154100x80000000000000008770954Linux-Sysmon/Operationalar-linux-2022-08-11 15:47:09.460{ec23eae3-247d-62f5-a83b-c658e7550000}10853/usr/bin/ruby2.5-----/usr/bin/ruby /usr/bin/puppet apply -e exec { '/bin/sh -c "exec sh -i </dev/pts/0 >/dev/pts/0 2>/dev/pts/0"': }/home/ubunturoot{ec23eae3-0000-0000-0000-000000000000}0179no level-{ec23eae3-247d-62f5-080e-0ad80c560000}10852/usr/bin/sudosudoubuntu 154100x80000000000000008770947Linux-Sysmon/Operationalar-linux-2022-08-11 15:47:09.449{ec23eae3-247d-62f5-080e-0ad80c560000}10852/usr/bin/sudo-----sudo puppet apply -e exec { '/bin/sh -c "exec sh -i </dev/pts/0 >/dev/pts/0 2>/dev/pts/0"': }/home/ubuntuubuntu{ec23eae3-1d77-62f5-e803-000000000000}1000179no level-{ec23eae3-1d77-62f5-48b4-665c03560000}30070/bin/bash-bashubuntu 154100x80000000000000008768367Linux-Sysmon/Operationalar-linux-2022-08-11 15:45:51.988{ec23eae3-242f-62f5-a8bb-7ad871550000}10827/usr/bin/ruby2.5-----/usr/bin/ruby /usr/bin/puppet apply -e exec { '/bin/sh -c "exec sh -i </dev/pts/0 >/dev/pts/0 2>/dev/pts/0"': }/home/ubunturoot{ec23eae3-0000-0000-0000-000000000000}0179no level-{ec23eae3-242f-62f5-080e-e520f4550000}10826/usr/bin/sudosudoubuntu 154100x80000000000000008768360Linux-Sysmon/Operationalar-linux-2022-08-11 15:45:51.976{ec23eae3-242f-62f5-080e-e520f4550000}10826/usr/bin/sudo-----sudo puppet apply -e exec { '/bin/sh -c "exec sh -i </dev/pts/0 >/dev/pts/0 2>/dev/pts/0"': }/home/ubuntuubuntu{ec23eae3-1d77-62f5-e803-000000000000}1000179no level-{ec23eae3-1d77-62f5-48b4-665c03560000}30070/bin/bash-bashubuntu