154100x80000000000000001918716Linux-Sysmon/Operationalar-linux-2022-08-09 10:40:12.213{ec23eae3-398c-62f2-a8cb-544e13560000}9985/usr/bin/ruby2.5-----/usr/bin/ruby2.5 /usr/bin/gem open -e /bin/sh -c /bin/sh rdoc/home/ubunturoot{ec23eae3-0000-0000-0000-000000000000}013no level-{ec23eae3-398c-62f2-081e-dfe591550000}9984/usr/bin/sudosudoubuntu 154100x80000000000000001918685Linux-Sysmon/Operationalar-linux-2022-08-09 10:40:12.149{ec23eae3-398c-62f2-081e-dfe591550000}9984/usr/bin/sudo-----sudo gem open -e /bin/sh -c /bin/sh rdoc/home/ubuntuubuntu{ec23eae3-315b-62f2-e803-000000000000}100013no level-{ec23eae3-315b-62f2-4884-4ea587550000}15369/bin/bash-bashubuntu 154100x80000000000000001918504Linux-Sysmon/Operationalar-linux-2022-08-09 10:40:06.660{ec23eae3-3986-62f2-a8eb-7dca85550000}9980/usr/bin/ruby2.5-----/usr/bin/ruby2.5 /usr/bin/gem open -e /bin/sh -c /bin/sh rdoc/home/ubunturoot{ec23eae3-0000-0000-0000-000000000000}013no level-{ec23eae3-3986-62f2-08de-dc6fcf550000}9979/usr/bin/sudosudoubuntu 154100x80000000000000001918494Linux-Sysmon/Operationalar-linux-2022-08-09 10:40:06.645{ec23eae3-3986-62f2-08de-dc6fcf550000}9979/usr/bin/sudo-----sudo gem open -e /bin/sh -c /bin/sh rdoc/home/ubuntuubuntu{ec23eae3-315b-62f2-e803-000000000000}100013no level-{ec23eae3-315b-62f2-4884-4ea587550000}15369/bin/bash-bashubuntu