Apr 24 12:33:55 bastion LinuxCommandsWazuh: User mohtashim [3815404]: 641 psql -h 10.94.16.3 -U postgres -d datapulse_v1 Apr 24 12:34:01 bastion LinuxCommandsWazuh: User mohtashim [3815404]: 642 kubectl get pods Apr 24 12:34:22 bastion LinuxCommandsWazuh: User mohtashim [3815404]: 643 kubectl get hpa Apr 24 13:09:29 bastion LinuxCommandsWazuh: User venky [3818674]: 534 byobu Apr 24 13:19:31 bastion LinuxCommandsWazuh: User mohtashim [3828544]: 643 kubectl get hpa Apr 24 13:19:34 bastion LinuxCommandsWazuh: User mohtashim [3828544]: 643 kubectl get hpa Apr 24 13:19:35 bastion LinuxCommandsWazuh: User mohtashim [3828544]: 643 kubectl get hpa Apr 24 13:19:38 bastion LinuxCommandsWazuh: User mohtashim [3828544]: 644 psql Apr 24 13:27:02 bastion LinuxCommandsWazuh: User venky [2503329]: 437 kubectl rollout restart deploy xlr8 Apr 24 13:27:21 bastion LinuxCommandsWazuh: User mohtashim [3828544]: 644 psql Apr 24 13:28:16 bastion LinuxCommandsWazuh: User venky [2503329]: 438 kubetal get pods | xlr8 Apr 24 13:28:19 bastion LinuxCommandsWazuh: User venky [2503329]: 439 kubetal get pods | grep xlr8 Apr 24 13:29:24 bastion LinuxCommandsWazuh: User venky [2503329]: 439 kubetal get pods | grep xlr8 Apr 24 13:29:26 bastion LinuxCommandsWazuh: message repeated 11 times: [ User venky [2503329]: 439 kubetal get pods | grep xlr8] Apr 24 13:29:31 bastion LinuxCommandsWazuh: User venky [2503329]: 440 kubectl get pods | grep xlr8 Apr 24 13:41:12 bastion LinuxCommandsWazuh: User devesh [3849895]: 1153 byobu Apr 24 16:14:16 bastion LinuxCommandsWazuh: User mohtashim [4019167]: 644 psql Apr 24 16:21:13 bastion LinuxCommandsWazuh: User ubuntu [4026228]: 667 byobu Apr 24 16:21:14 bastion LinuxCommandsWazuh: User ubuntu [4026228]: 668 ls Apr 24 16:21:17 bastion LinuxCommandsWazuh: User ubuntu [446226]: 842 ls Apr 24 16:21:21 bastion LinuxCommandsWazuh: User ubuntu [446226]: 843 kubetail Apr 24 16:21:42 bastion LinuxCommandsWazuh: User ubuntu [446226]: 843 kubetail Apr 24 16:21:44 bastion LinuxCommandsWazuh: User ubuntu [4026228]: 669 byobu Apr 24 16:21:53 bastion LinuxCommandsWazuh: User ubuntu [4026228]: 670 kubectl get pods Apr 24 16:22:32 bastion LinuxCommandsWazuh: User mohtashim [4028180]: 644 psql Apr 24 16:22:36 bastion LinuxCommandsWazuh: message repeated 2 times: [ User mohtashim [4028180]: 644 psql] Apr 24 16:22:43 bastion LinuxCommandsWazuh: User mohtashim [4028180]: 645 kubectl get pods Apr 24 16:23:06 bastion LinuxCommandsWazuh: User mohtashim [4028180]: 646 kubectl logs -f datapulse-celery-69bdfdc869-2mkpk Apr 24 16:23:08 bastion LinuxCommandsWazuh: User mohtashim [4028180]: 647 clear Apr 24 16:34:06 bastion LinuxCommandsWazuh: User devesh [2551314]: 1136 mongosh --host 10.190.0.29 Apr 24 16:34:35 bastion LinuxCommandsWazuh: User devesh [2551314]: 1136 mongosh --host 10.190.0.29 Apr 24 16:34:38 bastion LinuxCommandsWazuh: User ankur [4039765]: 143 exit Apr 24 16:55:54 bastion LinuxCommandsWazuh: User ankur [4061061]: 143 exit Apr 24 16:55:55 bastion LinuxCommandsWazuh: User ankur [4061061]: 144 ls Apr 24 17:02:50 bastion LinuxCommandsWazuh: User ankur [4061061]: 145 clickhouse-ssh Apr 24 17:08:32 bastion LinuxCommandsWazuh: User venky [4073310]: 534 byobu Apr 24 17:08:42 bastion LinuxCommandsWazuh: User venky [2503329]: 440 kubectl get pods | grep xlr8 Apr 24 17:09:00 bastion LinuxCommandsWazuh: User venky [2503329]: 441 kubetail xlr8 Apr 24 17:09:06 bastion LinuxCommandsWazuh: User venky [2503329]: 441 kubetail xlr8 Apr 24 17:09:44 bastion LinuxCommandsWazuh: User venky [2503329]: 441 kubetail xlr8 Apr 24 17:10:01 bastion LinuxCommandsWazuh: message repeated 6 times: [ User venky [2503329]: 441 kubetail xlr8] Apr 24 17:11:03 bastion LinuxCommandsWazuh: User venky [2503329]: 441 kubetail xlr8 Apr 24 17:12:09 bastion LinuxCommandsWazuh: User venky [2503329]: 442 kubectl get po | grep Apr 24 17:12:10 bastion LinuxCommandsWazuh: message repeated 4 times: [ User venky [2503329]: 442 kubectl get po | grep ] Apr 24 17:12:14 bastion LinuxCommandsWazuh: User venky [2503329]: 443 kubectl get po | grep xlr8 Apr 24 17:12:31 bastion LinuxCommandsWazuh: User venky [2503329]: 444 kubetail xlr8-5f98fb447d-n8gn8 Apr 24 17:13:01 bastion LinuxCommandsWazuh: User venky [2503329]: 445 kubetail xlr8-5f98fb447d Apr 24 17:13:39 bastion LinuxCommandsWazuh: User venky [2503329]: 445 kubetail xlr8-5f98fb447d Apr 24 17:13:39 bastion LinuxCommandsWazuh: message repeated 2 times: [ User venky [2503329]: 445 kubetail xlr8-5f98fb447d] Apr 24 17:13:55 bastion LinuxCommandsWazuh: User venky [2503329]: 446 kubectl get pod -owide | grep xlr8 Apr 24 17:15:05 bastion LinuxCommandsWazuh: User venky [2503329]: 447 curl -v 10.84.18.16:11007 Apr 24 17:15:34 bastion LinuxCommandsWazuh: User mohtashim [4019167]: 645 psql -h 10.94.16.3 -U postgres -d datapulse_v1 Apr 24 17:16:31 bastion LinuxCommandsWazuh: User venky [2503329]: 447 curl -v 10.84.18.16:11007 Apr 24 17:16:35 bastion LinuxCommandsWazuh: User venky [2503329]: 448 curl -v 10.84.18.16:11007/health Apr 24 17:16:35 bastion LinuxCommandsWazuh: message repeated 2 times: [ User venky [2503329]: 448 curl -v 10.84.18.16:11007/health] Apr 24 17:16:38 bastion LinuxCommandsWazuh: User venky [2503329]: 449 kubectl get pod -owide | grep xlr8 Apr 24 17:16:44 bastion LinuxCommandsWazuh: User venky [2503329]: 450 curl -v 10.84.18.16:11008/health Apr 24 17:16:46 bastion LinuxCommandsWazuh: User venky [2503329]: 450 curl -v 10.84.18.16:11008/health Apr 24 17:16:53 bastion LinuxCommandsWazuh: User venky [2503329]: 451 curl -v 10.84.18.16:11007/health Apr 24 17:16:56 bastion LinuxCommandsWazuh: User venky [2503329]: 452 curl -v http10.84.18.16:11007/health Apr 24 17:17:16 bastion LinuxCommandsWazuh: User venky [2503329]: 453 curl -v http://10.84.18.16:11007/health Apr 24 17:17:16 bastion LinuxCommandsWazuh: message repeated 3 times: [ User venky [2503329]: 453 curl -v http://10.84.18.16:11007/health] Apr 24 17:17:36 bastion LinuxCommandsWazuh: User venky [2503329]: 453 curl -v http://10.84.18.16:11007/health Apr 24 17:17:37 bastion LinuxCommandsWazuh: message repeated 4 times: [ User venky [2503329]: 453 curl -v http://10.84.18.16:11007/health] Apr 24 17:17:54 bastion LinuxCommandsWazuh: User venky [2503329]: 453 curl -v http://10.84.18.16:11007/health Apr 24 17:17:54 bastion LinuxCommandsWazuh: User venky [2503329]: 453 curl -v http://10.84.18.16:11007/health Apr 24 17:18:02 bastion LinuxCommandsWazuh: User venky [2503329]: 454 curl -v http://10.84.18.16:11008/health Apr 24 17:18:09 bastion LinuxCommandsWazuh: User venky [2503329]: 455 curl -v http://10.84.18.16:11008/dash Apr 24 17:18:12 bastion LinuxCommandsWazuh: User venky [2503329]: 456 curl -v https://10.84.18.16:11008/dash Apr 24 17:18:35 bastion LinuxCommandsWazuh: User venky [2503329]: 457 curl -v https://10.84.18.16:11007/dash Apr 24 17:18:42 bastion LinuxCommandsWazuh: User venky [2503329]: 458 curl -v http://10.84.18.16:11007/dash Apr 24 17:19:09 bastion LinuxCommandsWazuh: User venky [2503329]: 459 curl -vk http://10.84.18.16:11007/dash Apr 24 17:19:16 bastion LinuxCommandsWazuh: User venky [2503329]: 460 kubectl get pod -owide | grep xlr8 Apr 24 17:19:27 bastion LinuxCommandsWazuh: User venky [2503329]: 461 curl -vk http://10.84.12.50:11007/dash Apr 24 17:19:30 bastion LinuxCommandsWazuh: message repeated 2 times: [ User venky [2503329]: 461 curl -vk http://10.84.12.50:11007/dash] Apr 24 17:19:30 bastion LinuxCommandsWazuh: User venky [2503329]: 461 curl -vk http://10.84.12.50:11007/dash Apr 24 17:19:32 bastion LinuxCommandsWazuh: message repeated 2 times: [ User venky [2503329]: 461 curl -vk http://10.84.12.50:11007/dash] Apr 24 17:19:49 bastion LinuxCommandsWazuh: User venky [2503329]: 462 curl -vk http://10.84.12.50:11007/health Apr 24 17:19:49 bastion LinuxCommandsWazuh: message repeated 4 times: [ User venky [2503329]: 462 curl -vk http://10.84.12.50:11007/health] Apr 24 17:20:02 bastion LinuxCommandsWazuh: User venky [2503329]: 463 curl -vk http://10.84.12.50:11008/health Apr 24 17:37:30 bastion LinuxCommandsWazuh: User venky [2503329]: 463 curl -vk http://10.84.12.50:11008/health Apr 24 17:37:33 bastion LinuxCommandsWazuh: User venky [2503329]: 464 kubectl get pod -owide | grep xlr8 Apr 24 17:37:50 bastion LinuxCommandsWazuh: User venky [2503329]: 465 curl -vk http://10.84.8.47:11008/health Apr 24 17:37:52 bastion LinuxCommandsWazuh: User venky [2503329]: 465 curl -vk http://10.84.8.47:11008/health Apr 24 17:38:02 bastion LinuxCommandsWazuh: User venky [10004]: 534 byobu Apr 24 17:46:14 bastion LinuxCommandsWazuh: User venky [24525]: 534 byobu Apr 24 17:46:17 bastion LinuxCommandsWazuh: User venky [24525]: 534 byobu Apr 24 18:01:31 bastion LinuxCommandsWazuh: User venky [4073310]: 534 byobu Apr 24 18:33:13 bastion LinuxCommandsWazuh: User venky [4073310]: 535 kubectl get po | grep xlr8 Apr 24 18:52:08 bastion LinuxCommandsWazuh: User venky [43516]: 535 kubectl get po | grep xlr8 Apr 24 18:52:09 bastion LinuxCommandsWazuh: User venky [43516]: 535 kubectl get po | grep xlr8 Apr 24 18:54:30 bastion LinuxCommandsWazuh: User venky [43516]: 535 kubectl get po | grep xlr8 Apr 24 18:54:55 bastion LinuxCommandsWazuh: User venky [43516]: 536 kubectl describe pod xlr8-5f98 Apr 24 18:55:23 bastion LinuxCommandsWazuh: User venky [43516]: 537 kubectl get po | grep xlr8 Apr 24 18:55:38 bastion LinuxCommandsWazuh: User venky [43516]: 538 kubectl get po -owide | grep xlr8 Apr 24 18:55:51 bastion LinuxCommandsWazuh: User venky [43516]: 539 curl -v 10.84.6.8:11007:health Apr 24 18:55:54 bastion LinuxCommandsWazuh: User venky [43516]: 540 curl -v 10.84.6.8:11007/health Apr 24 18:55:59 bastion LinuxCommandsWazuh: message repeated 5 times: [ User venky [43516]: 540 curl -v 10.84.6.8:11007/health] Apr 24 18:56:01 bastion LinuxCommandsWazuh: User venky [43516]: 541 kubectl get po -owide | grep xlr8 Apr 24 18:56:10 bastion LinuxCommandsWazuh: User venky [43516]: 542 curl -v 10.84.8.48:11007/health Apr 24 19:06:46 bastion LinuxCommandsWazuh: User devesh [45279]: 1153 byobu Apr 24 20:30:27 bastion LinuxCommandsWazuh: User devesh [283275]: 1125 mongosh --host 10.190.0.29 Apr 24 20:30:32 bastion LinuxCommandsWazuh: User devesh [283275]: 1126 kubectl get pods Apr 24 20:31:31 bastion LinuxCommandsWazuh: User devesh [636145]: 1122 psql -U postgres -h 10.94.16.3 -d datapulse_v1 Apr 24 20:31:35 bastion LinuxCommandsWazuh: User devesh [636145]: 1123 curl -X POST https://hoc.nitrocommerce.ai/get-identified-org-users -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZXJ2aWNlIjoiaW50ZXJuYWwiLCJleHAiOjE3NzAyMzIwMjh9.0HAGv317SiCyAsRInfQQml0PoIn2bAE01Sw1KUl0SJc" -H "Content-Type: application/json" -d '{"org_id":"0e5e6091-33e2-4aa3-8a6c-9341c69568d1","from_date":"2025-01-01","to_date":"2025-01-07","limit":50,"offset":0}' Apr 24 20:35:10 bastion LinuxCommandsWazuh: User devesh [636145]: 1123 curl -X POST https://hoc.nitrocommerce.ai/get-identified-org-users -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZXJ2aWNlIjoiaW50ZXJuYWwiLCJleHAiOjE3NzAyMzIwMjh9.0HAGv317SiCyAsRInfQQml0PoIn2bAE01Sw1KUl0SJc" -H "Content-Type: application/json" -d '{"org_id":"0e5e6091-33e2-4aa3-8a6c-9341c69568d1","from_date":"2025-01-01","to_date":"2025-01-07","limit":50,"offset":0}' Apr 24 20:35:17 bastion LinuxCommandsWazuh: User devesh [283275]: 1127 kubectl logs -f house-of-click-5ff56758df-rc4vp Apr 24 20:35:21 bastion LinuxCommandsWazuh: User devesh [283275]: 1127 kubectl logs -f house-of-click-5ff56758df-rc4vp Apr 24 20:35:23 bastion LinuxCommandsWazuh: User devesh [283275]: 1128 kubectl get pods Apr 24 20:45:23 bastion LinuxCommandsWazuh: User devesh [283275]: 1128 kubectl get pods Apr 24 20:45:23 bastion LinuxCommandsWazuh: User devesh [636145]: 1123 curl -X POST https://hoc.nitrocommerce.ai/get-identified-org-users -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZXJ2aWNlIjoiaW50ZXJuYWwiLCJleHAiOjE3NzAyMzIwMjh9.0HAGv317SiCyAsRInfQQml0PoIn2bAE01Sw1KUl0SJc" -H "Content-Type: application/json" -d '{"org_id":"0e5e6091-33e2-4aa3-8a6c-9341c69568d1","from_date":"2025-01-01","to_date":"2025-01-07","limit":50,"offset":0}'