11241100x8000000000000000691469Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cfe72129f580cc2f2023-02-07 15:09:21.096root
11241100x8000000000000000691468Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c3cf5d28f76993a22023-02-07 15:09:21.096root
11241100x8000000000000000691467Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f3b3dff9d95021412023-02-07 15:09:21.096root
11241100x8000000000000000691466Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d5e58c66aa40d022023-02-07 15:09:21.096root
11241100x8000000000000000691465Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.87682c688744b4542023-02-07 15:09:21.096root
11241100x8000000000000000691464Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.45bcdc2d1b3dc5b02023-02-07 15:09:21.096root
11241100x8000000000000000691463Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb31a3331aa8b4522023-02-07 15:09:21.096root
11241100x8000000000000000691462Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fca4a469075c3e5d2023-02-07 15:09:21.096root
11241100x8000000000000000691461Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ee4f46a06d3b7572023-02-07 15:09:21.096root
11241100x8000000000000000691477Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.05ef189dc07e4d192023-02-07 15:09:21.097root
11241100x8000000000000000691476Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.627f191961b82b572023-02-07 15:09:21.097root
11241100x8000000000000000691475Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.64bbbcf5bd85dd602023-02-07 15:09:21.097root
11241100x8000000000000000691474Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.727b34ed3ba909662023-02-07 15:09:21.097root
11241100x8000000000000000691473Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55a4000e197341a12023-02-07 15:09:21.097root
11241100x8000000000000000691472Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c8c31ad01f388272023-02-07 15:09:21.097root
11241100x8000000000000000691471Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf9f08fd5bd4b6cd2023-02-07 15:09:21.097root
11241100x8000000000000000691470Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39d12d68e29deafd2023-02-07 15:09:21.097root
11241100x8000000000000000691487Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.429ca811d80eb7ed2023-02-07 15:09:21.098root
11241100x8000000000000000691486Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c6291d10fc11c6d2023-02-07 15:09:21.098root
11241100x8000000000000000691485Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf91ba723216c5de2023-02-07 15:09:21.098root
11241100x8000000000000000691484Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1130999f5d2cbaa32023-02-07 15:09:21.098root
11241100x8000000000000000691483Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af7441cdbcbb69782023-02-07 15:09:21.098root
11241100x8000000000000000691482Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1215093404f095e2023-02-07 15:09:21.098root
11241100x8000000000000000691481Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21ddc8ff8bab6e592023-02-07 15:09:21.098root
11241100x8000000000000000691480Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cbd3993effc9e6312023-02-07 15:09:21.098root
11241100x8000000000000000691479Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.91b66a40e738fe682023-02-07 15:09:21.098root
11241100x8000000000000000691478Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d704e0d1065806322023-02-07 15:09:21.098root
11241100x8000000000000000691490Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5bf06a450077fd2d2023-02-07 15:09:21.099root
11241100x8000000000000000691489Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.baade96aacb4a2da2023-02-07 15:09:21.099root
11241100x8000000000000000691488Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.114ddf11c0f5bb232023-02-07 15:09:21.099root
11241100x8000000000000000691495Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.103{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5c8fbb29feac9762023-02-07 15:09:21.103root
11241100x8000000000000000691494Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.103{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.408e4b3668e7f7212023-02-07 15:09:21.103root
11241100x8000000000000000691493Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.103{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a79141fcf548e7852023-02-07 15:09:21.103root
11241100x8000000000000000691492Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.103{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36270be5e012d0b02023-02-07 15:09:21.103root
11241100x8000000000000000691491Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.103{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93a8eb80fc75809c2023-02-07 15:09:21.103root
11241100x8000000000000000691506Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.104{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2267b30114f9f6a2023-02-07 15:09:21.104root
11241100x8000000000000000691505Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.104{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c2878f84db282fa2023-02-07 15:09:21.104root
11241100x8000000000000000691504Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.104{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.78ccb4b1f93fe8572023-02-07 15:09:21.104root
11241100x8000000000000000691503Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.104{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf299bd7971ae5d32023-02-07 15:09:21.104root
11241100x8000000000000000691502Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.104{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0abe0e4d4e1a48e12023-02-07 15:09:21.104root
11241100x8000000000000000691501Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.104{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c561c7128c1c80df2023-02-07 15:09:21.104root
11241100x8000000000000000691500Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.104{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eef10739af28844c2023-02-07 15:09:21.104root
11241100x8000000000000000691499Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.104{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6184479ad180a962023-02-07 15:09:21.104root
11241100x8000000000000000691498Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.104{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3976a98706dd0e542023-02-07 15:09:21.104root
11241100x8000000000000000691497Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.104{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a66321fc3906a6442023-02-07 15:09:21.104root
11241100x8000000000000000691496Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.104{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2eef719ed3053ca92023-02-07 15:09:21.104root
11241100x8000000000000000691511Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.595{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa7b8f967f9685232023-02-07 15:09:21.595root
11241100x8000000000000000691510Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.595{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8138545f6b54bba72023-02-07 15:09:21.595root
11241100x8000000000000000691509Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.595{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01bc69bbf83562492023-02-07 15:09:21.595root
11241100x8000000000000000691508Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.595{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5aebbc85b0a01d7c2023-02-07 15:09:21.595root
11241100x8000000000000000691507Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.595{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a50805d950ce2c972023-02-07 15:09:21.595root
11241100x8000000000000000691520Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55011e7ddd6bff0d2023-02-07 15:09:21.596root
11241100x8000000000000000691519Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80f807ae71538e012023-02-07 15:09:21.596root
11241100x8000000000000000691518Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a875aae2d4dd25c92023-02-07 15:09:21.596root
11241100x8000000000000000691517Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f0f0f25dec7df8f2023-02-07 15:09:21.596root
11241100x8000000000000000691516Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23996ceb57f6c4a82023-02-07 15:09:21.596root
11241100x8000000000000000691515Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d81bd3274584d8e2023-02-07 15:09:21.596root
11241100x8000000000000000691514Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d37f621892c47f0b2023-02-07 15:09:21.596root
11241100x8000000000000000691513Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.935c2dfc667da64d2023-02-07 15:09:21.596root
11241100x8000000000000000691512Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eaad02d2687eed8e2023-02-07 15:09:21.596root
11241100x8000000000000000691527Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6a73f7ba68d5f0e2023-02-07 15:09:21.597root
11241100x8000000000000000691526Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a605c612e160ff232023-02-07 15:09:21.597root
11241100x8000000000000000691525Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aea55ed003719d1c2023-02-07 15:09:21.597root
11241100x8000000000000000691524Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0cecfb881b42414e2023-02-07 15:09:21.597root
11241100x8000000000000000691523Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3425c21083c8a55c2023-02-07 15:09:21.597root
11241100x8000000000000000691522Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6af3baaee55045182023-02-07 15:09:21.597root
11241100x8000000000000000691521Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f4f007332ba156d32023-02-07 15:09:21.597root
11241100x8000000000000000691533Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3da6182d37e4ada62023-02-07 15:09:21.598root
11241100x8000000000000000691532Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b25aeda2318ad082023-02-07 15:09:21.598root
11241100x8000000000000000691531Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d956e4e023185a3b2023-02-07 15:09:21.598root
11241100x8000000000000000691530Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b35d22e42fa2a092023-02-07 15:09:21.598root
11241100x8000000000000000691529Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.506bf3eef28245852023-02-07 15:09:21.598root
11241100x8000000000000000691528Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0cc1bb46457807552023-02-07 15:09:21.598root
11241100x8000000000000000691539Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.599{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6f6365bd9a373302023-02-07 15:09:21.599root
11241100x8000000000000000691538Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.599{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7cbe292259525c642023-02-07 15:09:21.599root
11241100x8000000000000000691537Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.599{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.897ad271a20a79d42023-02-07 15:09:21.599root
11241100x8000000000000000691536Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.599{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.531ce5001280d95b2023-02-07 15:09:21.599root
11241100x8000000000000000691535Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.599{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0e9b08ee623e5712023-02-07 15:09:21.599root
11241100x8000000000000000691534Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.599{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79b21c62e71e15b32023-02-07 15:09:21.599root
11241100x8000000000000000691545Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.600{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3bb30c1c20d8e382023-02-07 15:09:21.600root
11241100x8000000000000000691544Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.600{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.155c6281b6663cdb2023-02-07 15:09:21.600root
11241100x8000000000000000691543Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.600{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80e63d228309c6b12023-02-07 15:09:21.600root
11241100x8000000000000000691542Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.600{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4de7cdb738bbcf262023-02-07 15:09:21.600root
11241100x8000000000000000691541Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.600{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51a342311853b8fb2023-02-07 15:09:21.600root
11241100x8000000000000000691540Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.600{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19f1aa89655f08212023-02-07 15:09:21.600root
11241100x8000000000000000691548Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.601{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d34c38eded14acd32023-02-07 15:09:21.601root
11241100x8000000000000000691547Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.601{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b02e83a75ddd13e2023-02-07 15:09:21.601root
11241100x8000000000000000691546Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:21.601{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f2f097e1afd0d1f2023-02-07 15:09:21.601root
11241100x8000000000000000691552Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.095{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5bccbe3a78f9ecc92023-02-07 15:09:22.095root
11241100x8000000000000000691551Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.095{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c184be7c3051a0a22023-02-07 15:09:22.095root
11241100x8000000000000000691550Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.095{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3354901b4a818df42023-02-07 15:09:22.095root
11241100x8000000000000000691549Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.095{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.900e745f40ddbe102023-02-07 15:09:22.095root
11241100x8000000000000000691557Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ece1332f12a3c0d2023-02-07 15:09:22.096root
11241100x8000000000000000691556Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac2f9b9ce19745c02023-02-07 15:09:22.096root
11241100x8000000000000000691555Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b6f260ff512c9f02023-02-07 15:09:22.096root
11241100x8000000000000000691554Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84c5f9dd62f7568b2023-02-07 15:09:22.096root
11241100x8000000000000000691553Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b682e4bf7220be132023-02-07 15:09:22.096root
11241100x8000000000000000691562Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e26a15de1b1f7b322023-02-07 15:09:22.097root
11241100x8000000000000000691561Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.986c880d631cd7a12023-02-07 15:09:22.097root
11241100x8000000000000000691560Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2850c2cb16c9ccbe2023-02-07 15:09:22.097root
11241100x8000000000000000691559Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1f6835b9607801b2023-02-07 15:09:22.097root
11241100x8000000000000000691558Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f527bcebcffc637a2023-02-07 15:09:22.097root
11241100x8000000000000000691566Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c0d5e8703f5a6fc12023-02-07 15:09:22.098root
11241100x8000000000000000691565Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a37ed6c1abcd6dc12023-02-07 15:09:22.098root
11241100x8000000000000000691564Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.85f22f9865059b172023-02-07 15:09:22.098root
11241100x8000000000000000691563Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00198cd8ee9ef9c52023-02-07 15:09:22.098root
11241100x8000000000000000691569Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b36067599e7b13de2023-02-07 15:09:22.099root
11241100x8000000000000000691568Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.735e94c4ca2f58be2023-02-07 15:09:22.099root
11241100x8000000000000000691567Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a507ec807cfbcdf02023-02-07 15:09:22.099root
11241100x8000000000000000691571Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.100{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a4714eef84827b42023-02-07 15:09:22.100root
11241100x8000000000000000691570Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.100{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88d65e520ec422cc2023-02-07 15:09:22.100root
11241100x8000000000000000691573Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.101{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd005928c02873942023-02-07 15:09:22.101root
11241100x8000000000000000691572Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.101{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.751c1ccabfccc4782023-02-07 15:09:22.101root
11241100x8000000000000000691577Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.102{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8335acd329c7cc132023-02-07 15:09:22.102root
11241100x8000000000000000691576Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.102{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c014f88acd6bdb32023-02-07 15:09:22.102root
11241100x8000000000000000691575Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.102{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0da1ef7933717d092023-02-07 15:09:22.102root
11241100x8000000000000000691574Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.102{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9aca01fba388555f2023-02-07 15:09:22.102root
11241100x8000000000000000691580Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.103{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.225aa80e0fa92d462023-02-07 15:09:22.103root
11241100x8000000000000000691579Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.103{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.45057841d28fb7cf2023-02-07 15:09:22.103root
11241100x8000000000000000691578Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.103{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d9157450939b53e2023-02-07 15:09:22.103root
11241100x8000000000000000691584Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.104{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c963523bfeb2a29d2023-02-07 15:09:22.104root
11241100x8000000000000000691583Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.104{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.03fc8971946c32542023-02-07 15:09:22.104root
11241100x8000000000000000691582Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.104{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8a19d7b18d0c5b62023-02-07 15:09:22.104root
11241100x8000000000000000691581Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.104{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7b2a237a6e308a82023-02-07 15:09:22.104root
11241100x8000000000000000691586Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.595{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f7f93e24d39e7a562023-02-07 15:09:22.595root
11241100x8000000000000000691585Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.595{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b2d48abdd755c312023-02-07 15:09:22.595root
11241100x8000000000000000691589Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f27c8dd1c7858512023-02-07 15:09:22.596root
11241100x8000000000000000691588Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0f0f598d24f537602023-02-07 15:09:22.596root
11241100x8000000000000000691587Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f81d0fab10d7973f2023-02-07 15:09:22.596root
11241100x8000000000000000691593Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b59b0267450712e2023-02-07 15:09:22.597root
11241100x8000000000000000691592Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e5f9cb2206b895c2023-02-07 15:09:22.597root
11241100x8000000000000000691591Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d3a3bd20d5ddd6a2023-02-07 15:09:22.597root
11241100x8000000000000000691590Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ffb17e6e7a2b35c02023-02-07 15:09:22.597root
11241100x8000000000000000691595Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9abd707dda0242662023-02-07 15:09:22.598root
11241100x8000000000000000691594Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.39e3804686ebd2f52023-02-07 15:09:22.598root
11241100x8000000000000000691597Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.599{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7da4cc4cf5ac25ad2023-02-07 15:09:22.599root
11241100x8000000000000000691596Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.599{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f887a68d39c1f9cf2023-02-07 15:09:22.599root
11241100x8000000000000000691601Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.600{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97aec9835bd61dc02023-02-07 15:09:22.600root
11241100x8000000000000000691600Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.600{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.51f3bc85624fcb9e2023-02-07 15:09:22.600root
11241100x8000000000000000691599Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.600{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4715a3961d4407192023-02-07 15:09:22.600root
11241100x8000000000000000691598Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.600{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.593290e7dc0ad3762023-02-07 15:09:22.600root
11241100x8000000000000000691609Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.601{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0828ec57d9da88db2023-02-07 15:09:22.601root
11241100x8000000000000000691608Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.601{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5531f28f6d8dd2752023-02-07 15:09:22.601root
11241100x8000000000000000691607Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.601{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b86ee9a7797f8822023-02-07 15:09:22.601root
11241100x8000000000000000691606Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.601{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.14176ec02dd391a82023-02-07 15:09:22.601root
11241100x8000000000000000691605Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.601{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8cefe2c762a9dd82023-02-07 15:09:22.601root
11241100x8000000000000000691604Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.601{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f82d824652873392023-02-07 15:09:22.601root
11241100x8000000000000000691603Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.601{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bad4bbdbb0c934cc2023-02-07 15:09:22.601root
11241100x8000000000000000691602Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.601{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da5b50ecc1ba1f8d2023-02-07 15:09:22.601root
11241100x8000000000000000691615Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.602{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fc5f9a7a1bd9d1522023-02-07 15:09:22.602root
11241100x8000000000000000691614Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.602{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.494b4a76547c4fbe2023-02-07 15:09:22.602root
11241100x8000000000000000691613Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.602{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.14de8f7576dcd41f2023-02-07 15:09:22.602root
11241100x8000000000000000691612Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.602{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65a56a50861a5b502023-02-07 15:09:22.602root
11241100x8000000000000000691611Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.602{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7cbfddacea8847cb2023-02-07 15:09:22.602root
11241100x8000000000000000691610Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.602{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af4ea65c75d741b02023-02-07 15:09:22.602root
11241100x8000000000000000691616Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.606{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72ffe8c4c9c658df2023-02-07 15:09:22.606root
11241100x8000000000000000691620Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.607{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54538ded120be0682023-02-07 15:09:22.607root
11241100x8000000000000000691619Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.607{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e5ce02c4640c4972023-02-07 15:09:22.607root
11241100x8000000000000000691618Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.607{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.663b79a7689a97982023-02-07 15:09:22.607root
11241100x8000000000000000691617Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:22.607{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10fc4532e40ebb4e2023-02-07 15:09:22.607root
11241100x8000000000000000691625Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.095{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6bcc25414272870d2023-02-07 15:09:23.095root
11241100x8000000000000000691624Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.095{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00fe2230f9b7aca92023-02-07 15:09:23.095root
11241100x8000000000000000691623Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.095{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1adad82816255e882023-02-07 15:09:23.095root
11241100x8000000000000000691622Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.095{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe5d7e64df0ff2e82023-02-07 15:09:23.095root
11241100x8000000000000000691621Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.095{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f5ab842ca6e2b72c2023-02-07 15:09:23.095root
11241100x8000000000000000691631Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6071f2c4fc91f4a2023-02-07 15:09:23.096root
11241100x8000000000000000691630Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9dd0c9153cf5c3262023-02-07 15:09:23.096root
11241100x8000000000000000691629Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e7742f0e40967202023-02-07 15:09:23.096root
11241100x8000000000000000691628Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d013fac870cd50f62023-02-07 15:09:23.096root
11241100x8000000000000000691627Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cea4770ea8386f722023-02-07 15:09:23.096root
11241100x8000000000000000691626Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9aa6e7f4353eab572023-02-07 15:09:23.096root
11241100x8000000000000000691637Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54f41d67c766a4e02023-02-07 15:09:23.097root
11241100x8000000000000000691636Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77723657a27c30692023-02-07 15:09:23.097root
11241100x8000000000000000691635Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.066f5aa15d471c242023-02-07 15:09:23.097root
11241100x8000000000000000691634Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.60ecf31fba73d2ac2023-02-07 15:09:23.097root
11241100x8000000000000000691633Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9064e8cae0f785c32023-02-07 15:09:23.097root
11241100x8000000000000000691632Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.21160ccde9ba4d5b2023-02-07 15:09:23.097root
11241100x8000000000000000691642Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e338ec34a7c4afbf2023-02-07 15:09:23.098root
11241100x8000000000000000691641Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.208623a5d32644692023-02-07 15:09:23.098root
11241100x8000000000000000691640Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fea582cdd9d93a112023-02-07 15:09:23.098root
11241100x8000000000000000691639Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d23cec8496c5af0c2023-02-07 15:09:23.098root
11241100x8000000000000000691638Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8fe3f49c62676e3b2023-02-07 15:09:23.098root
11241100x8000000000000000691645Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b73a25e04fe82d42023-02-07 15:09:23.099root
11241100x8000000000000000691644Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36458ce31e11ce9f2023-02-07 15:09:23.099root
11241100x8000000000000000691643Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02afd49728ba32142023-02-07 15:09:23.099root
11241100x8000000000000000691651Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.100{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9255bc2392ead8522023-02-07 15:09:23.100root
11241100x8000000000000000691650Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.100{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e7c2e4bd736b7f02023-02-07 15:09:23.100root
11241100x8000000000000000691649Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.100{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3244e1d15f1e07e62023-02-07 15:09:23.100root
11241100x8000000000000000691648Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.100{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb07276190c70af42023-02-07 15:09:23.100root
11241100x8000000000000000691647Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.100{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ada305e9e2d44ccd2023-02-07 15:09:23.100root
11241100x8000000000000000691646Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.100{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63072cb3a5ac528e2023-02-07 15:09:23.100root
11241100x8000000000000000691659Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.101{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ea7f6db67c28f0e2023-02-07 15:09:23.101root
11241100x8000000000000000691658Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.101{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d88141ffc783e9382023-02-07 15:09:23.101root
11241100x8000000000000000691657Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.101{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.75075254c4793ca72023-02-07 15:09:23.101root
11241100x8000000000000000691656Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.101{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a62e89f53003c0912023-02-07 15:09:23.101root
11241100x8000000000000000691655Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.101{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2080d36ed14e0b172023-02-07 15:09:23.101root
11241100x8000000000000000691654Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.101{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4cddf64885a06bc2023-02-07 15:09:23.101root
11241100x8000000000000000691653Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.101{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.796ecfb4213cabcc2023-02-07 15:09:23.101root
11241100x8000000000000000691652Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.101{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c4ca982ba77636612023-02-07 15:09:23.101root
11241100x8000000000000000691662Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.102{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1ab59b3af634fb12023-02-07 15:09:23.102root
11241100x8000000000000000691661Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.102{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ccaa2fcdabffeb9b2023-02-07 15:09:23.102root
11241100x8000000000000000691660Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.102{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.31c739a11e4f7a7d2023-02-07 15:09:23.102root
11241100x8000000000000000691663Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.595{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.302045a912d954a72023-02-07 15:09:23.595root
11241100x8000000000000000691664Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.204755423905f7532023-02-07 15:09:23.596root
11241100x8000000000000000691669Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5c32f7a8614c6262023-02-07 15:09:23.597root
11241100x8000000000000000691668Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e8e931c28773f452023-02-07 15:09:23.597root
11241100x8000000000000000691667Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.037c9772b40166b72023-02-07 15:09:23.597root
11241100x8000000000000000691666Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2095918329178fb02023-02-07 15:09:23.597root
11241100x8000000000000000691665Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce5653f769a0c9622023-02-07 15:09:23.597root
11241100x8000000000000000691674Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.12be50442b21602c2023-02-07 15:09:23.598root
11241100x8000000000000000691673Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a53b41f3818cd4c42023-02-07 15:09:23.598root
11241100x8000000000000000691672Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1646dd270b0da7902023-02-07 15:09:23.598root
11241100x8000000000000000691671Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d64ea42e48f9d7882023-02-07 15:09:23.598root
11241100x8000000000000000691670Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dce60095ffd0ac6e2023-02-07 15:09:23.598root
11241100x8000000000000000691677Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.599{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1af704797a12370e2023-02-07 15:09:23.599root
11241100x8000000000000000691676Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.599{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f74d004b76d41992023-02-07 15:09:23.599root
11241100x8000000000000000691675Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.599{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dad02f249a0273832023-02-07 15:09:23.599root
11241100x8000000000000000691681Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.600{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5b9a4f6643e89a62023-02-07 15:09:23.600root
11241100x8000000000000000691680Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.600{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.81e83a028ec151462023-02-07 15:09:23.600root
11241100x8000000000000000691679Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.600{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c5d86f247c98215d2023-02-07 15:09:23.600root
11241100x8000000000000000691678Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.600{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.edaf2ad6685274d22023-02-07 15:09:23.600root
11241100x8000000000000000691683Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.601{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.626973f3a3adc3e82023-02-07 15:09:23.601root
11241100x8000000000000000691682Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.601{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8a737e51785d4a42023-02-07 15:09:23.601root
11241100x8000000000000000691686Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.602{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5bade3fd31eafd002023-02-07 15:09:23.602root
11241100x8000000000000000691685Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.602{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.150314d6d9eba42d2023-02-07 15:09:23.602root
11241100x8000000000000000691684Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.602{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.093c6f9ef89b6dd92023-02-07 15:09:23.602root
11241100x8000000000000000691687Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.603{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d7fa52df9e60d992023-02-07 15:09:23.603root
11241100x8000000000000000691689Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.604{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f6d5e3f384614622023-02-07 15:09:23.604root
11241100x8000000000000000691688Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.604{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.178232fb7759e20d2023-02-07 15:09:23.604root
11241100x8000000000000000691692Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.605{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc3c7e35f2d45d152023-02-07 15:09:23.605root
11241100x8000000000000000691691Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.605{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00b1f1df7e0323962023-02-07 15:09:23.605root
11241100x8000000000000000691690Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.605{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8ca7ad0c04b276ae2023-02-07 15:09:23.605root
11241100x8000000000000000691694Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.606{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ddec756e8a6960162023-02-07 15:09:23.606root
11241100x8000000000000000691693Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:23.606{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02978fef6c141bb02023-02-07 15:09:23.606root
11241100x8000000000000000691696Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.095{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd2e32600e81e5712023-02-07 15:09:24.095root
11241100x8000000000000000691695Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.095{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d431f67c82921bb2023-02-07 15:09:24.095root
11241100x8000000000000000691699Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e883d46bf66d15522023-02-07 15:09:24.096root
11241100x8000000000000000691698Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.846e4370f12e16a72023-02-07 15:09:24.096root
11241100x8000000000000000691697Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e69775938dfceee92023-02-07 15:09:24.096root
11241100x8000000000000000691702Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b19cfc03c73372352023-02-07 15:09:24.097root
11241100x8000000000000000691701Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb315e896779f5862023-02-07 15:09:24.097root
11241100x8000000000000000691700Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f91698c99363b7c22023-02-07 15:09:24.097root
11241100x8000000000000000691707Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f33a9eaccdaccfd82023-02-07 15:09:24.098root
11241100x8000000000000000691706Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.94271fe846b76e392023-02-07 15:09:24.098root
11241100x8000000000000000691705Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c53a498ac20cdc192023-02-07 15:09:24.098root
11241100x8000000000000000691704Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84016eab53994fc52023-02-07 15:09:24.098root
11241100x8000000000000000691703Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dcc4754575df788b2023-02-07 15:09:24.098root
11241100x8000000000000000691721Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7213de3642f1edf72023-02-07 15:09:24.099root
11241100x8000000000000000691720Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1499419681b27c932023-02-07 15:09:24.099root
11241100x8000000000000000691719Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea161491c9a23d1e2023-02-07 15:09:24.099root
11241100x8000000000000000691718Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fa72d370c460199e2023-02-07 15:09:24.099root
11241100x8000000000000000691717Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4dc864f35fb85d612023-02-07 15:09:24.099root
11241100x8000000000000000691716Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d92c044e1ba9d71b2023-02-07 15:09:24.099root
11241100x8000000000000000691715Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0fe3c3346c763dd22023-02-07 15:09:24.099root
11241100x8000000000000000691714Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.141b5e7231bc427c2023-02-07 15:09:24.099root
11241100x8000000000000000691713Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c144add5c68b168a2023-02-07 15:09:24.099root
11241100x8000000000000000691712Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.208f889f4925a3d02023-02-07 15:09:24.099root
11241100x8000000000000000691711Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b8568b919c007c6e2023-02-07 15:09:24.099root
11241100x8000000000000000691710Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f4f3ae744f14b51a2023-02-07 15:09:24.099root
11241100x8000000000000000691709Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3e94b0c39f0672b2023-02-07 15:09:24.099root
11241100x8000000000000000691708Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ff85d8f18fca72f52023-02-07 15:09:24.099root
11241100x8000000000000000691733Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.100{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ee206247d0942bc2023-02-07 15:09:24.100root
11241100x8000000000000000691732Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.100{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d38a8d65f055a9d2023-02-07 15:09:24.100root
11241100x8000000000000000691731Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.100{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7ac39017ec7e216e2023-02-07 15:09:24.100root
11241100x8000000000000000691730Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.100{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.116012f5c3c057dd2023-02-07 15:09:24.100root
11241100x8000000000000000691729Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.100{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f22fa2f7b1da6c52023-02-07 15:09:24.100root
11241100x8000000000000000691728Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.100{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3285b56b9ffc57ea2023-02-07 15:09:24.100root
11241100x8000000000000000691727Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.100{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41cb70df9d8e11eb2023-02-07 15:09:24.100root
11241100x8000000000000000691726Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.100{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.331a6ac050d3f8c62023-02-07 15:09:24.100root
11241100x8000000000000000691725Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.100{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e6af81aa8e311ea2023-02-07 15:09:24.100root
11241100x8000000000000000691724Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.100{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9766d02a3885b81f2023-02-07 15:09:24.100root
11241100x8000000000000000691723Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.100{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2aa681ff973ea962023-02-07 15:09:24.100root
11241100x8000000000000000691722Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.100{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f6ba9963017edc82023-02-07 15:09:24.100root
11241100x8000000000000000691737Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.595{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f2250b8b869746b2023-02-07 15:09:24.595root
11241100x8000000000000000691736Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.595{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a15be43a6a855162023-02-07 15:09:24.595root
11241100x8000000000000000691735Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.595{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be8bd7a037ccc71e2023-02-07 15:09:24.595root
11241100x8000000000000000691734Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.595{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.146e315e31309f1b2023-02-07 15:09:24.595root
11241100x8000000000000000691747Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6dab2a31c9917e4a2023-02-07 15:09:24.596root
11241100x8000000000000000691746Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e5dee38774228ff2023-02-07 15:09:24.596root
11241100x8000000000000000691745Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.377f8a7425c3afc02023-02-07 15:09:24.596root
11241100x8000000000000000691744Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74b71171bc0f2c732023-02-07 15:09:24.596root
11241100x8000000000000000691743Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f9658d74688c75402023-02-07 15:09:24.596root
11241100x8000000000000000691742Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d1f777191c3023c2023-02-07 15:09:24.596root
11241100x8000000000000000691741Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.44aeceb0323d0bda2023-02-07 15:09:24.596root
11241100x8000000000000000691740Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.faf2334ad1db2b7b2023-02-07 15:09:24.596root
11241100x8000000000000000691739Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.784efee94fdfb7d32023-02-07 15:09:24.596root
11241100x8000000000000000691738Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b3e3268627d1b252023-02-07 15:09:24.596root
11241100x8000000000000000691759Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be6ed2bed4a5a36a2023-02-07 15:09:24.597root
11241100x8000000000000000691758Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.085f2fd7fc36e7292023-02-07 15:09:24.597root
11241100x8000000000000000691757Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b23404cbcd3035e2023-02-07 15:09:24.597root
11241100x8000000000000000691756Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f25baa214a1238942023-02-07 15:09:24.597root
11241100x8000000000000000691755Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d89b77dc959daf4c2023-02-07 15:09:24.597root
11241100x8000000000000000691754Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.540658e7f1c4cd732023-02-07 15:09:24.597root
11241100x8000000000000000691753Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42cea7fe8c289e0a2023-02-07 15:09:24.597root
11241100x8000000000000000691752Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.723fec906ccb30e42023-02-07 15:09:24.597root
11241100x8000000000000000691751Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e45b620f9352ef0a2023-02-07 15:09:24.597root
11241100x8000000000000000691750Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.178dc478c04eb9962023-02-07 15:09:24.597root
11241100x8000000000000000691749Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ee45d2e8c9cdfd92023-02-07 15:09:24.597root
11241100x8000000000000000691748Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9460c415cf0ef2192023-02-07 15:09:24.597root
11241100x8000000000000000691773Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7219eb817542bc3b2023-02-07 15:09:24.598root
11241100x8000000000000000691772Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.232fe56511185af82023-02-07 15:09:24.598root
11241100x8000000000000000691771Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a747764e15e21b4f2023-02-07 15:09:24.598root
11241100x8000000000000000691770Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.75ac014384ce57d62023-02-07 15:09:24.598root
11241100x8000000000000000691769Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a17a310f4bc78b192023-02-07 15:09:24.598root
11241100x8000000000000000691768Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ed98999a4aa061382023-02-07 15:09:24.598root
11241100x8000000000000000691767Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6f6b7c272a1ed5e62023-02-07 15:09:24.598root
11241100x8000000000000000691766Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.444f99d1a7adea782023-02-07 15:09:24.598root
11241100x8000000000000000691765Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.074ee5f007de3dc52023-02-07 15:09:24.598root
11241100x8000000000000000691764Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.302a8c26cbd38d4a2023-02-07 15:09:24.598root
11241100x8000000000000000691763Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d3091b15c2db75422023-02-07 15:09:24.598root
11241100x8000000000000000691762Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.088f153d3dbbc5ca2023-02-07 15:09:24.598root
11241100x8000000000000000691761Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76522e706720653b2023-02-07 15:09:24.598root
11241100x8000000000000000691760Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82d9702f323907412023-02-07 15:09:24.598root
11241100x8000000000000000691774Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.599{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a77782ce51ce0fd72023-02-07 15:09:24.599root
11241100x8000000000000000691775Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:24.732{ec244aba-32ca-63e2-605c-1e356e550000}5624/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log2023-02-07 15:09:24.732root
11241100x8000000000000000691777Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.095{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.787eb656532b389e2023-02-07 15:09:25.095root
11241100x8000000000000000691776Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.095{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.346b9d7717614a122023-02-07 15:09:25.095root
11241100x8000000000000000691783Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c129df05334382482023-02-07 15:09:25.096root
11241100x8000000000000000691782Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93f95421b8fd3c0d2023-02-07 15:09:25.096root
11241100x8000000000000000691781Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.369afbb4911edbfa2023-02-07 15:09:25.096root
11241100x8000000000000000691780Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f5b10997b2fa4512023-02-07 15:09:25.096root
11241100x8000000000000000691779Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57692c0b5ff1788c2023-02-07 15:09:25.096root
11241100x8000000000000000691778Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22ea2f49ced305cb2023-02-07 15:09:25.096root
11241100x8000000000000000691795Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.27e00a9015d933c32023-02-07 15:09:25.097root
11241100x8000000000000000691794Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a4a2083823405f22023-02-07 15:09:25.097root
11241100x8000000000000000691793Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d8790ff61e3a8ff2023-02-07 15:09:25.097root
11241100x8000000000000000691792Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.24ecc7a8a5713e842023-02-07 15:09:25.097root
11241100x8000000000000000691791Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1497d13728ac66342023-02-07 15:09:25.097root
11241100x8000000000000000691790Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f905e3c496bef0ff2023-02-07 15:09:25.097root
11241100x8000000000000000691789Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95456b629d8f956a2023-02-07 15:09:25.097root
11241100x8000000000000000691788Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b8ef426e3d1e55df2023-02-07 15:09:25.097root
11241100x8000000000000000691787Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fdd507b1148aa2a12023-02-07 15:09:25.097root
11241100x8000000000000000691786Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a227d4c656a45edd2023-02-07 15:09:25.097root
11241100x8000000000000000691785Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f71f350f4b5a65d2023-02-07 15:09:25.097root
11241100x8000000000000000691784Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f62e165f1cea8c042023-02-07 15:09:25.097root
11241100x8000000000000000691810Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77209519ea7df4502023-02-07 15:09:25.098root
11241100x8000000000000000691809Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b17a0e9af55c76d02023-02-07 15:09:25.098root
11241100x8000000000000000691808Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8860729eccb0ddcf2023-02-07 15:09:25.098root
11241100x8000000000000000691807Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d11e8ef165e96102023-02-07 15:09:25.098root
11241100x8000000000000000691806Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e85145e53f637292023-02-07 15:09:25.098root
11241100x8000000000000000691805Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f73de26e44bf46e52023-02-07 15:09:25.098root
11241100x8000000000000000691804Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e322b1ce1a6dc9aa2023-02-07 15:09:25.098root
11241100x8000000000000000691803Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e11d86074285b95a2023-02-07 15:09:25.098root
11241100x8000000000000000691802Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.67eeec5f632d495a2023-02-07 15:09:25.098root
11241100x8000000000000000691801Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.537b7e98c039a5cc2023-02-07 15:09:25.098root
11241100x8000000000000000691800Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb31de66ae11dbf42023-02-07 15:09:25.098root
11241100x8000000000000000691799Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bdc57e4b6b7b1cd82023-02-07 15:09:25.098root
11241100x8000000000000000691798Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.158834c3135016432023-02-07 15:09:25.098root
11241100x8000000000000000691797Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a35bf5043ae9a45a2023-02-07 15:09:25.098root
11241100x8000000000000000691796Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0bf9ed6e65ad210c2023-02-07 15:09:25.098root
11241100x8000000000000000691811Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17a8e74b960310142023-02-07 15:09:25.099root
11241100x8000000000000000691816Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.595{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.38c3c06e7dc1e3272023-02-07 15:09:25.595root
11241100x8000000000000000691815Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.595{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4aab7b79e0c8c31e2023-02-07 15:09:25.595root
11241100x8000000000000000691814Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.595{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a66943d60a5182c82023-02-07 15:09:25.595root
11241100x8000000000000000691813Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.595{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ad49294780602002023-02-07 15:09:25.595root
11241100x8000000000000000691812Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.595{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.43ce6a6e2d5e87422023-02-07 15:09:25.595root
11241100x8000000000000000691827Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6dd91418c647e842023-02-07 15:09:25.596root
11241100x8000000000000000691826Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.95977b8769be42cc2023-02-07 15:09:25.596root
11241100x8000000000000000691825Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bef67c2c967d56582023-02-07 15:09:25.596root
11241100x8000000000000000691824Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08c9d42d35a3cc822023-02-07 15:09:25.596root
11241100x8000000000000000691823Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1919e3bc93e001302023-02-07 15:09:25.596root
11241100x8000000000000000691822Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf536c6c4aaf43392023-02-07 15:09:25.596root
11241100x8000000000000000691821Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.87fcebad17a68ca52023-02-07 15:09:25.596root
11241100x8000000000000000691820Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbc577fa457c8edc2023-02-07 15:09:25.596root
11241100x8000000000000000691819Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.252d262be757489c2023-02-07 15:09:25.596root
11241100x8000000000000000691818Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.99fc8d6fb6b2c28c2023-02-07 15:09:25.596root
11241100x8000000000000000691817Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7dd42dc967fb1522023-02-07 15:09:25.596root
11241100x8000000000000000691836Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a796133a19d5eba12023-02-07 15:09:25.597root
11241100x8000000000000000691835Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.148cceae0d22a04c2023-02-07 15:09:25.597root
11241100x8000000000000000691834Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a905dcf7f089110d2023-02-07 15:09:25.597root
11241100x8000000000000000691833Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53a26acf3cc47b102023-02-07 15:09:25.597root
11241100x8000000000000000691832Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c84f72e62b3a4cc2023-02-07 15:09:25.597root
11241100x8000000000000000691831Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10ebba9cb58342542023-02-07 15:09:25.597root
11241100x8000000000000000691830Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a120d8885ee491cb2023-02-07 15:09:25.597root
11241100x8000000000000000691829Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e2d3a4b4f51a2e812023-02-07 15:09:25.597root
11241100x8000000000000000691828Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3642420644aca17d2023-02-07 15:09:25.597root
11241100x8000000000000000691846Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83105ca102458b3a2023-02-07 15:09:25.598root
11241100x8000000000000000691845Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e00918808c74ec7b2023-02-07 15:09:25.598root
11241100x8000000000000000691844Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a10a2a7a2bdc6182023-02-07 15:09:25.598root
11241100x8000000000000000691843Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.75468e9a226bc36d2023-02-07 15:09:25.598root
11241100x8000000000000000691842Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b55e728db215c5b2023-02-07 15:09:25.598root
11241100x8000000000000000691841Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6c8d9f1553e24262023-02-07 15:09:25.598root
11241100x8000000000000000691840Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9ceda179eb2444722023-02-07 15:09:25.598root
11241100x8000000000000000691839Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.feb3d74bbdeda8e92023-02-07 15:09:25.598root
11241100x8000000000000000691838Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6e471a004c1130a2023-02-07 15:09:25.598root
11241100x8000000000000000691837Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac77f1acd66e226b2023-02-07 15:09:25.598root
11241100x8000000000000000691854Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.599{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.98bfeb20197fa7822023-02-07 15:09:25.599root
11241100x8000000000000000691853Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.599{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.406520570740c14a2023-02-07 15:09:25.599root
11241100x8000000000000000691852Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.599{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c20968a22fe2a9c2023-02-07 15:09:25.599root
11241100x8000000000000000691851Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.599{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b3378de90dba9f22023-02-07 15:09:25.599root
11241100x8000000000000000691850Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.599{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.08401865df1535b12023-02-07 15:09:25.599root
11241100x8000000000000000691849Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.599{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b1e234d616132b02023-02-07 15:09:25.599root
11241100x8000000000000000691848Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.599{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fb9469c9109fbaa72023-02-07 15:09:25.599root
11241100x8000000000000000691847Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.599{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.456e752e437f7a7b2023-02-07 15:09:25.599root
11241100x8000000000000000691857Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.600{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50c57066bb23e0c02023-02-07 15:09:25.600root
11241100x8000000000000000691856Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.600{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0863c4c24b2c73232023-02-07 15:09:25.600root
11241100x8000000000000000691855Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:25.600{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c039ed950dd8dab2023-02-07 15:09:25.600root
354300x8000000000000000691858Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.054{ec244aba-32d2-63e2-d9ff-4d0400000000}5697/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-44172-false10.0.1.12-8000-
11241100x8000000000000000691865Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.055{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f99c01c52c4430fa2023-02-07 15:09:26.055root
11241100x8000000000000000691864Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.055{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4c66859d4223ced12023-02-07 15:09:26.055root
11241100x8000000000000000691863Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.055{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41b166fff48aaba02023-02-07 15:09:26.055root
11241100x8000000000000000691862Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.055{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9f87aaa6a7d364422023-02-07 15:09:26.055root
11241100x8000000000000000691861Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.055{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.166bcfe6653e0df02023-02-07 15:09:26.055root
11241100x8000000000000000691860Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.055{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19bbcd45fae370aa2023-02-07 15:09:26.055root
11241100x8000000000000000691859Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.055{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.57f8977ecc6df6ad2023-02-07 15:09:26.055root
11241100x8000000000000000691873Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.056{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.09fe89b7abc62ac82023-02-07 15:09:26.056root
11241100x8000000000000000691872Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.056{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9b101825f5945162023-02-07 15:09:26.056root
11241100x8000000000000000691871Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.056{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ebec1ea314415f722023-02-07 15:09:26.056root
11241100x8000000000000000691870Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.056{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.63fda56a7abd26262023-02-07 15:09:26.056root
11241100x8000000000000000691869Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.056{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.59cdc90ea0aab4662023-02-07 15:09:26.056root
11241100x8000000000000000691868Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.056{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d05484f44b69b3ad2023-02-07 15:09:26.056root
11241100x8000000000000000691867Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.056{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e2b875777ce9d1a2023-02-07 15:09:26.056root
11241100x8000000000000000691866Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.056{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3be0d7d29a5bbb392023-02-07 15:09:26.056root
11241100x8000000000000000691881Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.057{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.488a4ba01b0239452023-02-07 15:09:26.057root
11241100x8000000000000000691880Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.057{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d036bb6d7759b17f2023-02-07 15:09:26.057root
11241100x8000000000000000691879Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.057{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a35da6b65a584ce22023-02-07 15:09:26.057root
11241100x8000000000000000691878Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.057{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db8edfa5e42f91da2023-02-07 15:09:26.057root
11241100x8000000000000000691877Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.057{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7cecff2f7feb40f02023-02-07 15:09:26.057root
11241100x8000000000000000691876Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.057{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b94fd7706a2fe0872023-02-07 15:09:26.057root
11241100x8000000000000000691875Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.057{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae18493c497856352023-02-07 15:09:26.057root
11241100x8000000000000000691874Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.057{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84dd2f1c7d7486c12023-02-07 15:09:26.057root
11241100x8000000000000000691891Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.058{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6eb8d93358ae3922023-02-07 15:09:26.058root
11241100x8000000000000000691890Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.058{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.29a0699c660f7e882023-02-07 15:09:26.058root
11241100x8000000000000000691889Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.058{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.853ddff83b7e41222023-02-07 15:09:26.058root
11241100x8000000000000000691888Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.058{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.98a511a521c566312023-02-07 15:09:26.058root
11241100x8000000000000000691887Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.058{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.27d553b33e25d2782023-02-07 15:09:26.058root
11241100x8000000000000000691886Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.058{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2a359dd5076a8a612023-02-07 15:09:26.058root
11241100x8000000000000000691885Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.058{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.76ca22e74f1ec8fc2023-02-07 15:09:26.058root
11241100x8000000000000000691884Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.058{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.305e92b7895befe02023-02-07 15:09:26.058root
11241100x8000000000000000691883Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.058{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5c8f9a34827c6112023-02-07 15:09:26.058root
11241100x8000000000000000691882Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.058{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.663a289377e6d0a22023-02-07 15:09:26.058root
11241100x8000000000000000691901Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.059{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53d7bda529e370542023-02-07 15:09:26.059root
11241100x8000000000000000691900Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.059{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aba5e93382a608452023-02-07 15:09:26.059root
11241100x8000000000000000691899Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.059{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2e17ad4f3a448712023-02-07 15:09:26.059root
11241100x8000000000000000691898Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.059{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc9f6623f33c7e1c2023-02-07 15:09:26.059root
11241100x8000000000000000691897Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.059{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8adbf1d64db3bad42023-02-07 15:09:26.059root
11241100x8000000000000000691896Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.059{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2a30657a3c1b0182023-02-07 15:09:26.059root
11241100x8000000000000000691895Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.059{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.225afa113eb395902023-02-07 15:09:26.059root
11241100x8000000000000000691894Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.059{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.090e6dcec738e5132023-02-07 15:09:26.059root
11241100x8000000000000000691893Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.059{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.739cc80ee30109362023-02-07 15:09:26.059root
11241100x8000000000000000691892Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.059{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b12f01dbbd9e625b2023-02-07 15:09:26.059root
11241100x8000000000000000691908Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.346{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.194a6018ed7b5bdb2023-02-07 15:09:26.346root
11241100x8000000000000000691907Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.346{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7cf8319747c8edbe2023-02-07 15:09:26.346root
11241100x8000000000000000691906Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.346{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ecff29a6e12fb3b42023-02-07 15:09:26.346root
11241100x8000000000000000691905Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.346{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.887cae7e289d6b2f2023-02-07 15:09:26.346root
11241100x8000000000000000691904Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.346{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.067da70a7b71bd342023-02-07 15:09:26.346root
11241100x8000000000000000691903Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.346{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce179d1e753343362023-02-07 15:09:26.346root
11241100x8000000000000000691902Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.346{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e62ff22e25bb42332023-02-07 15:09:26.346root
11241100x8000000000000000691917Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.347{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.608d39bb64f7704a2023-02-07 15:09:26.347root
11241100x8000000000000000691916Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.347{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.410490e24bf545062023-02-07 15:09:26.347root
11241100x8000000000000000691915Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.347{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.038cbc03471136962023-02-07 15:09:26.347root
11241100x8000000000000000691914Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.347{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4b1996c503271a3a2023-02-07 15:09:26.347root
11241100x8000000000000000691913Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.347{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8528cc30ca5786ed2023-02-07 15:09:26.347root
11241100x8000000000000000691912Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.347{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.975d5c98a7345ac82023-02-07 15:09:26.347root
11241100x8000000000000000691911Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.347{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d7cebd9d1d8ee192023-02-07 15:09:26.347root
11241100x8000000000000000691910Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.347{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.187dcdd63df512262023-02-07 15:09:26.347root
11241100x8000000000000000691909Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.347{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc4d50918a4196612023-02-07 15:09:26.347root
11241100x8000000000000000691927Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.348{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.35adc8d6a80e31442023-02-07 15:09:26.348root
11241100x8000000000000000691926Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.348{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.00f7dd9eae5a53872023-02-07 15:09:26.348root
11241100x8000000000000000691925Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.348{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e35ca6c274c43e9a2023-02-07 15:09:26.348root
11241100x8000000000000000691924Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.348{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4604c16cc5e1730e2023-02-07 15:09:26.348root
11241100x8000000000000000691923Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.348{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26f7dc62000ac8dd2023-02-07 15:09:26.348root
11241100x8000000000000000691922Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.348{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6df57940286fa7742023-02-07 15:09:26.348root
11241100x8000000000000000691921Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.348{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18c354e9066773692023-02-07 15:09:26.348root
11241100x8000000000000000691920Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.348{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8ccf6311df138612023-02-07 15:09:26.348root
11241100x8000000000000000691919Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.348{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a780eb2a4e2314272023-02-07 15:09:26.348root
11241100x8000000000000000691918Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.348{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.559da2ecb1b882162023-02-07 15:09:26.348root
11241100x8000000000000000691935Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.349{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ce8af184f0703b1d2023-02-07 15:09:26.349root
11241100x8000000000000000691934Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.349{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b24173664896474b2023-02-07 15:09:26.349root
11241100x8000000000000000691933Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.349{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2ff1de5da03e2c372023-02-07 15:09:26.349root
11241100x8000000000000000691932Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.349{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6cc2c34a13de300d2023-02-07 15:09:26.349root
11241100x8000000000000000691931Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.349{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca0c399bb36641452023-02-07 15:09:26.349root
11241100x8000000000000000691930Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.349{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1b0c8b2a727ca50d2023-02-07 15:09:26.349root
11241100x8000000000000000691929Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.349{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18f10c93d4dfe5342023-02-07 15:09:26.349root
11241100x8000000000000000691928Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.349{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.801742aaba8ab6fd2023-02-07 15:09:26.349root
534500x8000000000000000691936Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.635{00000000-0000-0000-0000-000000000000}6082<unknown process>root
11241100x8000000000000000691944Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.636{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a51360cfaaf581542023-02-07 15:09:26.636root
11241100x8000000000000000691943Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.636{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d82efcfe05795be2023-02-07 15:09:26.636root
11241100x8000000000000000691942Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.636{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9b8ae76db7e597b32023-02-07 15:09:26.636root
11241100x8000000000000000691941Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.636{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68b544a7cd50ef302023-02-07 15:09:26.636root
11241100x8000000000000000691940Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.636{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bc2eea27880e6c7f2023-02-07 15:09:26.636root
11241100x8000000000000000691939Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.636{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04eda3d33a6ba9a32023-02-07 15:09:26.636root
11241100x8000000000000000691938Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.636{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83e95630cf2415df2023-02-07 15:09:26.636root
11241100x8000000000000000691937Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.636{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54c417df5344b1a12023-02-07 15:09:26.636root
11241100x8000000000000000691952Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.637{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.577170763ef58a8c2023-02-07 15:09:26.637root
11241100x8000000000000000691951Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.637{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7a5d201e6bf552a52023-02-07 15:09:26.637root
11241100x8000000000000000691950Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.637{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2138e238a37aed4b2023-02-07 15:09:26.637root
11241100x8000000000000000691949Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.637{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.341317a9521d236b2023-02-07 15:09:26.637root
11241100x8000000000000000691948Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.637{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2725ef37cf20ab42023-02-07 15:09:26.637root
11241100x8000000000000000691947Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.637{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6a3bdb721ace6962023-02-07 15:09:26.637root
11241100x8000000000000000691946Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.637{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3d2ff71ce78ddb12023-02-07 15:09:26.637root
11241100x8000000000000000691945Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.637{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.75f4c2034db6bed52023-02-07 15:09:26.637root
11241100x8000000000000000691957Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.638{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec46eb47c89cea8a2023-02-07 15:09:26.638root
11241100x8000000000000000691956Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.638{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2aad2460369edeb02023-02-07 15:09:26.638root
11241100x8000000000000000691955Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.638{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04cc464e18e60efc2023-02-07 15:09:26.638root
11241100x8000000000000000691954Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.638{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ffe9ee0afd6a31632023-02-07 15:09:26.638root
11241100x8000000000000000691953Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.638{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c537217c6698b57f2023-02-07 15:09:26.638root
11241100x8000000000000000691958Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.639{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c41affed5dc1cc6f2023-02-07 15:09:26.639root
11241100x8000000000000000691962Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.640{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c28894e954f91ea22023-02-07 15:09:26.640root
11241100x8000000000000000691961Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.640{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aa49dcf010a89e172023-02-07 15:09:26.640root
11241100x8000000000000000691960Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.640{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89558238267bb2bb2023-02-07 15:09:26.640root
11241100x8000000000000000691959Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.640{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f65c6a2d76b2f812023-02-07 15:09:26.640root
11241100x8000000000000000691973Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.641{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.485d2954c778c0722023-02-07 15:09:26.641root
11241100x8000000000000000691972Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.641{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.256d7951f9ad4bd92023-02-07 15:09:26.641root
11241100x8000000000000000691971Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.641{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f7287f6824255ffb2023-02-07 15:09:26.641root
11241100x8000000000000000691970Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.641{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f2cd4b8ea8dc525e2023-02-07 15:09:26.641root
11241100x8000000000000000691969Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.641{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9db5531d2b911f942023-02-07 15:09:26.641root
11241100x8000000000000000691968Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.641{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01eaff6d31e9d7222023-02-07 15:09:26.641root
11241100x8000000000000000691967Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.641{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cdbaa0ea67baca902023-02-07 15:09:26.641root
11241100x8000000000000000691966Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.641{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2fa8dabd6f6784362023-02-07 15:09:26.641root
11241100x8000000000000000691965Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.641{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40f4619b70f78fca2023-02-07 15:09:26.641root
11241100x8000000000000000691964Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.641{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26213ed720b0d3c72023-02-07 15:09:26.641root
11241100x8000000000000000691963Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.641{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c750c5b2e1bc221e2023-02-07 15:09:26.641root
11241100x8000000000000000691978Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.642{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c470ab71792b6b892023-02-07 15:09:26.642root
11241100x8000000000000000691977Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.642{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.947c47967e04a7d72023-02-07 15:09:26.642root
11241100x8000000000000000691976Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.642{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1e272cba9b855a122023-02-07 15:09:26.642root
11241100x8000000000000000691975Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.642{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a78ad7e621730a2d2023-02-07 15:09:26.642root
11241100x8000000000000000691974Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.642{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4576a287d03bf922023-02-07 15:09:26.642root
11241100x8000000000000000691979Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.643{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.82067619e5ece15c2023-02-07 15:09:26.643root
11241100x8000000000000000691982Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.644{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.364574d1d08c3a062023-02-07 15:09:26.644root
11241100x8000000000000000691981Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.644{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d205b7a9289814de2023-02-07 15:09:26.644root
11241100x8000000000000000691980Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.644{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.adeaa712e126d4e32023-02-07 15:09:26.644root
11241100x8000000000000000691992Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.645{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4fa35d7fcea9362d2023-02-07 15:09:26.645root
11241100x8000000000000000691991Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.645{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.56b89102eca6f1382023-02-07 15:09:26.645root
11241100x8000000000000000691990Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.645{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6bcbe412318cb15c2023-02-07 15:09:26.645root
11241100x8000000000000000691989Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.645{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f024eea28e8f28aa2023-02-07 15:09:26.645root
11241100x8000000000000000691988Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.645{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f04dd1d0a3feb93f2023-02-07 15:09:26.645root
11241100x8000000000000000691987Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.645{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ae4ce7f63d9f7d72023-02-07 15:09:26.645root
11241100x8000000000000000691986Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.645{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d1214ab302ff5472023-02-07 15:09:26.645root
11241100x8000000000000000691985Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.645{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e06b6761d4096bf82023-02-07 15:09:26.645root
11241100x8000000000000000691984Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.645{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bafc42683175941a2023-02-07 15:09:26.645root
11241100x8000000000000000691983Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:26.645{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.50217227234a83bc2023-02-07 15:09:26.645root
11241100x8000000000000000691993Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.095{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f46f079555ba18b52023-02-07 15:09:27.095root
11241100x8000000000000000691998Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c987bcc898687c262023-02-07 15:09:27.096root
11241100x8000000000000000691997Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.451dea1aa2bfaeef2023-02-07 15:09:27.096root
11241100x8000000000000000691996Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ad7b4699677b56032023-02-07 15:09:27.096root
11241100x8000000000000000691995Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f25bbef1a40d3b042023-02-07 15:09:27.096root
11241100x8000000000000000691994Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c2b6ba3db7d8d2ce2023-02-07 15:09:27.096root
11241100x8000000000000000692008Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23b91dd9a51d5d2c2023-02-07 15:09:27.097root
11241100x8000000000000000692007Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d18afb0b650404692023-02-07 15:09:27.097root
11241100x8000000000000000692006Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e1d242e020009be72023-02-07 15:09:27.097root
11241100x8000000000000000692005Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3ac8d89ab62440022023-02-07 15:09:27.097root
11241100x8000000000000000692004Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e0c13d2ef47403af2023-02-07 15:09:27.097root
11241100x8000000000000000692003Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a58e44be08e10ea2023-02-07 15:09:27.097root
11241100x8000000000000000692002Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1bc1d81b328886c2023-02-07 15:09:27.097root
11241100x8000000000000000692001Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6678671ecaeded5d2023-02-07 15:09:27.097root
11241100x8000000000000000692000Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41420a03d469b30e2023-02-07 15:09:27.097root
11241100x8000000000000000691999Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cac1d2e82cd39ea82023-02-07 15:09:27.097root
11241100x8000000000000000692023Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.83f90861b5320a962023-02-07 15:09:27.098root
11241100x8000000000000000692022Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a714283783560272023-02-07 15:09:27.098root
11241100x8000000000000000692021Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cdc686fcf86353942023-02-07 15:09:27.098root
11241100x8000000000000000692020Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d2646a9d91992ba2023-02-07 15:09:27.098root
11241100x8000000000000000692019Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af8c560e94452f8f2023-02-07 15:09:27.098root
11241100x8000000000000000692018Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22309960a14525ee2023-02-07 15:09:27.098root
11241100x8000000000000000692017Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.14160439b028227d2023-02-07 15:09:27.098root
11241100x8000000000000000692016Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a5ceec5de89fa6a22023-02-07 15:09:27.098root
11241100x8000000000000000692015Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.30adc26316b95ae32023-02-07 15:09:27.098root
11241100x8000000000000000692014Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4d4e387df1841e22023-02-07 15:09:27.098root
11241100x8000000000000000692013Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93d86598f06b35592023-02-07 15:09:27.098root
11241100x8000000000000000692012Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c559202e2cfd2ce82023-02-07 15:09:27.098root
11241100x8000000000000000692011Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b59ae3bcea42c2022023-02-07 15:09:27.098root
11241100x8000000000000000692010Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b3d4b7a9fe9f6462023-02-07 15:09:27.098root
11241100x8000000000000000692009Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8d0215e85412384e2023-02-07 15:09:27.098root
11241100x8000000000000000692033Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0c7fbe28183126ee2023-02-07 15:09:27.099root
11241100x8000000000000000692032Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02916d5739c386f52023-02-07 15:09:27.099root
11241100x8000000000000000692031Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4908154e03f9b67d2023-02-07 15:09:27.099root
11241100x8000000000000000692030Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7aeac98e4dee7b12023-02-07 15:09:27.099root
11241100x8000000000000000692029Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d12bc65b939014b82023-02-07 15:09:27.099root
11241100x8000000000000000692028Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72543c59649767642023-02-07 15:09:27.099root
11241100x8000000000000000692027Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b104304dc27297fe2023-02-07 15:09:27.099root
11241100x8000000000000000692026Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2590ab4d712820912023-02-07 15:09:27.099root
11241100x8000000000000000692025Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7426a1dadf5bbf902023-02-07 15:09:27.099root
11241100x8000000000000000692024Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f033883b83cf48282023-02-07 15:09:27.099root
11241100x8000000000000000692039Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.595{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a9ec7ec3436de3b02023-02-07 15:09:27.595root
11241100x8000000000000000692038Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.595{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b1f63acfeffeeba92023-02-07 15:09:27.595root
11241100x8000000000000000692037Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.595{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.28f9d956b123b7c62023-02-07 15:09:27.595root
11241100x8000000000000000692036Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.595{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1253b649c255b592023-02-07 15:09:27.595root
11241100x8000000000000000692035Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.595{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90da0696ffa16d962023-02-07 15:09:27.595root
11241100x8000000000000000692034Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.595{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06051d79cea56c902023-02-07 15:09:27.595root
11241100x8000000000000000692047Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.60c40dce309d58c02023-02-07 15:09:27.596root
11241100x8000000000000000692046Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3451449f5c555b192023-02-07 15:09:27.596root
11241100x8000000000000000692045Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49f85a38746734552023-02-07 15:09:27.596root
11241100x8000000000000000692044Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.37f356c806b0fdbd2023-02-07 15:09:27.596root
11241100x8000000000000000692043Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18d6d7db44f8c5702023-02-07 15:09:27.596root
11241100x8000000000000000692042Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79226186309e9eab2023-02-07 15:09:27.596root
11241100x8000000000000000692041Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.862fbfffe60644d32023-02-07 15:09:27.596root
11241100x8000000000000000692040Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4154da92290fb0c92023-02-07 15:09:27.596root
11241100x8000000000000000692051Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c3e3b27f3e778742023-02-07 15:09:27.597root
11241100x8000000000000000692050Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.efc9faa856b9bf1f2023-02-07 15:09:27.597root
11241100x8000000000000000692049Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f267ffb7e48175c72023-02-07 15:09:27.597root
11241100x8000000000000000692048Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.45446976b7ace0662023-02-07 15:09:27.597root
11241100x8000000000000000692055Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9eb3c236712ef472023-02-07 15:09:27.598root
11241100x8000000000000000692054Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.759c1e03282e8a222023-02-07 15:09:27.598root
11241100x8000000000000000692053Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d8b126aa4e2a0ed2023-02-07 15:09:27.598root
11241100x8000000000000000692052Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5428eaa2649055f32023-02-07 15:09:27.598root
11241100x8000000000000000692059Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.599{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.369d2d3fe05562732023-02-07 15:09:27.599root
11241100x8000000000000000692058Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.599{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2dc7e633d00da2202023-02-07 15:09:27.599root
11241100x8000000000000000692057Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.599{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f910441a7d2de9e02023-02-07 15:09:27.599root
11241100x8000000000000000692056Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.599{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.59267b8a45a8a9c32023-02-07 15:09:27.599root
11241100x8000000000000000692063Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.600{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f4d2f02dec7f4ead2023-02-07 15:09:27.600root
11241100x8000000000000000692062Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.600{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca91e19cdd82e04f2023-02-07 15:09:27.600root
11241100x8000000000000000692061Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.600{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6041a9cfe2cb5462023-02-07 15:09:27.600root
11241100x8000000000000000692060Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.600{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a00d5648fb16ac8c2023-02-07 15:09:27.600root
11241100x8000000000000000692067Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.601{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5083e725fe1df8782023-02-07 15:09:27.601root
11241100x8000000000000000692066Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.601{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4d6a52ab50bd325b2023-02-07 15:09:27.601root
11241100x8000000000000000692065Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.601{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a50c83dbdf81d9252023-02-07 15:09:27.601root
11241100x8000000000000000692064Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.601{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e0a161b725617c42023-02-07 15:09:27.601root
11241100x8000000000000000692072Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.602{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbd0ab644d0c535c2023-02-07 15:09:27.602root
11241100x8000000000000000692071Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.602{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b0884f9b688af2892023-02-07 15:09:27.602root
11241100x8000000000000000692070Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.602{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36925bfc553d09072023-02-07 15:09:27.602root
11241100x8000000000000000692069Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.602{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2e8ca16cf6ec1e82023-02-07 15:09:27.602root
11241100x8000000000000000692068Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.602{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.114430aa3d7ecf0b2023-02-07 15:09:27.602root
23542300x8000000000000000692073Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:27.734{ec244aba-32ca-63e2-605c-1e356e550000}5624root/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/spool/splunk/tracker.log---
11241100x8000000000000000692075Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.095{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3fe9de56686f39f32023-02-07 15:09:28.095root
11241100x8000000000000000692074Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.095{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e7d34e79b129c232023-02-07 15:09:28.095root
11241100x8000000000000000692082Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.96c018266fca0fe52023-02-07 15:09:28.096root
11241100x8000000000000000692081Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d371773f02706fe52023-02-07 15:09:28.096root
11241100x8000000000000000692080Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe255784ed7d452f2023-02-07 15:09:28.096root
11241100x8000000000000000692079Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.86b1d81917618a872023-02-07 15:09:28.096root
11241100x8000000000000000692078Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.409dc5c6f2395dd22023-02-07 15:09:28.096root
11241100x8000000000000000692077Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b24c42ae92579d92023-02-07 15:09:28.096root
11241100x8000000000000000692076Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e39af685d553b4e12023-02-07 15:09:28.096root
11241100x8000000000000000692088Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d39ffc3c454192452023-02-07 15:09:28.097root
11241100x8000000000000000692087Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b2cac20e516028f02023-02-07 15:09:28.097root
11241100x8000000000000000692086Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.db64ca4c3891d9f32023-02-07 15:09:28.097root
11241100x8000000000000000692085Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.64de659709df646f2023-02-07 15:09:28.097root
11241100x8000000000000000692084Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1739a936512d4b6c2023-02-07 15:09:28.097root
11241100x8000000000000000692083Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f08e4c4b09e5a7362023-02-07 15:09:28.097root
11241100x8000000000000000692091Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b89a022d4bc4c9902023-02-07 15:09:28.098root
11241100x8000000000000000692090Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a0a8d3eed5782192023-02-07 15:09:28.098root
11241100x8000000000000000692089Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01cdefa575f39dcb2023-02-07 15:09:28.098root
11241100x8000000000000000692095Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26c58c2625a7232d2023-02-07 15:09:28.099root
11241100x8000000000000000692094Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f6e292257516d372023-02-07 15:09:28.099root
11241100x8000000000000000692093Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.264224a065e95d372023-02-07 15:09:28.099root
11241100x8000000000000000692092Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68cc7ce4e4157b3b2023-02-07 15:09:28.099root
11241100x8000000000000000692106Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.100{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49ec9be1b62262ab2023-02-07 15:09:28.100root
11241100x8000000000000000692105Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.100{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79b37eccb2f9c85f2023-02-07 15:09:28.100root
11241100x8000000000000000692104Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.100{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.267122acc94fe3e72023-02-07 15:09:28.100root
11241100x8000000000000000692103Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.100{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fd841065e70fb4ff2023-02-07 15:09:28.100root
11241100x8000000000000000692102Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.100{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b351e041e3fc322a2023-02-07 15:09:28.100root
11241100x8000000000000000692101Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.100{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.945992d3ce650ed42023-02-07 15:09:28.100root
11241100x8000000000000000692100Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.100{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f79cf43d54e077842023-02-07 15:09:28.100root
11241100x8000000000000000692099Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.100{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ca7f66b8e918e242023-02-07 15:09:28.100root
11241100x8000000000000000692098Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.100{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.01e82f0d1b2467d42023-02-07 15:09:28.100root
11241100x8000000000000000692097Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.100{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.584cb76a6380b99d2023-02-07 15:09:28.100root
11241100x8000000000000000692096Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.100{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8b0f876960e82a472023-02-07 15:09:28.100root
11241100x8000000000000000692114Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.101{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a94e96c0a7d5a4db2023-02-07 15:09:28.101root
11241100x8000000000000000692113Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.101{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90eada6683db70a52023-02-07 15:09:28.101root
11241100x8000000000000000692112Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.101{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42384d97faea29562023-02-07 15:09:28.101root
11241100x8000000000000000692111Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.101{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.31fc41c2083701462023-02-07 15:09:28.101root
11241100x8000000000000000692110Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.101{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5c0c609e231b8ab82023-02-07 15:09:28.101root
11241100x8000000000000000692109Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.101{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e08554b75a3858aa2023-02-07 15:09:28.101root
11241100x8000000000000000692108Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.101{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dbd041011cefd96b2023-02-07 15:09:28.101root
11241100x8000000000000000692107Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.101{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d7131f7ad26ca4d2023-02-07 15:09:28.101root
11241100x8000000000000000692119Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.102{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.386ec25ebdb161e12023-02-07 15:09:28.102root
11241100x8000000000000000692118Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.102{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e728606bfe60a5342023-02-07 15:09:28.102root
11241100x8000000000000000692117Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.102{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.74e06682916901ec2023-02-07 15:09:28.102root
11241100x8000000000000000692116Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.102{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.024a1b20631a3c202023-02-07 15:09:28.102root
11241100x8000000000000000692115Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.102{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6d867150a086a442023-02-07 15:09:28.102root
11241100x8000000000000000692125Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.103{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f86494fcc0cadd1e2023-02-07 15:09:28.103root
11241100x8000000000000000692124Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.103{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8bbae7b7d41430fd2023-02-07 15:09:28.103root
11241100x8000000000000000692123Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.103{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e9821084d0313e1c2023-02-07 15:09:28.103root
11241100x8000000000000000692122Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.103{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.79121c7c5acbd6ff2023-02-07 15:09:28.103root
11241100x8000000000000000692121Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.103{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ca5a55548ddda19a2023-02-07 15:09:28.103root
11241100x8000000000000000692120Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.103{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.13d1df62f0e891672023-02-07 15:09:28.103root
11241100x8000000000000000692126Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.104{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41e64d3f8b2774c22023-02-07 15:09:28.104root
11241100x8000000000000000692129Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.595{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.354a71bbaeff36402023-02-07 15:09:28.595root
11241100x8000000000000000692128Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.595{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3d1448c5b6075a742023-02-07 15:09:28.595root
11241100x8000000000000000692127Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.595{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f697347bb6a640d32023-02-07 15:09:28.595root
11241100x8000000000000000692139Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47a1ce7be94f09c12023-02-07 15:09:28.596root
11241100x8000000000000000692138Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.42136c95bc0aba022023-02-07 15:09:28.596root
11241100x8000000000000000692137Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4b0a331e2bb08f02023-02-07 15:09:28.596root
11241100x8000000000000000692136Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a833e5a5e48faab2023-02-07 15:09:28.596root
11241100x8000000000000000692135Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a0928ab19df218192023-02-07 15:09:28.596root
11241100x8000000000000000692134Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ecfbc0c8fd7a87c12023-02-07 15:09:28.596root
11241100x8000000000000000692133Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aff9a9939b247aea2023-02-07 15:09:28.596root
11241100x8000000000000000692132Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4313062b861500b82023-02-07 15:09:28.596root
11241100x8000000000000000692131Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cd4298475f4fb03a2023-02-07 15:09:28.596root
11241100x8000000000000000692130Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.24b0138ee6e0b4e52023-02-07 15:09:28.596root
11241100x8000000000000000692148Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0ec6f6ec30816fdb2023-02-07 15:09:28.597root
11241100x8000000000000000692147Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.61611bd64cf6b2922023-02-07 15:09:28.597root
11241100x8000000000000000692146Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2eb7eb785a681eb82023-02-07 15:09:28.597root
11241100x8000000000000000692145Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3da8c264c80a8ae42023-02-07 15:09:28.597root
11241100x8000000000000000692144Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9514562fef8d768f2023-02-07 15:09:28.597root
11241100x8000000000000000692143Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8fa0fe3ee90e3bec2023-02-07 15:09:28.597root
11241100x8000000000000000692142Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.70b299a165b9e3c52023-02-07 15:09:28.597root
11241100x8000000000000000692141Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c21dc347606148362023-02-07 15:09:28.597root
11241100x8000000000000000692140Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9946e6a4c83afc812023-02-07 15:09:28.597root
11241100x8000000000000000692160Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5271b857c05d31112023-02-07 15:09:28.598root
11241100x8000000000000000692159Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c0f21a09ea2738f2023-02-07 15:09:28.598root
11241100x8000000000000000692158Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.84da9dc086257d4d2023-02-07 15:09:28.598root
11241100x8000000000000000692157Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.de4c28f67e9d94c12023-02-07 15:09:28.598root
11241100x8000000000000000692156Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e799e7c85bd946e2023-02-07 15:09:28.598root
11241100x8000000000000000692155Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b628a1bf4cc8d9b32023-02-07 15:09:28.598root
11241100x8000000000000000692154Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.051be8ea4b4cc6592023-02-07 15:09:28.598root
11241100x8000000000000000692153Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8632b1557130ba922023-02-07 15:09:28.598root
11241100x8000000000000000692152Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0198a236966d49262023-02-07 15:09:28.598root
11241100x8000000000000000692151Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9603faa2c20980b02023-02-07 15:09:28.598root
11241100x8000000000000000692150Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.930b2bcc522970f82023-02-07 15:09:28.598root
11241100x8000000000000000692149Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06898f3bb35793522023-02-07 15:09:28.598root
11241100x8000000000000000692175Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.599{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34ca4e67a6df4db22023-02-07 15:09:28.599root
11241100x8000000000000000692174Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.599{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e7bbd86ee827822d2023-02-07 15:09:28.599root
11241100x8000000000000000692173Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.599{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.558a5405435268fe2023-02-07 15:09:28.599root
11241100x8000000000000000692172Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.599{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a489a86dfbdd49462023-02-07 15:09:28.599root
11241100x8000000000000000692171Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.599{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9a5739769e417ee82023-02-07 15:09:28.599root
11241100x8000000000000000692170Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.599{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e38f5e3c88437bb12023-02-07 15:09:28.599root
11241100x8000000000000000692169Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.599{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f5d0d9d0d0cbdcd02023-02-07 15:09:28.599root
11241100x8000000000000000692168Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.599{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aebd004bb2ed631d2023-02-07 15:09:28.599root
11241100x8000000000000000692167Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.599{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d01046f30e70f602023-02-07 15:09:28.599root
11241100x8000000000000000692166Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.599{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1cc28686c36b72852023-02-07 15:09:28.599root
11241100x8000000000000000692165Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.599{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.93024732973a4a692023-02-07 15:09:28.599root
11241100x8000000000000000692164Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.599{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46f099491beb0e222023-02-07 15:09:28.599root
11241100x8000000000000000692163Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.599{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb69039d9856c5db2023-02-07 15:09:28.599root
11241100x8000000000000000692162Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.599{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1dce1b2eba1151c92023-02-07 15:09:28.599root
11241100x8000000000000000692161Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.599{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f107172cd237536e2023-02-07 15:09:28.599root
11241100x8000000000000000692191Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.600{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0edbc042f7f022662023-02-07 15:09:28.600root
11241100x8000000000000000692190Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.600{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.06e920f84c90d4452023-02-07 15:09:28.600root
11241100x8000000000000000692189Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.600{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.599626786ab94f6a2023-02-07 15:09:28.600root
11241100x8000000000000000692188Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.600{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.649c59063ed57fa22023-02-07 15:09:28.600root
11241100x8000000000000000692187Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.600{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.efbe781562fa1a7a2023-02-07 15:09:28.600root
11241100x8000000000000000692186Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.600{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cc414a5ce72fee0a2023-02-07 15:09:28.600root
11241100x8000000000000000692185Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.600{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b7320f91e5dff5612023-02-07 15:09:28.600root
11241100x8000000000000000692184Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.600{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.554c5a81ff8599ab2023-02-07 15:09:28.600root
11241100x8000000000000000692183Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.600{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.104694f718e178b02023-02-07 15:09:28.600root
11241100x8000000000000000692182Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.600{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7af106db6dbdadc02023-02-07 15:09:28.600root
11241100x8000000000000000692181Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.600{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8973659b7d3b88122023-02-07 15:09:28.600root
11241100x8000000000000000692180Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.600{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b0970005bb4c3402023-02-07 15:09:28.600root
11241100x8000000000000000692179Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.600{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65f2bc88702d5c352023-02-07 15:09:28.600root
11241100x8000000000000000692178Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.600{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e50273a4052f8b72023-02-07 15:09:28.600root
11241100x8000000000000000692177Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.600{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18d6c6b6c3d67fea2023-02-07 15:09:28.600root
11241100x8000000000000000692176Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.600{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dc21e37ca0543c112023-02-07 15:09:28.600root
11241100x8000000000000000692207Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.601{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1dd15c6b6da4b3f2023-02-07 15:09:28.601root
11241100x8000000000000000692206Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.601{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.726af79ea16174752023-02-07 15:09:28.601root
11241100x8000000000000000692205Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.601{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ead5d3eaca9b2e722023-02-07 15:09:28.601root
11241100x8000000000000000692204Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.601{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9c5f564e2fb231852023-02-07 15:09:28.601root
11241100x8000000000000000692203Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.601{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0b94a048fb632f8b2023-02-07 15:09:28.601root
11241100x8000000000000000692202Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.601{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c4efcaf22b9b51232023-02-07 15:09:28.601root
11241100x8000000000000000692201Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.601{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.702b15d24e5410e52023-02-07 15:09:28.601root
11241100x8000000000000000692200Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.601{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d4eda269d1f5969a2023-02-07 15:09:28.601root
11241100x8000000000000000692199Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.601{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.357fb8d4820b06232023-02-07 15:09:28.601root
11241100x8000000000000000692198Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.601{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.af49bc03160e10c42023-02-07 15:09:28.601root
11241100x8000000000000000692197Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.601{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.162442236b2412a32023-02-07 15:09:28.601root
11241100x8000000000000000692196Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.601{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d82c5db14f6bd8442023-02-07 15:09:28.601root
11241100x8000000000000000692195Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.601{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.18386c6c83e1c0462023-02-07 15:09:28.601root
11241100x8000000000000000692194Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.601{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e74f7ec00b3b0fef2023-02-07 15:09:28.601root
11241100x8000000000000000692193Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.601{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6e92803f1118f0d72023-02-07 15:09:28.601root
11241100x8000000000000000692192Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.601{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.360491a15db289d52023-02-07 15:09:28.601root
11241100x8000000000000000692223Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.602{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e0804168fd442472023-02-07 15:09:28.602root
11241100x8000000000000000692222Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.602{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.71f69e1b47305cac2023-02-07 15:09:28.602root
11241100x8000000000000000692221Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.602{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32c0e86aaef31e072023-02-07 15:09:28.602root
11241100x8000000000000000692220Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.602{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6be57be907d4d602023-02-07 15:09:28.602root
11241100x8000000000000000692219Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.602{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.766358f0eb4494a52023-02-07 15:09:28.602root
11241100x8000000000000000692218Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.602{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5cb5a656a230880a2023-02-07 15:09:28.602root
11241100x8000000000000000692217Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.602{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9aa5356ca583b8322023-02-07 15:09:28.602root
11241100x8000000000000000692216Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.602{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16ac878e9943ca8f2023-02-07 15:09:28.602root
11241100x8000000000000000692215Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.602{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.798f3132ad12494d2023-02-07 15:09:28.602root
11241100x8000000000000000692214Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.602{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d209f566d55344502023-02-07 15:09:28.602root
11241100x8000000000000000692213Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.602{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2594ee0b2790d55c2023-02-07 15:09:28.602root
11241100x8000000000000000692212Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.602{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.87744692b50996f72023-02-07 15:09:28.602root
11241100x8000000000000000692211Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.602{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a1251f18b3e87baf2023-02-07 15:09:28.602root
11241100x8000000000000000692210Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.602{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b8ab330550caf332023-02-07 15:09:28.602root
11241100x8000000000000000692209Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.602{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68ded32a0ea3f75f2023-02-07 15:09:28.602root
11241100x8000000000000000692208Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.602{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0fc22e365c5c3ba12023-02-07 15:09:28.602root
11241100x8000000000000000692229Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.603{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5072c9ef5cdf1dc72023-02-07 15:09:28.603root
11241100x8000000000000000692228Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.603{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2d22501a90cebfeb2023-02-07 15:09:28.603root
11241100x8000000000000000692227Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.603{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3c2afc337aa01a5c2023-02-07 15:09:28.603root
11241100x8000000000000000692226Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.603{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49081f571743cf752023-02-07 15:09:28.603root
11241100x8000000000000000692225Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.603{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ea9a3b67d5887fa92023-02-07 15:09:28.603root
11241100x8000000000000000692224Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.603{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2cb24b2288cd3052023-02-07 15:09:28.603root
11241100x8000000000000000692238Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.604{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2cbe14fa58415a2d2023-02-07 15:09:28.604root
11241100x8000000000000000692237Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.604{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.49dccd1cf0492f8c2023-02-07 15:09:28.604root
11241100x8000000000000000692236Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.604{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.85a587ae4eb080142023-02-07 15:09:28.604root
11241100x8000000000000000692235Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.604{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2b22f641c16970ee2023-02-07 15:09:28.604root
11241100x8000000000000000692234Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.604{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f1efa9b4c2df861a2023-02-07 15:09:28.604root
11241100x8000000000000000692233Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.604{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.34e14875ef226dfa2023-02-07 15:09:28.604root
11241100x8000000000000000692232Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.604{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e04cdf6213b930e92023-02-07 15:09:28.604root
11241100x8000000000000000692231Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.604{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f6f6b693a0df97562023-02-07 15:09:28.604root
11241100x8000000000000000692230Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.604{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.458444440242bf8a2023-02-07 15:09:28.604root
11241100x8000000000000000692241Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.605{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a3fa38a0ed8baf572023-02-07 15:09:28.605root
11241100x8000000000000000692240Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.605{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.114d51439bedb62b2023-02-07 15:09:28.605root
11241100x8000000000000000692239Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:28.605{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.292581a4715f4eb52023-02-07 15:09:28.605root
11241100x8000000000000000692245Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.095{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e4631f4c7f91bfb2023-02-07 15:09:29.095root
11241100x8000000000000000692244Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.095{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9cc7f2dc416b7b522023-02-07 15:09:29.095root
11241100x8000000000000000692243Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.095{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a6254b28fe2cb77d2023-02-07 15:09:29.095root
11241100x8000000000000000692242Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.095{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9eb270ffe92123982023-02-07 15:09:29.095root
11241100x8000000000000000692248Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac65378e65f8dbca2023-02-07 15:09:29.096root
11241100x8000000000000000692247Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65459c597ba98f6c2023-02-07 15:09:29.096root
11241100x8000000000000000692246Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b1ca8afca136adc2023-02-07 15:09:29.096root
11241100x8000000000000000692251Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8835e585077acb12023-02-07 15:09:29.097root
11241100x8000000000000000692250Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48f2ee41aae990e92023-02-07 15:09:29.097root
11241100x8000000000000000692249Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4e68eefb41a4c4bf2023-02-07 15:09:29.097root
11241100x8000000000000000692253Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15641876572318272023-02-07 15:09:29.098root
11241100x8000000000000000692252Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0205d9ef61943bb52023-02-07 15:09:29.098root
11241100x8000000000000000692259Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7018a314a44f2b3d2023-02-07 15:09:29.099root
11241100x8000000000000000692258Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5f73aafc48e3fa922023-02-07 15:09:29.099root
11241100x8000000000000000692257Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17d819973c9451422023-02-07 15:09:29.099root
11241100x8000000000000000692256Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3b76d5a7579b3c412023-02-07 15:09:29.099root
11241100x8000000000000000692255Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e355c91ce93e25f72023-02-07 15:09:29.099root
11241100x8000000000000000692254Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6495897b98d89e792023-02-07 15:09:29.099root
11241100x8000000000000000692268Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.100{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32f90b94fdab1c4a2023-02-07 15:09:29.100root
11241100x8000000000000000692267Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.100{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a80d29c4ed2d162e2023-02-07 15:09:29.100root
11241100x8000000000000000692266Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.100{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f4ab6ed13f2185922023-02-07 15:09:29.100root
11241100x8000000000000000692265Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.100{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f3cb72ee04069e42023-02-07 15:09:29.100root
11241100x8000000000000000692264Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.100{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a53c5d9165b3a7172023-02-07 15:09:29.100root
11241100x8000000000000000692263Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.100{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5a841c60686f3572023-02-07 15:09:29.100root
11241100x8000000000000000692262Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.100{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a96e4bb49279feb12023-02-07 15:09:29.100root
11241100x8000000000000000692261Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.100{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b79c92da1388db032023-02-07 15:09:29.100root
11241100x8000000000000000692260Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.100{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36f7f4f87bd6ba2f2023-02-07 15:09:29.100root
11241100x8000000000000000692277Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.101{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.46e7cc9094b215992023-02-07 15:09:29.101root
11241100x8000000000000000692276Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.101{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c369ab29ea99be72023-02-07 15:09:29.101root
11241100x8000000000000000692275Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.101{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6c41cfef2d8604312023-02-07 15:09:29.101root
11241100x8000000000000000692274Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.101{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e8edcbc18f6ec4452023-02-07 15:09:29.101root
11241100x8000000000000000692273Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.101{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.060f67937c92b0e92023-02-07 15:09:29.101root
11241100x8000000000000000692272Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.101{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6203cee76dd0b9d02023-02-07 15:09:29.101root
11241100x8000000000000000692271Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.101{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eb0a7157bd84f4142023-02-07 15:09:29.101root
11241100x8000000000000000692270Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.101{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d539da8c54e587c2023-02-07 15:09:29.101root
11241100x8000000000000000692269Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.101{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7b5b40cd082de3c12023-02-07 15:09:29.101root
11241100x8000000000000000692284Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.102{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b85cc10b66275f952023-02-07 15:09:29.102root
11241100x8000000000000000692283Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.102{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4107400b58851372023-02-07 15:09:29.102root
11241100x8000000000000000692282Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.102{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a45e43a275c560a52023-02-07 15:09:29.102root
11241100x8000000000000000692281Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.102{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b4ee9bac6b12fc8e2023-02-07 15:09:29.102root
11241100x8000000000000000692280Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.102{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c4db93418f57f9dd2023-02-07 15:09:29.102root
11241100x8000000000000000692279Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.102{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3bcfb241ad34ebdd2023-02-07 15:09:29.102root
11241100x8000000000000000692278Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.102{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7747709c92866f12023-02-07 15:09:29.102root
11241100x8000000000000000692288Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.103{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32a1ae9058b445a32023-02-07 15:09:29.103root
11241100x8000000000000000692287Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.103{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.28c44ab1649a75a12023-02-07 15:09:29.103root
11241100x8000000000000000692286Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.103{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e52831296f06b1412023-02-07 15:09:29.103root
11241100x8000000000000000692285Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.103{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a47dc8f1863758372023-02-07 15:09:29.103root
11241100x8000000000000000692292Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.104{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bbba96e2896f30f22023-02-07 15:09:29.104root
11241100x8000000000000000692291Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.104{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.47b173aef86d1c5a2023-02-07 15:09:29.104root
11241100x8000000000000000692290Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.104{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cf8425baeb7de39f2023-02-07 15:09:29.104root
11241100x8000000000000000692289Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.104{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c02cab9452220d7f2023-02-07 15:09:29.104root
11241100x8000000000000000692297Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.105{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.31785ff744e561a52023-02-07 15:09:29.105root
11241100x8000000000000000692296Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.105{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4262877910e553302023-02-07 15:09:29.105root
11241100x8000000000000000692295Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.105{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.68a2b41f92c9997e2023-02-07 15:09:29.105root
11241100x8000000000000000692294Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.105{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1065c4fdd8b17ee2023-02-07 15:09:29.105root
11241100x8000000000000000692293Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.105{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9226dc8686f5fa672023-02-07 15:09:29.105root
11241100x8000000000000000692304Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.106{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9d7c47057ccc6dd02023-02-07 15:09:29.106root
11241100x8000000000000000692303Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.106{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0a77f95bff54fb4a2023-02-07 15:09:29.106root
11241100x8000000000000000692302Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.106{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8a87c983009a92f2023-02-07 15:09:29.106root
11241100x8000000000000000692301Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.106{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe50de7007a1eae62023-02-07 15:09:29.106root
11241100x8000000000000000692300Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.106{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd41924994d19dfa2023-02-07 15:09:29.106root
11241100x8000000000000000692299Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.106{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d795a74bcb846d572023-02-07 15:09:29.106root
11241100x8000000000000000692298Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.106{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f291cba670603d652023-02-07 15:09:29.106root
11241100x8000000000000000692308Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.107{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.36c6d8d2436deda72023-02-07 15:09:29.107root
11241100x8000000000000000692307Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.107{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.23a45f827b614c3e2023-02-07 15:09:29.107root
11241100x8000000000000000692306Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.107{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.10d00963542713712023-02-07 15:09:29.107root
11241100x8000000000000000692305Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.107{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b62c8c1176be355b2023-02-07 15:09:29.107root
11241100x8000000000000000692312Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.595{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.976c7cddf37c9aed2023-02-07 15:09:29.595root
11241100x8000000000000000692311Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.595{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9922493ec0bff9da2023-02-07 15:09:29.595root
11241100x8000000000000000692310Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.595{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.689d764b590bcf782023-02-07 15:09:29.595root
11241100x8000000000000000692309Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.595{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3691c1ca1eff8bf82023-02-07 15:09:29.595root
11241100x8000000000000000692318Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d6d990f6d24230d32023-02-07 15:09:29.596root
11241100x8000000000000000692317Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ccf1ef414f1d7d622023-02-07 15:09:29.596root
11241100x8000000000000000692316Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2e9bdd7b6ffa73182023-02-07 15:09:29.596root
11241100x8000000000000000692315Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.befb6d41d5d4fbc92023-02-07 15:09:29.596root
11241100x8000000000000000692314Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1fa5d66946fe81c22023-02-07 15:09:29.596root
11241100x8000000000000000692313Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.076348d5a00963bd2023-02-07 15:09:29.596root
11241100x8000000000000000692323Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d892cdaeb0608222023-02-07 15:09:29.597root
11241100x8000000000000000692322Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.645277fe6fc53a5b2023-02-07 15:09:29.597root
11241100x8000000000000000692321Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c7dbcf7ce83a73fc2023-02-07 15:09:29.597root
11241100x8000000000000000692320Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bf3e390bafcb56952023-02-07 15:09:29.597root
11241100x8000000000000000692319Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b96eea79a7bbfeca2023-02-07 15:09:29.597root
11241100x8000000000000000692328Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a30244adbb2bd2582023-02-07 15:09:29.598root
11241100x8000000000000000692327Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7792ec84c766bd6f2023-02-07 15:09:29.598root
11241100x8000000000000000692326Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dd42b5d3940070372023-02-07 15:09:29.598root
11241100x8000000000000000692325Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f34bf9ad11e0c5f2023-02-07 15:09:29.598root
11241100x8000000000000000692324Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.506fb999b2b76b6b2023-02-07 15:09:29.598root
11241100x8000000000000000692332Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.599{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.aef1bf52602269a62023-02-07 15:09:29.599root
11241100x8000000000000000692331Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.599{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fbfce934d6c6d86c2023-02-07 15:09:29.599root
11241100x8000000000000000692330Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.599{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e679eb6da99054c72023-02-07 15:09:29.599root
11241100x8000000000000000692329Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.599{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a72da9e562ba93bf2023-02-07 15:09:29.599root
11241100x8000000000000000692337Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.600{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55e6614f52e928802023-02-07 15:09:29.600root
11241100x8000000000000000692336Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.600{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.94ae2bdd47b99b492023-02-07 15:09:29.600root
11241100x8000000000000000692335Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.600{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dedfd745d19700862023-02-07 15:09:29.600root
11241100x8000000000000000692334Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.600{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cccaec800b5cb8172023-02-07 15:09:29.600root
11241100x8000000000000000692333Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.600{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b3cfbcb7043bbb332023-02-07 15:09:29.600root
11241100x8000000000000000692342Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.601{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5146333627aacc052023-02-07 15:09:29.601root
11241100x8000000000000000692341Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.601{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9691616d34452daf2023-02-07 15:09:29.601root
11241100x8000000000000000692340Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.601{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ae3bcd30aac8e25e2023-02-07 15:09:29.601root
11241100x8000000000000000692339Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.601{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6476ce30a3371362023-02-07 15:09:29.601root
11241100x8000000000000000692338Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.601{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d41577d312a8a59a2023-02-07 15:09:29.601root
11241100x8000000000000000692346Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.602{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7d54babc36f6af4b2023-02-07 15:09:29.602root
11241100x8000000000000000692345Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.602{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.32ac141a3ee2763b2023-02-07 15:09:29.602root
11241100x8000000000000000692344Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.602{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7550969370ccda932023-02-07 15:09:29.602root
11241100x8000000000000000692343Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.602{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.64fa8931d684b9672023-02-07 15:09:29.602root
11241100x8000000000000000692351Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.603{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.601e5791b4f6ec812023-02-07 15:09:29.603root
11241100x8000000000000000692350Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.603{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.90aed173a1891d2b2023-02-07 15:09:29.603root
11241100x8000000000000000692349Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.603{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e06b1e7b4740be0a2023-02-07 15:09:29.603root
11241100x8000000000000000692348Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.603{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1054da744bd5cd592023-02-07 15:09:29.603root
11241100x8000000000000000692347Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.603{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e6a74528a0faad5e2023-02-07 15:09:29.603root
11241100x8000000000000000692355Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.604{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab395992deee5c232023-02-07 15:09:29.604root
11241100x8000000000000000692354Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.604{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15916a5d12a4c47a2023-02-07 15:09:29.604root
11241100x8000000000000000692353Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.604{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ec9a4e54a93c08712023-02-07 15:09:29.604root
11241100x8000000000000000692352Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.604{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.40a253006aca2ccb2023-02-07 15:09:29.604root
11241100x8000000000000000692359Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.605{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b81ae7a597afc6e2023-02-07 15:09:29.605root
11241100x8000000000000000692358Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.605{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.70cf36473477386b2023-02-07 15:09:29.605root
11241100x8000000000000000692357Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.605{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04fa0d1afaa2e6ef2023-02-07 15:09:29.605root
11241100x8000000000000000692356Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.605{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c6a0bf2a2cc02482023-02-07 15:09:29.605root
11241100x8000000000000000692363Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.606{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3833d3b23ff4565b2023-02-07 15:09:29.606root
11241100x8000000000000000692362Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.606{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.929e294c6c2a0e682023-02-07 15:09:29.606root
11241100x8000000000000000692361Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.606{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1fbd2e9ad82ce9602023-02-07 15:09:29.606root
11241100x8000000000000000692360Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.606{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bd02c161e06c3b282023-02-07 15:09:29.606root
11241100x8000000000000000692368Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.607{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3af1aa1c6e9bce662023-02-07 15:09:29.607root
11241100x8000000000000000692367Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.607{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9975b76d14c4ef732023-02-07 15:09:29.607root
11241100x8000000000000000692366Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.607{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.89a866fa7c34c9662023-02-07 15:09:29.607root
11241100x8000000000000000692365Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.607{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b6731b47a93fde92023-02-07 15:09:29.607root
11241100x8000000000000000692364Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.607{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a8fafb30930063102023-02-07 15:09:29.607root
11241100x8000000000000000692369Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:29.608{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.684f4964531010f12023-02-07 15:09:29.608root
11241100x8000000000000000692371Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.095{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e27b35aac5d36ce52023-02-07 15:09:30.095root
11241100x8000000000000000692370Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.095{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e4587ca911b302f02023-02-07 15:09:30.095root
11241100x8000000000000000692379Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f7cc62a5276584b92023-02-07 15:09:30.096root
11241100x8000000000000000692378Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.99e40859fd9741d52023-02-07 15:09:30.096root
11241100x8000000000000000692377Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65f28b76ce49a33f2023-02-07 15:09:30.096root
11241100x8000000000000000692376Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.62cb35a38401aaea2023-02-07 15:09:30.096root
11241100x8000000000000000692375Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d164aa287cdcc3d02023-02-07 15:09:30.096root
11241100x8000000000000000692374Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3e2005c01cb78acb2023-02-07 15:09:30.096root
11241100x8000000000000000692373Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.da21e8b0208a3ffb2023-02-07 15:09:30.096root
11241100x8000000000000000692372Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55396548a6c9ab082023-02-07 15:09:30.096root
11241100x8000000000000000692389Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7da8187682478e792023-02-07 15:09:30.097root
11241100x8000000000000000692388Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f37fa8797f6451982023-02-07 15:09:30.097root
11241100x8000000000000000692387Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b99f203eee7c695e2023-02-07 15:09:30.097root
11241100x8000000000000000692386Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.976535fc4cd1ed962023-02-07 15:09:30.097root
11241100x8000000000000000692385Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.88d935715114b7312023-02-07 15:09:30.097root
11241100x8000000000000000692384Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.271bd583512e27292023-02-07 15:09:30.097root
11241100x8000000000000000692383Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.48281e35348baebb2023-02-07 15:09:30.097root
11241100x8000000000000000692382Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.abf9ae5b183d6a672023-02-07 15:09:30.097root
11241100x8000000000000000692381Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5095c5f008d43d3a2023-02-07 15:09:30.097root
11241100x8000000000000000692380Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.283f3aea7bcea4db2023-02-07 15:09:30.097root
11241100x8000000000000000692400Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.021fb9380760a8002023-02-07 15:09:30.098root
11241100x8000000000000000692399Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04217198dcac86372023-02-07 15:09:30.098root
11241100x8000000000000000692398Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d1a459892cf1af1d2023-02-07 15:09:30.098root
11241100x8000000000000000692397Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5b316075f461f57f2023-02-07 15:09:30.098root
11241100x8000000000000000692396Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8f55df107fe34e612023-02-07 15:09:30.098root
11241100x8000000000000000692395Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d7369c6febcd18452023-02-07 15:09:30.098root
11241100x8000000000000000692394Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.abb0f0467b8236962023-02-07 15:09:30.098root
11241100x8000000000000000692393Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.19f86d49acbafb482023-02-07 15:09:30.098root
11241100x8000000000000000692392Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2701f2f2739161ca2023-02-07 15:09:30.098root
11241100x8000000000000000692391Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dff527e3879c7d312023-02-07 15:09:30.098root
11241100x8000000000000000692390Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.53da9d496451b9b22023-02-07 15:09:30.098root
11241100x8000000000000000692410Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.97224bf4fae746fa2023-02-07 15:09:30.099root
11241100x8000000000000000692409Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fe115782b09d04d72023-02-07 15:09:30.099root
11241100x8000000000000000692408Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e587366934b6d72e2023-02-07 15:09:30.099root
11241100x8000000000000000692407Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.bb420197e34e8bd32023-02-07 15:09:30.099root
11241100x8000000000000000692406Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a28fbdfdc050452a2023-02-07 15:09:30.099root
11241100x8000000000000000692405Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.72ca24f8cd5b409f2023-02-07 15:09:30.099root
11241100x8000000000000000692404Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4910635441ac26142023-02-07 15:09:30.099root
11241100x8000000000000000692403Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.04355cac9687e5f62023-02-07 15:09:30.099root
11241100x8000000000000000692402Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55f05ac5d3f8fd542023-02-07 15:09:30.099root
11241100x8000000000000000692401Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c8772ef0fc820a1d2023-02-07 15:09:30.099root
11241100x8000000000000000692412Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.100{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a83acffe12d786df2023-02-07 15:09:30.100root
11241100x8000000000000000692411Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.100{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2c302fd44b2b2dce2023-02-07 15:09:30.100root
11241100x8000000000000000692416Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.595{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55f9b476e34c02b72023-02-07 15:09:30.595root
11241100x8000000000000000692415Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.595{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a747a8cecd0075162023-02-07 15:09:30.595root
11241100x8000000000000000692414Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.595{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.a93623194d6d284a2023-02-07 15:09:30.595root
11241100x8000000000000000692413Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.595{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.343712b645020dcc2023-02-07 15:09:30.595root
11241100x8000000000000000692420Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c6e12129ab43f17c2023-02-07 15:09:30.596root
11241100x8000000000000000692419Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1134429a86139c672023-02-07 15:09:30.596root
11241100x8000000000000000692418Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6b92bd36b48c98c42023-02-07 15:09:30.596root
11241100x8000000000000000692417Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3f59d68d9be95d842023-02-07 15:09:30.596root
11241100x8000000000000000692424Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.54a188b38566aecc2023-02-07 15:09:30.597root
11241100x8000000000000000692423Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3fa26f2eee1d7bb42023-02-07 15:09:30.597root
11241100x8000000000000000692422Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6a4e79d405c23a342023-02-07 15:09:30.597root
11241100x8000000000000000692421Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.eec7f098b6748e3d2023-02-07 15:09:30.597root
11241100x8000000000000000692431Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11c6784982a72ec02023-02-07 15:09:30.598root
11241100x8000000000000000692430Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1b5da8b5260df122023-02-07 15:09:30.598root
11241100x8000000000000000692429Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2f27e4d4ad9c79da2023-02-07 15:09:30.598root
11241100x8000000000000000692428Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d6acc06c46c0a002023-02-07 15:09:30.598root
11241100x8000000000000000692427Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.545e1ff8be3438152023-02-07 15:09:30.598root
11241100x8000000000000000692426Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.73bb5c22f242e1412023-02-07 15:09:30.598root
11241100x8000000000000000692425Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.598{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5d5c94edd9960eff2023-02-07 15:09:30.598root
11241100x8000000000000000692437Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.599{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.16f97e62214b08872023-02-07 15:09:30.599root
11241100x8000000000000000692436Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.599{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.77e7cdc505567a852023-02-07 15:09:30.599root
11241100x8000000000000000692435Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.599{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b571d4bee4b485442023-02-07 15:09:30.599root
11241100x8000000000000000692434Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.599{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1d098bd52075ed092023-02-07 15:09:30.599root
11241100x8000000000000000692433Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.599{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4f6ee29c16a588692023-02-07 15:09:30.599root
11241100x8000000000000000692432Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.599{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d39446f18466d54d2023-02-07 15:09:30.599root
11241100x8000000000000000692444Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.600{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6304f463f07d061e2023-02-07 15:09:30.600root
11241100x8000000000000000692443Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.600{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.26d9dbe8bea163b32023-02-07 15:09:30.600root
11241100x8000000000000000692442Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.600{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1ef684dfbb1acedf2023-02-07 15:09:30.600root
11241100x8000000000000000692441Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.600{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.31ef3f83c04dcd702023-02-07 15:09:30.600root
11241100x8000000000000000692440Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.600{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8c43b4bd4c5798a12023-02-07 15:09:30.600root
11241100x8000000000000000692439Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.600{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1200f4428648032c2023-02-07 15:09:30.600root
11241100x8000000000000000692438Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.600{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4ac03631ab8848d92023-02-07 15:09:30.600root
11241100x8000000000000000692448Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.601{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e37ae2889a0a2aab2023-02-07 15:09:30.601root
11241100x8000000000000000692447Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.601{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.fec893a02516d9c02023-02-07 15:09:30.601root
11241100x8000000000000000692446Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.601{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.154d73731cbf45c12023-02-07 15:09:30.601root
11241100x8000000000000000692445Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:30.601{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.55a880b7e8016cc12023-02-07 15:09:30.601root
11241100x8000000000000000692450Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.095{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9fdecf21fee247702023-02-07 15:09:31.095root
11241100x8000000000000000692449Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.095{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4bad76eb9422d6a22023-02-07 15:09:31.095root
11241100x8000000000000000692455Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1e22ca555f80734d2023-02-07 15:09:31.096root
11241100x8000000000000000692454Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.275c98b81377b23c2023-02-07 15:09:31.096root
11241100x8000000000000000692453Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.9e74431f6813958f2023-02-07 15:09:31.096root
11241100x8000000000000000692452Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0619582b45f909892023-02-07 15:09:31.096root
11241100x8000000000000000692451Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.096{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.f7947406cc9bdab32023-02-07 15:09:31.096root
11241100x8000000000000000692464Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.015e600f293e8b3b2023-02-07 15:09:31.097root
11241100x8000000000000000692463Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.dee6f9745ceadd972023-02-07 15:09:31.097root
11241100x8000000000000000692462Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.4fbb57750de15cf52023-02-07 15:09:31.097root
11241100x8000000000000000692461Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c50bcba220f767fb2023-02-07 15:09:31.097root
11241100x8000000000000000692460Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8e7df1372aaf59752023-02-07 15:09:31.097root
11241100x8000000000000000692459Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.27bffd8658b736332023-02-07 15:09:31.097root
11241100x8000000000000000692458Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d8586512abbd3ce62023-02-07 15:09:31.097root
11241100x8000000000000000692457Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a645ec3a39c1baa2023-02-07 15:09:31.097root
11241100x8000000000000000692456Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.097{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1199664a64d7aac2023-02-07 15:09:31.097root
11241100x8000000000000000692467Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.140a1350ba73bc392023-02-07 15:09:31.098root
11241100x8000000000000000692466Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.41789c7e444bb2f72023-02-07 15:09:31.098root
11241100x8000000000000000692465Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.098{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.7cec9ed5071426d62023-02-07 15:09:31.098root
11241100x8000000000000000692471Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.02ebc2a22e65b6a92023-02-07 15:09:31.099root
11241100x8000000000000000692470Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1a925560898c9a3e2023-02-07 15:09:31.099root
11241100x8000000000000000692469Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6afb8f830286934e2023-02-07 15:09:31.099root
11241100x8000000000000000692468Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.099{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.92d572f7d778e5552023-02-07 15:09:31.099root
11241100x8000000000000000692473Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.101{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.212faccd21d65fbf2023-02-07 15:09:31.101root
11241100x8000000000000000692472Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.101{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c27e3c8bd64a399f2023-02-07 15:09:31.101root
11241100x8000000000000000692480Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.102{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.3735268e983953222023-02-07 15:09:31.102root
11241100x8000000000000000692479Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.102{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2fafadb366172ff72023-02-07 15:09:31.102root
11241100x8000000000000000692478Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.102{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.be550164fd8c05382023-02-07 15:09:31.102root
11241100x8000000000000000692477Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.102{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cb3c10f7b670d87c2023-02-07 15:09:31.102root
11241100x8000000000000000692476Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.102{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.78fbce724cfe7b1d2023-02-07 15:09:31.102root
11241100x8000000000000000692475Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.102{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.507d9ca5bbfdc6182023-02-07 15:09:31.102root
11241100x8000000000000000692474Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.102{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.e82952e66853fbdb2023-02-07 15:09:31.102root
11241100x8000000000000000692483Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.103{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.557c34353207cc082023-02-07 15:09:31.103root
11241100x8000000000000000692482Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.103{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.884d75bdbe4dd7f82023-02-07 15:09:31.103root
11241100x8000000000000000692481Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.103{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.11e5167a3d19ad792023-02-07 15:09:31.103root
11241100x8000000000000000692486Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.104{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ac6048f76e1fe0332023-02-07 15:09:31.104root
11241100x8000000000000000692485Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.104{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.22e24686aa5e20412023-02-07 15:09:31.104root
11241100x8000000000000000692484Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.104{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.15d885fcf46221972023-02-07 15:09:31.104root
11241100x8000000000000000692489Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.105{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.87c28823fe33749d2023-02-07 15:09:31.105root
11241100x8000000000000000692488Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.105{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.ab28dc8a9548a8e62023-02-07 15:09:31.105root
11241100x8000000000000000692487Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.105{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d5e375dcac76dfc02023-02-07 15:09:31.105root
354300x8000000000000000692490Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.169{ec244aba-32d2-63e2-d9ff-4d0400000000}5697/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-44182-false10.0.1.12-8000-
11241100x8000000000000000692497Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.595{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.311040b167e2e7ee2023-02-07 15:09:31.595root
11241100x8000000000000000692496Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.595{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c9c1967d70b8ac8d2023-02-07 15:09:31.595root
11241100x8000000000000000692495Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.595{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c1c7e0deeea5fab72023-02-07 15:09:31.595root
11241100x8000000000000000692494Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.595{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.cdb3ab4049f461222023-02-07 15:09:31.595root
11241100x8000000000000000692493Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.595{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.80ac70e2dcbe41862023-02-07 15:09:31.595root
11241100x8000000000000000692492Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.595{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.5a6ef78e4630e7302023-02-07 15:09:31.595root
11241100x8000000000000000692491Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.595{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.341946d38d4b29672023-02-07 15:09:31.595root
11241100x8000000000000000692510Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8a2f5173148930a72023-02-07 15:09:31.596root
11241100x8000000000000000692509Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.d2cb81aa5db963742023-02-07 15:09:31.596root
11241100x8000000000000000692508Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.2301a2303c9abb582023-02-07 15:09:31.596root
11241100x8000000000000000692507Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.17d6168c16172f9c2023-02-07 15:09:31.596root
11241100x8000000000000000692506Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.30b856f6643e467a2023-02-07 15:09:31.596root
11241100x8000000000000000692505Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.65cfa4a30c5837fc2023-02-07 15:09:31.596root
11241100x8000000000000000692504Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.920843c32e3b876f2023-02-07 15:09:31.596root
11241100x8000000000000000692503Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.b43e6b47154db4a32023-02-07 15:09:31.596root
11241100x8000000000000000692502Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.569b4a441b799ef42023-02-07 15:09:31.596root
11241100x8000000000000000692501Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.0d77598a645b83672023-02-07 15:09:31.596root
11241100x8000000000000000692500Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.6d7ec437b9dede372023-02-07 15:09:31.596root
11241100x8000000000000000692499Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1cd8ecc470d509af2023-02-07 15:09:31.596root
11241100x8000000000000000692498Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.596{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.1f1ff172f274ab6b2023-02-07 15:09:31.596root
11241100x8000000000000000692511Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:31.597{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.c4ec9108251bb1372023-02-07 15:09:31.597root
354300x8000000000000000692549Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:37.123{ec244aba-32d2-63e2-d9ff-4d0400000000}5697/opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/streamfwdroottcptruefalse10.0.1.20-51134-false10.0.1.12-8000-
11241100x8000000000000000692550Linux-Sysmon/Operationalsysmonlinux-ctus-attack-range-2212-2023-02-07 15:09:37.595{ec244aba-32cf-63e2-601c-830f96550000}5692/opt/splunkforwarder/bin/splunkd/opt/splunkforwarder/var/lib/splunk/modinputs/journald/sysmon.checkpoint.tmp.8cfbd0ba23a932bb2023-02-07 15:09:37.595root
112411