Jul 22 01:47:42 bastion LinuxCommandsWazuh: User rihan [3479766]:  1096  make cookie-bash 
Jul 22 10:05:03 bastion LinuxCommandsWazuh: User ankur [3984610]: 74  exit
Jul 22 10:05:44 bastion LinuxCommandsWazuh: User ankur [3984610]: 75  byobu
Jul 22 10:05:49 bastion LinuxCommandsWazuh: User ankur [3984610]: 75  byobu
Jul 22 12:18:25 bastion LinuxCommandsWazuh: User rihan [3999808]:  1147  byobu
Jul 22 12:20:05 bastion LinuxCommandsWazuh: User rihan [3999808]:  1148  psql -d vortex_v2 -U postgres
Jul 22 12:20:14 bastion LinuxCommandsWazuh: User ubuntu [4000201]:  1751  cat service.json 
Jul 22 13:04:55 bastion LinuxCommandsWazuh: User mohtashim [4045301]:  1335  exit
Jul 22 13:04:57 bastion LinuxCommandsWazuh: User mohtashim [4045301]:  1336  clear
Jul 22 13:04:59 bastion LinuxCommandsWazuh: User mohtashim [4045301]:  1337  psql
Jul 22 13:04:59 bastion LinuxCommandsWazuh: User mohtashim [4045301]:  1337  psql
Jul 22 13:05:23 bastion LinuxCommandsWazuh: User mohtashim [4045301]:  1338  psql -h 10.94.16.3 -U postgres -d nitrox_v2;
Jul 22 13:05:27 bastion LinuxCommandsWazuh: User mohtashim [4045301]:  1339  psql
Jul 22 13:14:09 bastion LinuxCommandsWazuh: User mohtashim [4045301]:  1339  psql
Jul 22 13:14:10 bastion LinuxCommandsWazuh: User mohtashim [4045301]:  1340  clear
Jul 22 13:15:33 bastion LinuxCommandsWazuh: User mohtashim [4045301]:  1341  kubetail -f cookie-cutter-common-task | grep "16a37a48-cc22-4337-a894-6ee479753916"
Jul 22 13:15:33 bastion LinuxCommandsWazuh: User mohtashim [4045301]:  1341  kubetail -f cookie-cutter-common-task | grep "16a37a48-cc22-4337-a894-6ee479753916"
Jul 22 13:15:33 bastion LinuxCommandsWazuh: User mohtashim [4045301]:  1341  kubetail -f cookie-cutter-common-task | grep "16a37a48-cc22-4337-a894-6ee479753916"
Jul 22 13:15:33 bastion LinuxCommandsWazuh: User mohtashim [4045301]:  1342  clear
Jul 22 13:16:25 bastion LinuxCommandsWazuh: User mohtashim [4045301]:  1343  kubetail -f cookie-cutter-common-task | grep "facebook.py"
Jul 22 13:16:33 bastion LinuxCommandsWazuh: User mohtashim [4045301]:  1344  kubectl get pods
Jul 22 13:18:03 bastion LinuxCommandsWazuh: User mohtashim [4045301]:  1345  kubetail -f cookie-cutter-queues | grep "facebook.py"
Jul 22 13:18:25 bastion LinuxCommandsWazuh: User mohtashim [4045301]:  1346  kubctl logs -f 'cookie-cutter-queues-6f776f5b6-2kmjx' | grep 'facebook.py'
Jul 22 13:18:32 bastion LinuxCommandsWazuh: User mohtashim [4045301]:  1347  kubtail logs -f 'cookie-cutter-queues-6f776f5b6-2kmjx' | grep 'facebook.py'
Jul 22 13:19:41 bastion LinuxCommandsWazuh: User mohtashim [4045301]:  1348  kubectl logs -f 'cookie-cutter-queues-6f776f5b6-2kmjx' | grep 'facebook.py'
Jul 22 13:19:48 bastion LinuxCommandsWazuh: User mohtashim [4045301]:  1349  kubectl logs -f 'cookie-cutter-queues-6f776f5b6-2kmjx' | grep '205bd8d5-4992-4372-8e86-37ab32571c6a'
Jul 22 13:19:48 bastion LinuxCommandsWazuh: User mohtashim [4045301]:  1349  kubectl logs -f 'cookie-cutter-queues-6f776f5b6-2kmjx' | grep '205bd8d5-4992-4372-8e86-37ab32571c6a'
Jul 22 13:19:54 bastion LinuxCommandsWazuh: User mohtashim [4045301]:  1350  kubetail logs -f
Jul 22 13:20:05 bastion LinuxCommandsWazuh: User mohtashim [4045301]:  1350  
Jul 22 13:20:05 bastion LinuxCommandsWazuh: User mohtashim [4045301]:  1350  
Jul 22 13:20:08 bastion LinuxCommandsWazuh: User mohtashim [4045301]:  1351  clear
Jul 22 13:39:09 bastion LinuxCommandsWazuh: User mohtashim [21982]:  1351  exit
Jul 22 13:39:11 bastion LinuxCommandsWazuh: User mohtashim [21982]:  1352  clear
Jul 22 13:39:33 bastion LinuxCommandsWazuh: User mohtashim [21982]:  1353  psql
Jul 22 14:24:57 bastion LinuxCommandsWazuh: User mohtashim [68016]:  1354  exit
Jul 22 14:35:48 bastion LinuxCommandsWazuh: User mohtashim [68016]:  1355  mongo pixel_v1
Jul 22 14:35:49 bastion LinuxCommandsWazuh: User mohtashim [68016]:  1356  clear
Jul 22 15:14:17 bastion LinuxCommandsWazuh: User ankur [117956]: 76  exit
Jul 22 15:35:56 bastion LinuxCommandsWazuh: User mohtashim [160394]:  1357  exit
Jul 22 15:56:13 bastion LinuxCommandsWazuh: User mohtashim [160394]:  1358  psql
Jul 22 15:57:07 bastion LinuxCommandsWazuh: User mohtashim [160394]:  1359  clear
Jul 22 15:57:18 bastion LinuxCommandsWazuh: User mohtashim [160394]:  1360  kubectl get pods
Jul 22 15:57:56 bastion LinuxCommandsWazuh: User mohtashim [160394]:  1361  kubectl logs -f cookie-cutter-queues-cf899d5fd-jqc4m
Jul 22 15:57:56 bastion LinuxCommandsWazuh: User mohtashim [160394]:  1361  kubectl logs -f cookie-cutter-queues-cf899d5fd-jqc4m
Jul 22 15:58:23 bastion LinuxCommandsWazuh: User mohtashim [203889]:  1357  exit
Jul 22 15:58:31 bastion LinuxCommandsWazuh: User mohtashim [204184]:  1357  exit
Jul 22 15:58:35 bastion LinuxCommandsWazuh: User mohtashim [204184]:  1358  clear
Jul 22 15:58:37 bastion LinuxCommandsWazuh: User mohtashim [204184]:  1359  kubectl get pods
Jul 22 15:59:35 bastion LinuxCommandsWazuh: User mohtashim [203889]:  1358  kubectl logs -f cookie-cutter-queues-cf899d5fd-2q4sm | grep "facebook.py"
Jul 22 15:59:40 bastion LinuxCommandsWazuh: User mohtashim [203889]:  1359  kubectl get pods
Jul 22 16:01:46 bastion LinuxCommandsWazuh: User mohtashim [160394]:  1362  kubectl logs -f cookie-cutter-queues-cf899d5fd-jqc4m | grep "facebook.py"
Jul 22 16:01:50 bastion LinuxCommandsWazuh: User mohtashim [204184]:  1360  kubectl logs -f cookie-cutter-queues-cf899d5fd-29dg7 | grep "facebook.py"
Jul 22 16:01:50 bastion LinuxCommandsWazuh: User mohtashim [204184]:  1360  kubectl logs -f cookie-cutter-queues-cf899d5fd-29dg7 | grep "facebook.py"
Jul 22 16:08:54 bastion LinuxCommandsWazuh: User ubuntu [4000201]:  1752  clickhouse 
Jul 22 16:08:55 bastion LinuxCommandsWazuh: User rihan [3479766]:  1097  sudo su ubuntu
Jul 22 16:08:56 bastion LinuxCommandsWazuh: User rihan [3999808]:  1149  byobu
Jul 22 16:50:22 bastion LinuxCommandsWazuh: User mohtashim [234617]:  1370  exit
Jul 22 16:50:23 bastion LinuxCommandsWazuh: User mohtashim [234617]:  1371  clear
Jul 22 16:50:27 bastion LinuxCommandsWazuh: User mohtashim [234617]:  1371  clear
Jul 22 16:50:42 bastion LinuxCommandsWazuh: User mohtashim [234617]:  1372  mongo pixel_v1;
Jul 22 16:50:43 bastion LinuxCommandsWazuh: User mohtashim [234617]:  1373  clear
Jul 22 17:00:49 bastion LinuxCommandsWazuh: User ayush [235681]:   237  cool-server 
Jul 22 17:00:58 bastion LinuxCommandsWazuh: User ayush [235681]:   238  psql
Jul 22 17:01:09 bastion LinuxCommandsWazuh: User ayush [235681]:   239  psql -u postgress
Jul 22 17:01:15 bastion LinuxCommandsWazuh: User ayush [235681]:   240  psql -U postgress
Jul 22 17:01:32 bastion LinuxCommandsWazuh: User ayush [235681]:   241  psql -U treasuure
Jul 22 17:01:35 bastion LinuxCommandsWazuh: User ayush [235681]:   242  psql -U treasure
Jul 22 17:10:24 bastion LinuxCommandsWazuh: User abhijeet [236733]:   817  kubectl get pods -n nitrox-production
Jul 22 17:10:27 bastion LinuxCommandsWazuh: User abhijeet [236733]:   818  ls
Jul 22 17:10:34 bastion LinuxCommandsWazuh: User ubuntu [236755]:  1752  clickhouse 
Jul 22 17:10:35 bastion LinuxCommandsWazuh: User ubuntu [236755]:  1753  ls
Jul 22 17:10:36 bastion LinuxCommandsWazuh: User ubuntu [236755]:  1754  cd
Jul 22 17:10:37 bastion LinuxCommandsWazuh: User ubuntu [236755]:  1755  cd ..
Jul 22 17:10:38 bastion LinuxCommandsWazuh: User ubuntu [236755]:  1756  ls
Jul 22 17:10:41 bastion LinuxCommandsWazuh: User ubuntu [236755]:  1757  cd mohtashim/
Jul 22 17:10:41 bastion LinuxCommandsWazuh: User ubuntu [236755]:  1758  ls
Jul 22 17:10:54 bastion LinuxCommandsWazuh: User ubuntu [236755]:  1759  cd .ssh/
Jul 22 17:11:02 bastion LinuxCommandsWazuh: User ubuntu [236755]:  1760  sudo cd .ssh
Jul 22 17:11:04 bastion abhijeet: root@ [236832]: exit [0]
Jul 22 17:11:06 bastion abhijeet: root@ [236832]: cd .ssh/ [0]
Jul 22 17:11:07 bastion abhijeet: root@ [236832]: ls [0]
Jul 22 17:11:10 bastion abhijeet: root@ [236832]: cat id_rsa.pub  [0]
Jul 22 17:12:21 bastion LinuxCommandsWazuh: User ubuntu [236755]:  1761  sudo su
Jul 22 17:12:33 bastion LinuxCommandsWazuh: User ubuntu [236755]:  1762  su mohtashim
Jul 22 17:12:37 bastion LinuxCommandsWazuh: User mohtashim [236895]:  1370  exit
Jul 22 17:13:28 bastion LinuxCommandsWazuh: User mohtashim [236895]:  1371  ssh ubuntu@34.131.223.232
Jul 22 17:14:11 bastion LinuxCommandsWazuh: User mohtashim [236895]:  1372  ssh ubuntu@34.131.223.232 | clickhouse-client -d analytics
Jul 22 17:15:25 bastion LinuxCommandsWazuh: User ubuntu [237032]:  1752  clickhouse 
Jul 22 17:15:36 bastion LinuxCommandsWazuh: User ubuntu [237032]:  1753  ls
Jul 22 17:15:36 bastion LinuxCommandsWazuh: User ubuntu [237032]:  1754  cd ..
Jul 22 17:15:39 bastion LinuxCommandsWazuh: User mohtashim [237060]:  1370  exit
Jul 22 17:15:40 bastion LinuxCommandsWazuh: User mohtashim [237060]:  1371  cd
Jul 22 17:15:42 bastion LinuxCommandsWazuh: User mohtashim [237060]:  1372  ssh ubuntu@34.131.223.232 "clickhouse-client -d analytics"
Jul 22 17:16:36 bastion LinuxCommandsWazuh: User mohtashim [234617]:  1374  mongo pixel_v1;
Jul 22 17:16:37 bastion LinuxCommandsWazuh: User mohtashim [234617]:  1375  clear
Jul 22 17:16:42 bastion LinuxCommandsWazuh: User mohtashim [234617]:  1376  click-house
Jul 22 17:16:44 bastion LinuxCommandsWazuh: User mohtashim [234617]:  1377  clickhouse
Jul 22 17:16:50 bastion LinuxCommandsWazuh: User mohtashim [234617]:  1378  clear
Jul 22 17:16:52 bastion LinuxCommandsWazuh: User mohtashim [234617]:  1379  ls
Jul 22 17:16:55 bastion LinuxCommandsWazuh: User mohtashim [234617]:  1380  cat Makefile
Jul 22 17:17:10 bastion LinuxCommandsWazuh: User mohtashim [237060]:  1373  ssh ubuntu@34.131.223.232 "clickhouse-client -u default --password 'meraclickhouse' -d analytics" 
Jul 22 17:17:14 bastion LinuxCommandsWazuh: User mohtashim [234617]:  1381  cat README.md 
Jul 22 17:17:19 bastion LinuxCommandsWazuh: User mohtashim [234617]:  1382  clear
Jul 22 17:17:20 bastion LinuxCommandsWazuh: User mohtashim [236895]:  1373  ssh ubuntu@34.131.223.232 "clickhouse-client -u default --password meraclickhouse -d analytic "
Jul 22 17:18:16 bastion LinuxCommandsWazuh: User mohtashim [236895]:  1374  ssh ubuntu@34.131.223.232 "clickhouse-client -u default --password meraclickhouse -d analytics "
Jul 22 17:21:16 bastion LinuxCommandsWazuh: User mohtashim [236895]:  1375  vim .bashrc 
Jul 22 17:21:24 bastion LinuxCommandsWazuh: User mohtashim [236895]:  1376  bash .bashrc 
Jul 22 17:21:34 bastion LinuxCommandsWazuh: User mohtashim [236895]:  1377  source .bashrc 
Jul 22 17:22:10 bastion LinuxCommandsWazuh: User mohtashim [237060]:  1374  exot
Jul 22 17:22:12 bastion LinuxCommandsWazuh: User ubuntu [237032]:  1755  sudo su mohtashim
Jul 22 17:22:23 bastion LinuxCommandsWazuh: User mohtashim [236895]:  1378  clickhouse-server 
Jul 22 17:38:49 bastion LinuxCommandsWazuh: User mohtashim [234617]:  1383  clickhoust-server
Jul 22 17:39:03 bastion LinuxCommandsWazuh: User mohtashim [234617]:  1384  clear
Jul 22 17:39:06 bastion LinuxCommandsWazuh: User mohtashim [239940]:  1390  exit
Jul 22 17:39:07 bastion LinuxCommandsWazuh: User mohtashim [239940]:  1391  clickhoust-server
Jul 22 17:39:11 bastion LinuxCommandsWazuh: User mohtashim [239940]:  1392  clear
Jul 22 17:39:12 bastion LinuxCommandsWazuh: User mohtashim [239940]:  1393  clickhoust-server
Jul 22 18:20:21 bastion LinuxCommandsWazuh: User ayush [243688]:   243  exit
Jul 22 18:20:55 bastion LinuxCommandsWazuh: User ayush [243688]:   244  kubectl get pods --all-namespaces
Jul 22 18:20:55 bastion LinuxCommandsWazuh: User ayush [243688]:   244  kubectl get pods --all-namespaces
Jul 22 18:21:10 bastion LinuxCommandsWazuh: User ayush [243688]:   245  kubectl get pods --all-namespaces || grep tre
Jul 22 18:21:14 bastion LinuxCommandsWazuh: User ayush [243688]:   246  kubectl get pods --all-namespaces || grep tresure
Jul 22 18:21:41 bastion LinuxCommandsWazuh: User ayush [243688]:   247  kubectl get pods --all-namespaces
Jul 22 18:22:28 bastion LinuxCommandsWazuh: User ayush [243688]:   248  docker ps
Jul 22 18:28:03 bastion LinuxCommandsWazuh: User ayush [243688]:   249  kubectl exec -it rewards-be-59564c56d5-w77pl
Jul 22 18:28:53 bastion LinuxCommandsWazuh: User ayush [243688]:   250  kubectl exec -it rewards-be-59564c56d5-w77pl bash
Jul 22 18:29:09 bastion LinuxCommandsWazuh: User ayush [243688]:   251  kubectl logs rewards-be-59564c56d5-w77pl
Jul 22 18:29:49 bastion LinuxCommandsWazuh: User ayush [243688]:   252  kubectl get pods --all-namespaces
Jul 22 18:31:56 bastion LinuxCommandsWazuh: User mohtashim [239940]:  1394  clickhouse-server
Jul 22 18:31:57 bastion LinuxCommandsWazuh: User mohtashim [239940]:  1395  clear
Jul 22 18:34:17 bastion LinuxCommandsWazuh: User ubuntu [245177]:  1756  exit
Jul 22 18:34:20 bastion LinuxCommandsWazuh: User ubuntu [245177]:  1757  k get pods
Jul 22 18:34:29 bastion LinuxCommandsWazuh: User ubuntu [245177]:  1758  kubectl get pods
Jul 22 18:34:34 bastion LinuxCommandsWazuh: User venky [245286]:  1729  kubectl exec -it cookie-cutter-queues-newrelic-54bcd9cdc8-fs6cp -- bash
Jul 22 18:34:38 bastion LinuxCommandsWazuh: User venky [245286]:  1730  k get pods
Jul 22 18:34:40 bastion LinuxCommandsWazuh: User venky [245286]:  1731  cd
Jul 22 18:34:46 bastion LinuxCommandsWazuh: User venky [245286]:  1732  kubectl get pods
Jul 22 18:34:55 bastion LinuxCommandsWazuh: User mohtashim [239940]:  1396  mongo pixel_v1;
Jul 22 18:34:56 bastion LinuxCommandsWazuh: User mohtashim [239940]:  1396  mongo pixel_v1;
Jul 22 18:35:42 bastion LinuxCommandsWazuh: User mohtashim [239940]:  1397  db.events.find({org: '7c9c2ebf-8e5c-45e6-9ad0-5f56dc1f7783', event: 'orders/create', created_at: {$gt: ISODate('2025-07-13T00:00:00.460Z'), $lte: ISODate('2025-07-13T23:59:59.460Z')},"utms.utm_source": 'taboola'})
Jul 22 18:35:42 bastion LinuxCommandsWazuh: User mohtashim [239940]:  1397  db.events.find({org: '7c9c2ebf-8e5c-45e6-9ad0-5f56dc1f7783', event: 'orders/create', created_at: {$gt: ISODate('2025-07-13T00:00:00.460Z'), $lte: ISODate('2025-07-13T23:59:59.460Z')},"utms.utm_source": 'taboola'})
Jul 22 18:43:15 bastion LinuxCommandsWazuh: User ankur [246419]: 77  byobu
Jul 22 18:55:51 bastion LinuxCommandsWazuh: User mohtashim [239940]:  1398  mongo pixel_v1
Jul 22 19:14:19 bastion LinuxCommandsWazuh: User ubuntu [236755]:  1763  sudo su mohtashim
Jul 22 19:14:21 bastion LinuxCommandsWazuh: User abhijeet [236733]:   819  sudo su ubuntu
Jul 22 19:32:09 bastion LinuxCommandsWazuh: User ankur [296123]: 77  byobu
Jul 22 19:37:57 bastion LinuxCommandsWazuh: User venky [305947]:  1729  kubectl exec -it cookie-cutter-queues-newrelic-54bcd9cdc8-fs6cp -- bash
Jul 22 19:38:17 bastion LinuxCommandsWazuh: User venky [305947]:  1730  kubectl get deploy
Jul 22 19:39:05 bastion LinuxCommandsWazuh: User venky [305947]:  1731  stern urlbird-jobs
Jul 22 19:40:12 bastion LinuxCommandsWazuh: User venky [305947]:  1731  stern urlbird-jobs
Jul 22 19:40:20 bastion LinuxCommandsWazuh: User venky [305947]:  1732  stern urlbird-jobs | grep DEMOGRAPHICS
Jul 22 19:40:35 bastion LinuxCommandsWazuh: User venky [305947]:  1732  stern urlbird-jobs | grep DEMOGRAPHICS
Jul 22 20:29:18 bastion LinuxCommandsWazuh: User ankur [358709]: 77  byobu
Jul 22 20:29:26 bastion LinuxCommandsWazuh: User ankur [296123]: 77  byobu
Jul 22 22:59:55 bastion LinuxCommandsWazuh: User ankur [372641]: 79  exit
Jul 22 23:26:04 bastion LinuxCommandsWazuh: User ankur [372641]: 80  byobu