80000000000000003905822Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.14446732d9302a1b2022-01-11 12:18:26.837root 11241100x80000000000000003905823Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5e329cde8054ea702022-01-11 12:18:26.837root 11241100x80000000000000003905824Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eda0bf12681a35d42022-01-11 12:18:26.837root 11241100x80000000000000003905825Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.025041f17dd34ba52022-01-11 12:18:26.837root 11241100x80000000000000003905826Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a86da09a8f7d5892022-01-11 12:18:26.837root 11241100x80000000000000003905827Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f7721e6c88ef7aac2022-01-11 12:18:26.837root 11241100x80000000000000003905828Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e476a0c15d389ac92022-01-11 12:18:26.838root 11241100x80000000000000003905829Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.838{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7633963dda6206a2022-01-11 12:18:26.838root 11241100x80000000000000003905830Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40f6304746900b252022-01-11 12:18:26.839root 11241100x80000000000000003905831Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e1c0c737a6e73822022-01-11 12:18:26.839root 11241100x80000000000000003905832Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac737741cb4f69522022-01-11 12:18:26.839root 11241100x80000000000000003905833Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.71d728a548eb473d2022-01-11 12:18:26.839root 11241100x80000000000000003905834Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b2eb51908b42b3d2022-01-11 12:18:26.839root 11241100x80000000000000003905835Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.839{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a171b2f52a984b22022-01-11 12:18:26.839root 11241100x80000000000000003905836Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.840{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6f29700034db86f2022-01-11 12:18:26.840root 11241100x80000000000000003905837Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.841{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18c41e03b961e4512022-01-11 12:18:26.841root 11241100x80000000000000003905838Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.842{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd6f3ca24e0822c72022-01-11 12:18:26.842root 11241100x80000000000000003905839Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.842{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8e7770519f3e8da2022-01-11 12:18:26.842root 11241100x80000000000000003905840Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.842{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.814792c65b01ef982022-01-11 12:18:26.842root 11241100x80000000000000003905841Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.843{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd569a97ebb5b03f2022-01-11 12:18:26.843root 11241100x80000000000000003905842Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.843{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.798b8a08cbe44bb82022-01-11 12:18:26.843root 11241100x80000000000000003905843Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.843{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4bd5f45ea50b091b2022-01-11 12:18:26.843root 11241100x80000000000000003905844Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.843{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8aaa589fd86cdb852022-01-11 12:18:26.843root 11241100x80000000000000003905845Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.843{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.049eb024f93b11dd2022-01-11 12:18:26.843root 11241100x80000000000000003905846Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.843{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.135b0904ba59a75d2022-01-11 12:18:26.843root 11241100x80000000000000003905847Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.843{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d2a82ed8ad2aca62022-01-11 12:18:26.843root 11241100x80000000000000003905848Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.843{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ceba6095d922808e2022-01-11 12:18:26.843root 11241100x80000000000000003905849Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.844{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8e3cbb39e9226d52022-01-11 12:18:26.844root 11241100x80000000000000003905850Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.844{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc421293c3b9e8fc2022-01-11 12:18:26.844root 11241100x80000000000000003905851Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.844{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6236dbfce02151972022-01-11 12:18:26.844root 11241100x80000000000000003905852Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.844{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfd651ed116370bc2022-01-11 12:18:26.844root 11241100x80000000000000003905853Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.844{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7eb9fb14f8fc4f1e2022-01-11 12:18:26.844root 11241100x80000000000000003905854Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.844{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ffaf124913bb806c2022-01-11 12:18:26.844root 11241100x80000000000000003905855Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.844{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a95bb721c054a5b2022-01-11 12:18:26.844root 11241100x80000000000000003905856Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.844{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37ecfe4d2444d85d2022-01-11 12:18:26.844root 11241100x80000000000000003905857Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.844{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b53372d2b9c07ea2022-01-11 12:18:26.844root 11241100x80000000000000003905858Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.844{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a4dcf4778f5cdab92022-01-11 12:18:26.844root 11241100x80000000000000003905859Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.844{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a881be9317cf58f82022-01-11 12:18:26.844root 11241100x80000000000000003905860Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.845{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3368e232ed4c91932022-01-11 12:18:26.845root 11241100x80000000000000003905861Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.845{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5954cb33f79a62f22022-01-11 12:18:26.845root 11241100x80000000000000003905862Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.845{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.59e693f6e256a77a2022-01-11 12:18:26.845root 11241100x80000000000000003905863Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.845{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c10e35b73f614ec22022-01-11 12:18:26.845root 11241100x80000000000000003905864Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.845{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c184c1dc0a2960f32022-01-11 12:18:26.845root 11241100x80000000000000003905865Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.845{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.85c4b74e3fb1d9982022-01-11 12:18:26.845root 11241100x80000000000000003905866Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.845{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e3610d5378d175592022-01-11 12:18:26.845root 11241100x80000000000000003905867Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.846{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e4e32a0e85306042022-01-11 12:18:26.846root 11241100x80000000000000003905868Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.846{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.453be24aaf7d5e6b2022-01-11 12:18:26.846root 11241100x80000000000000003905869Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.846{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f248072b40adb00f2022-01-11 12:18:26.846root 11241100x80000000000000003905870Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.846{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ce627af12a787a02022-01-11 12:18:26.846root 11241100x80000000000000003905871Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.846{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50591956e988f5c42022-01-11 12:18:26.846root 11241100x80000000000000003905872Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.848{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8f8fc0ba8d09ffe2022-01-11 12:18:26.848root 11241100x80000000000000003905873Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.848{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c62a438bf69627782022-01-11 12:18:26.848root 11241100x80000000000000003905874Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:26.849{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.442c90812c985a182022-01-11 12:18:26.849root 11241100x80000000000000003905875Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d70f9efc9b4717e52022-01-11 12:18:27.334root 11241100x80000000000000003905876Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a67546b66cb12fa42022-01-11 12:18:27.334root 11241100x80000000000000003905877Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8001c19990d70162022-01-11 12:18:27.334root 11241100x80000000000000003905878Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.228a1cb9f09b3d4c2022-01-11 12:18:27.334root 11241100x80000000000000003905879Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5adf30a8c30b8ad02022-01-11 12:18:27.335root 11241100x80000000000000003905880Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f87442c3557e85b2022-01-11 12:18:27.335root 11241100x80000000000000003905881Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.df580367aed655ff2022-01-11 12:18:27.335root 11241100x80000000000000003905882Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21c6ba0839cf32bf2022-01-11 12:18:27.335root 11241100x80000000000000003905883Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12f6f962a222fda12022-01-11 12:18:27.335root 11241100x80000000000000003905884Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ccd11a51a3a5baf2022-01-11 12:18:27.335root 11241100x80000000000000003905885Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f57b729922e27162022-01-11 12:18:27.335root 11241100x80000000000000003905886Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.901afd878ab17d622022-01-11 12:18:27.335root 11241100x80000000000000003905887Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.250164f0b5f18faa2022-01-11 12:18:27.335root 11241100x80000000000000003905888Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a9c952400c0545f2022-01-11 12:18:27.335root 11241100x80000000000000003905889Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.335{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ffbe3c6e149fb9d32022-01-11 12:18:27.335root 11241100x80000000000000003905890Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2688a611e8eb1fd2022-01-11 12:18:27.336root 11241100x80000000000000003905891Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.52cd3cbbf76136a72022-01-11 12:18:27.336root 11241100x80000000000000003905892Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ccfb863909a95e672022-01-11 12:18:27.336root 11241100x80000000000000003905893Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3520767a4ded7fb32022-01-11 12:18:27.336root 11241100x80000000000000003905894Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ce4cbc93130f4f82022-01-11 12:18:27.336root 11241100x80000000000000003905895Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47ec62eaaa0cbef52022-01-11 12:18:27.336root 11241100x80000000000000003905896Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62eb51fa7a92289a2022-01-11 12:18:27.336root 11241100x80000000000000003905897Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8eb212b919d9e3632022-01-11 12:18:27.336root 11241100x80000000000000003905898Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.336{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26ce7edf1841481f2022-01-11 12:18:27.336root 11241100x80000000000000003905899Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.337{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d7d3e97eed696072022-01-11 12:18:27.337root 11241100x80000000000000003905900Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e04dc48da8fdc5b2022-01-11 12:18:27.834root 11241100x80000000000000003905901Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a76a88a74dd61032022-01-11 12:18:27.834root 11241100x80000000000000003905902Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b423e38f37ed1cb2022-01-11 12:18:27.834root 11241100x80000000000000003905903Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.45957968ff02a7e92022-01-11 12:18:27.834root 11241100x80000000000000003905904Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db060179fbc322542022-01-11 12:18:27.834root 11241100x80000000000000003905905Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.834{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68c22d82b0e263a12022-01-11 12:18:27.834root 11241100x80000000000000003905906Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.840b518402b0f17f2022-01-11 12:18:27.835root 11241100x80000000000000003905907Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.14a764e489dcbf0e2022-01-11 12:18:27.835root 11241100x80000000000000003905908Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0bf3b5da9168906d2022-01-11 12:18:27.835root 11241100x80000000000000003905909Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7c74518afe95fc92022-01-11 12:18:27.835root 11241100x80000000000000003905910Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d719cf9497f2f0a2022-01-11 12:18:27.835root 11241100x80000000000000003905911Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7129cc92f25c39d22022-01-11 12:18:27.835root 11241100x80000000000000003905912Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4d3c4a211213be22022-01-11 12:18:27.835root 11241100x80000000000000003905913Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.835{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e270fc3425afcd512022-01-11 12:18:27.835root 11241100x80000000000000003905914Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34e82bbbd2825f572022-01-11 12:18:27.836root 11241100x80000000000000003905915Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb50090e388e2ef72022-01-11 12:18:27.836root 11241100x80000000000000003905916Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4318390382d641f22022-01-11 12:18:27.836root 11241100x80000000000000003905917Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff88fe7d10555e4c2022-01-11 12:18:27.836root 11241100x80000000000000003905918Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90724972f24b6e192022-01-11 12:18:27.836root 11241100x80000000000000003905919Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.836{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34c3f6aaba7e45d62022-01-11 12:18:27.836root 11241100x80000000000000003905920Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84b3f0bbe9c610dc2022-01-11 12:18:27.837root 11241100x80000000000000003905921Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b41245eccc885932022-01-11 12:18:27.837root 11241100x80000000000000003905922Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f74c483fafdcf5b12022-01-11 12:18:27.837root 11241100x80000000000000003905923Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd1d005daf7586fc2022-01-11 12:18:27.837root 11241100x80000000000000003905924Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.837{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b66f0a9e80b3878c2022-01-11 12:18:27.837root 23542300x80000000000000003905925Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:27.897{ec2d504d-f0f9-61db-30a8-2a40f5550000}5391root/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log--- 11241100x80000000000000003905926Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7bd416cb36ca741e2022-01-11 12:18:28.333root 11241100x80000000000000003905927Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.333{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.709bcafbd28889ca2022-01-11 12:18:28.333root 11241100x80000000000000003905928Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6eb52c8094b74b4b2022-01-11 12:18:28.334root 11241100x80000000000000003905929Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.654dd760aef6b86b2022-01-11 12:18:28.334root 11241100x80000000000000003905930Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b6ad81d92a844f842022-01-11 12:18:28.334root 11241100x80000000000000003905931Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c3707b7282d2c9532022-01-11 12:18:28.334root 11241100x80000000000000003905932Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5fe459477374e04c2022-01-11 12:18:28.334root 11241100x80000000000000003905933Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2ce6231d04de0f22022-01-11 12:18:28.334root 11241100x80000000000000003905934Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a6099b2a6ba9bcc2022-01-11 12:18:28.334root 11241100x80000000000000003905935Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.98cb385c21104a012022-01-11 12:18:28.334root 11241100x80000000000000003905936Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b7f6b6f7e17898b2022-01-11 12:18:28.334root 11241100x80000000000000003905937Linux-Sysmon/Operationalsysmonlinux-tcontreras-attack-range-9361-2022-01-11 12:18:28.334{ec2d504d-f0fe-61db-30e8-f55dd8550000}5459/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9666e1935d7d40702022-01-11 12:18:28.334root