Sep 8 00:45:01 bastion LinuxCommandsWazuh: User abhijeet [1854005]: 1998 sudo su ayush Sep 8 00:45:05 bastion LinuxCommandsWazuh: User abhijeet [1854005]: 1999 ls Sep 8 00:57:03 bastion LinuxCommandsWazuh: User abhijeet [1854005]: 2000 kubectl get pods -n nitrox-production Sep 8 00:57:24 bastion LinuxCommandsWazuh: message repeated 2 times: [ User abhijeet [1854005]: 2000 kubectl get pods -n nitrox-production] Sep 8 00:58:06 bastion LinuxCommandsWazuh: User abhijeet [1854005]: 2001 kubectl get logs --tail 100 -f -n nitrox-production vortex-765b5957f9-gpzk8 Sep 8 00:58:13 bastion LinuxCommandsWazuh: User abhijeet [1854005]: 2002 kubectl get logs -f -n nitrox-production vortex-765b5957f9-gpzk8 Sep 8 00:58:19 bastion LinuxCommandsWazuh: User abhijeet [1854005]: 2003 kubectl get logs -n nitrox-production vortex-765b5957f9-gpzk8 Sep 8 00:58:39 bastion LinuxCommandsWazuh: User abhijeet [1854005]: 2004 kubectl logs -n nitrox-production vortex-765b5957f9-gpzk8 Sep 8 00:58:39 bastion LinuxCommandsWazuh: User abhijeet [1854005]: 2004 kubectl logs -n nitrox-production vortex-765b5957f9-gpzk8 Sep 8 00:59:08 bastion LinuxCommandsWazuh: User abhijeet [1854005]: 2005 kubectl logs -n nitrox-production vortex-765b5957f9-gpzk8 --tail 100 -f Sep 8 00:59:12 bastion LinuxCommandsWazuh: User abhijeet [1854005]: 2006 kubectl get pods -n nitrox-production Sep 8 00:59:52 bastion LinuxCommandsWazuh: User abhijeet [1854005]: 2007 kubectl logs -n nitrox-production vortex-dramatiq-8c8c7dd48-s42lz --tail 100 -f Sep 8 00:59:56 bastion LinuxCommandsWazuh: User abhijeet [1854005]: 2008 kubectl get pods -n nitrox-production Sep 8 01:00:21 bastion LinuxCommandsWazuh: User abhijeet [1854005]: 2009 kubectl logs -n nitrox-production vortex-dramatiq-exports-df64b944b-ws2bq --tail 100 -f Sep 8 01:00:24 bastion LinuxCommandsWazuh: User abhijeet [1854005]: 2010 kubectl get pods -n nitrox-production Sep 8 01:00:42 bastion LinuxCommandsWazuh: User abhijeet [1854005]: 2011 kubectl logs -n nitrox-production vortex-dramatiq-ingest-85b6bbc6b5-pxl46 --tail 100 -f Sep 8 01:00:44 bastion LinuxCommandsWazuh: User abhijeet [1854005]: 2012 kubectl get pods -n nitrox-production Sep 8 01:01:08 bastion LinuxCommandsWazuh: User abhijeet [1854005]: 2013 kubectl logs -n nitrox-production vortex-765b5957f9-gpzk8 --tail 100 -f Sep 8 01:01:09 bastion LinuxCommandsWazuh: User abhijeet [1854005]: 2014 ls Sep 8 01:01:24 bastion LinuxCommandsWazuh: User abhijeet [1854005]: 2015 kubectl get pods -n nitrox-production Sep 8 01:01:48 bastion LinuxCommandsWazuh: User abhijeet [1854005]: 2016 kubectl logs -n nitrox-production forever-c8db6d48f-mmbrg --tail 100 -f Sep 8 01:02:29 bastion LinuxCommandsWazuh: User abhijeet [1854005]: 2017 kubectl get pods -n nitrox-production Sep 8 01:02:39 bastion LinuxCommandsWazuh: User abhijeet [1854005]: 2018 kubectl get pods -n nitrox-production | grep dakya Sep 8 01:02:41 bastion LinuxCommandsWazuh: User abhijeet [1854005]: 2019 kubectl get pods -n nitrox-production | grep dak Sep 8 01:03:14 bastion LinuxCommandsWazuh: User abhijeet [1854005]: 2020 kubectl logs -n nitrox-production dakiya-7fdf4c9c5-6kzgc --tail 100 -f Sep 8 01:03:22 bastion LinuxCommandsWazuh: User abhijeet [1854005]: 2020 kubectl logs -n nitrox-production dakiya-7fdf4c9c5-6kzgc --tail 100 -f Sep 8 01:03:25 bastion LinuxCommandsWazuh: User abhijeet [1854005]: 2021 kubectl get pods -n nitrox-production | grep dak Sep 8 01:03:33 bastion LinuxCommandsWazuh: message repeated 3 times: [ User abhijeet [1854005]: 2021 kubectl get pods -n nitrox-production | grep dak] Sep 8 01:03:58 bastion LinuxCommandsWazuh: User abhijeet [1854005]: 2022 kubectl get deployment -n nitrox-production | grep dak Sep 8 01:04:01 bastion LinuxCommandsWazuh: User abhijeet [1854005]: 2022 kubectl get deployment -n nitrox-production | grep dak Sep 8 01:04:04 bastion LinuxCommandsWazuh: User abhijeet [1854005]: 2023 kubectl get pods -n nitrox-production | grep dak Sep 8 01:04:13 bastion LinuxCommandsWazuh: User abhijeet [1854005]: 2023 kubectl get pods -n nitrox-production | grep dak Sep 8 01:04:52 bastion LinuxCommandsWazuh: User abhijeet [1854005]: 2024 #kubectl rollout restrt deployment dakiya -n nitr Sep 8 01:04:55 bastion LinuxCommandsWazuh: User abhijeet [1854005]: 2025 kubectl get pods -n nitrox-production | grep dak Sep 8 01:04:58 bastion LinuxCommandsWazuh: User abhijeet [1854005]: 2025 kubectl get pods -n nitrox-production | grep dak Sep 8 01:05:41 bastion LinuxCommandsWazuh: User abhijeet [1854005]: 2026 kubectl logs -n nitrox-production dakiya-76ff65d8fb-2flxt --tail 100 -f Sep 8 12:00:14 bastion LinuxCommandsWazuh: User venky [1914515]: 1998 kubectl edit deploy xlr8 Sep 8 12:00:32 bastion LinuxCommandsWazuh: User venky [3239080]: 1992 mongo Sep 8 12:03:27 bastion LinuxCommandsWazuh: User abhijeet [1917702]: 1998 kubectl logs -n nitrox-production dakiya-76ff65d8fb-2flxt --tail 100 -f Sep 8 12:03:36 bastion LinuxCommandsWazuh: User abhijeet [1917702]: 1999 kubectl get pods -n loki Sep 8 12:04:04 bastion LinuxCommandsWazuh: User abhijeet [1917702]: 2000 kubectl logs grafana-769c7b685f-tpfx2 Sep 8 12:04:07 bastion LinuxCommandsWazuh: User abhijeet [1917702]: 2001 kubectl logs grafana-769c7b685f-tpfx2 -n loki Sep 8 12:06:09 bastion LinuxCommandsWazuh: User venky [1914515]: 1999 byobu Sep 8 12:06:12 bastion LinuxCommandsWazuh: User venky [1920993]: 1998 byobu Sep 8 12:06:16 bastion LinuxCommandsWazuh: User venky [3239080]: 1993 mongo-server Sep 8 12:06:21 bastion LinuxCommandsWazuh: User venky [1920993]: 1998 byobu Sep 8 12:06:22 bastion LinuxCommandsWazuh: User venky [1920993]: 1998 byobu Sep 8 12:13:34 bastion LinuxCommandsWazuh: User venky [1921430]: 1998 byobu Sep 8 12:13:39 bastion LinuxCommandsWazuh: User venky [3239080]: 1993 mongo-server Sep 8 12:13:39 bastion LinuxCommandsWazuh: message repeated 3 times: [ User venky [3239080]: 1993 mongo-server ] Sep 8 12:15:34 bastion LinuxCommandsWazuh: User abhijeet [1917702]: 2002 kubectl logs grafana-769c7b685f-tpfx2 -n loki -f Sep 8 12:18:51 bastion LinuxCommandsWazuh: User shamailtayyab [1927079]: 1997 redis-server Sep 8 12:18:53 bastion LinuxCommandsWazuh: User shamailtayyab [1927079]: 1998 mongo Sep 8 12:19:01 bastion LinuxCommandsWazuh: message repeated 3 times: [ User shamailtayyab [1927079]: 1998 mongo] Sep 8 12:20:19 bastion LinuxCommandsWazuh: User shamailtayyab [1927079]: 1999 ssh ubuntu@10.190.0.29 Sep 8 12:20:22 bastion LinuxCommandsWazuh: User shamailtayyab [1927079]: 1999 ssh ubuntu@10.190.0.29 Sep 8 12:20:44 bastion LinuxCommandsWazuh: User shamailtayyab [1927079]: 2000 ssh ubuntu@10.190.0.123 Sep 8 12:21:09 bastion LinuxCommandsWazuh: User shamailtayyab [1927079]: 2001 ssh ubuntu@10.190.0.29 Sep 8 12:29:27 bastion LinuxCommandsWazuh: User shamailtayyab [1927079]: 2002 ssh ubuntu@34.131.172.123 Sep 8 12:30:38 bastion LinuxCommandsWazuh: User shamailtayyab [1927079]: 2002 ssh ubuntu@34.131.172.123 Sep 8 12:31:17 bastion LinuxCommandsWazuh: User shamailtayyab [1927079]: 2002 ssh ubuntu@34.131.172.123 Sep 8 12:31:17 bastion LinuxCommandsWazuh: User venky [3239080]: 1993 mongo-server Sep 8 12:31:48 bastion LinuxCommandsWazuh: User shamailtayyab [1927079]: 2002 ssh ubuntu@34.131.172.123 Sep 8 12:32:00 bastion LinuxCommandsWazuh: message repeated 17 times: [ User shamailtayyab [1927079]: 2002 ssh ubuntu@34.131.172.123] Sep 8 12:32:44 bastion LinuxCommandsWazuh: User shamailtayyab [1927079]: 2002 ssh ubuntu@34.131.172.123 Sep 8 12:34:16 bastion LinuxCommandsWazuh: User shamailtayyab [1927079]: 2002 ssh ubuntu@34.131.172.123 Sep 8 12:35:25 bastion LinuxCommandsWazuh: User shamailtayyab [1927079]: 2002 ssh ubuntu@34.131.172.123 Sep 8 12:35:48 bastion LinuxCommandsWazuh: User shamailtayyab [1927079]: 2002 ssh ubuntu@34.131.172.123 Sep 8 12:35:49 bastion LinuxCommandsWazuh: User shamailtayyab [1927079]: 2002 ssh ubuntu@34.131.172.123 Sep 8 12:35:51 bastion LinuxCommandsWazuh: message repeated 2 times: [ User shamailtayyab [1927079]: 2002 ssh ubuntu@34.131.172.123] Sep 8 12:35:51 bastion LinuxCommandsWazuh: User shamailtayyab [1927079]: 2002 ssh ubuntu@34.131.172.123 Sep 8 12:35:56 bastion LinuxCommandsWazuh: message repeated 8 times: [ User shamailtayyab [1927079]: 2002 ssh ubuntu@34.131.172.123] Sep 8 12:38:46 bastion LinuxCommandsWazuh: User ankur [1947425]: 1918 byobu Sep 8 12:38:52 bastion LinuxCommandsWazuh: User ankur [1947673]: 1918 byobu Sep 8 12:39:07 bastion LinuxCommandsWazuh: User ankur [1947673]: 1919 stern cookie-cutt er Sep 8 12:39:07 bastion LinuxCommandsWazuh: User ankur [1947673]: 1919 stern cookie-cutt er Sep 8 12:39:16 bastion LinuxCommandsWazuh: User ankur [1947673]: 1920 stern cookie-cutter Sep 8 12:39:25 bastion LinuxCommandsWazuh: message repeated 4 times: [ User ankur [1947673]: 1920 stern cookie-cutter] Sep 8 12:39:37 bastion LinuxCommandsWazuh: User ankur [1947673]: 1921 stern cookie-cutter | grep "error" Sep 8 12:39:37 bastion LinuxCommandsWazuh: User ankur [1947673]: 1921 stern cookie-cutter | grep "error" Sep 8 12:43:14 bastion LinuxCommandsWazuh: User ankur [1947673]: 1921 stern cookie-cutter | grep "error" Sep 8 12:43:57 bastion LinuxCommandsWazuh: User shamailtayyab [1927079]: 2002 ssh ubuntu@34.131.172.123 Sep 8 12:43:57 bastion LinuxCommandsWazuh: User abhijeet [1917702]: 2003 kubectl get pods -n nitrox-productino Sep 8 12:44:02 bastion LinuxCommandsWazuh: User abhijeet [1917702]: 2004 kubectl get pods -n nitrox-production Sep 8 12:44:10 bastion LinuxCommandsWazuh: User abhijeet [1917702]: 2005 #kubectl get -n nitrox-production Sep 8 12:44:31 bastion LinuxCommandsWazuh: User abhijeet [1917702]: 2006 kubectl logs vortex-dramatiq-exports-df64b944b-dd85b --tail 100 Sep 8 12:44:39 bastion LinuxCommandsWazuh: User abhijeet [1917702]: 2007 kubectl logs vortex-dramatiq-exports-df64b944b-dd85b --tail 100 -f Sep 8 12:46:03 bastion LinuxCommandsWazuh: User abhijeet [1917702]: 2008 kubectl get pods | grep vor Sep 8 12:46:21 bastion LinuxCommandsWazuh: User abhijeet [1917702]: 2009 kubectl logs vortex-dramatiq-exports-df64b944b-tx4nz --tail 100 -f Sep 8 12:46:25 bastion LinuxCommandsWazuh: User abhijeet [1917702]: 2010 kubectl get pods | grep for Sep 8 12:46:42 bastion LinuxCommandsWazuh: User abhijeet [1917702]: 2011 kubectl logs forever-585f8d576-blljf --tail 100 -fd Sep 8 12:46:48 bastion LinuxCommandsWazuh: User abhijeet [1917702]: 2012 kubectl logs forever-585f8d576-blljf --tail 100 -f Sep 8 12:46:51 bastion LinuxCommandsWazuh: User abhijeet [1917702]: 2013 kubectl get pods | grep for Sep 8 12:47:07 bastion LinuxCommandsWazuh: User abhijeet [1917702]: 2014 kubectl logs forever-585f8d576-r87gw --tail 100 -f Sep 8 12:47:16 bastion LinuxCommandsWazuh: User abhijeet [1917702]: 2015 kubectl get pods | grep house Sep 8 12:47:19 bastion LinuxCommandsWazuh: User mohtashim [1965358]: 835 k get pods | grep "cookie" Sep 8 12:47:33 bastion LinuxCommandsWazuh: User mohtashim [1965358]: 836 kubectl get pods Sep 8 12:47:39 bastion LinuxCommandsWazuh: User abhijeet [1917702]: 2016 kubectl logs house-of-click-59fdccdf9-4zp9p --tail 100 -f Sep 8 12:47:43 bastion LinuxCommandsWazuh: User abhijeet [1917702]: 2017 kubectl logs forever-585f8d576-blljf --tail 100 -fd Sep 8 12:47:55 bastion LinuxCommandsWazuh: User abhijeet [1917702]: 2018 kubectl logs forever-585f8d576-blljf --tail 100 -f Sep 8 12:48:08 bastion LinuxCommandsWazuh: User mohtashim [1965358]: 837 k get deploy Sep 8 12:48:36 bastion LinuxCommandsWazuh: User mohtashim [1965358]: 838 k rollout restart deploy vortex-dramatiq Sep 8 12:48:40 bastion LinuxCommandsWazuh: User mohtashim [1965358]: 839 k get pods Sep 8 12:48:42 bastion LinuxCommandsWazuh: User mohtashim [1965358]: 840 k gtehpa Sep 8 12:48:45 bastion LinuxCommandsWazuh: User mohtashim [1965358]: 841 k get hpa Sep 8 12:49:11 bastion LinuxCommandsWazuh: User mohtashim [1965358]: 842 k gte pods Sep 8 12:49:52 bastion LinuxCommandsWazuh: User mohtashim [1965358]: 843 k get pods Sep 8 12:50:05 bastion LinuxCommandsWazuh: User abhijeet [1917702]: 2019 kubectl logs house-of-click-59fdccdf9-4zp9p --tail 100 -f Sep 8 12:50:08 bastion LinuxCommandsWazuh: User mohtashim [1965358]: 843 k get pods Sep 8 12:50:47 bastion LinuxCommandsWazuh: User mohtashim [1965358]: 844 k get logs -f cookie-cutter-765945bf55-9dp2f Sep 8 12:51:01 bastion LinuxCommandsWazuh: User mohtashim [1965358]: 845 k decsribe pod cookie-cutter-765945bf55-9dp2f Sep 8 12:51:12 bastion LinuxCommandsWazuh: User ankur [1947673]: 1921 stern cookie-cutter | grep "error" Sep 8 12:51:13 bastion LinuxCommandsWazuh: User mohtashim [1965358]: 846 k describe pod cookie-cutter-765945bf55-9dp2f Sep 8 12:51:23 bastion LinuxCommandsWazuh: User ankur [1947673]: 1922 stern cookie-cutter Sep 8 12:51:24 bastion LinuxCommandsWazuh: User mohtashim [1965358]: 847 k gte pods Sep 8 12:51:27 bastion LinuxCommandsWazuh: User mohtashim [1965358]: 848 k get pods Sep 8 12:51:30 bastion LinuxCommandsWazuh: User mohtashim [1965358]: 849 k get pods Sep 8 12:51:36 bastion LinuxCommandsWazuh: User mohtashim [1965358]: 850 k get pods | grep "cookie" Sep 8 12:51:47 bastion LinuxCommandsWazuh: User mohtashim [1965358]: 851 k get pos Sep 8 12:51:49 bastion LinuxCommandsWazuh: User mohtashim [1965358]: 852 k get pods Sep 8 12:52:09 bastion LinuxCommandsWazuh: User ankur [1947673]: 1922 stern cookie-cutter Sep 8 12:52:22 bastion LinuxCommandsWazuh: message repeated 8 times: [ User ankur [1947673]: 1922 stern cookie-cutter] Sep 8 12:52:29 bastion LinuxCommandsWazuh: User ankur [1947673]: 1923 k get pods | grep cookie Sep 8 12:52:48 bastion LinuxCommandsWazuh: User ankur [1947673]: 1924 stern cookie-cutter-queues Sep 8 12:52:55 bastion LinuxCommandsWazuh: User ankur [1947673]: 1925 stern cookie-cutter Sep 8 12:53:03 bastion LinuxCommandsWazuh: User mohtashim [1965358]: 853 k logs -f forever-585f8d576-r87gw Sep 8 12:53:42 bastion LinuxCommandsWazuh: User ankur [1947673]: 1925 stern cookie-cutter Sep 8 12:54:23 bastion LinuxCommandsWazuh: message repeated 4 times: [ User ankur [1947673]: 1925 stern cookie-cutter] Sep 8 12:54:39 bastion LinuxCommandsWazuh: User ankur [1947673]: 1925 stern cookie-cutter Sep 8 12:55:06 bastion LinuxCommandsWazuh: User abhijeet [1917702]: 2019 kubectl logs house-of-click-59fdccdf9-4zp9p --tail 100 -f Sep 8 12:55:32 bastion LinuxCommandsWazuh: User abhijeet [1917702]: 2020 kubectl get pods | grep coo Sep 8 12:55:50 bastion LinuxCommandsWazuh: User abhijeet [1917702]: 2021 kubectl logs cookie-cutter-queues-6c469fdc56-lf9qn --tail 100 -f Sep 8 12:55:53 bastion LinuxCommandsWazuh: User abhijeet [1917702]: 2022 kubectl get pods | grep coo Sep 8 12:55:58 bastion LinuxCommandsWazuh: User mohtashim [1965358]: 854 clear Sep 8 12:56:00 bastion LinuxCommandsWazuh: User mohtashim [1965358]: 855 k get pods Sep 8 12:56:05 bastion LinuxCommandsWazuh: User mohtashim [1983045]: 835 k get pods | grep "cookie" Sep 8 12:56:08 bastion LinuxCommandsWazuh: User mohtashim [1983045]: 836 clear Sep 8 12:56:14 bastion LinuxCommandsWazuh: User abhijeet [1917702]: 2023 kubectl logs cookie-cutter-765945bf55-hw5wp --tail 100 -f Sep 8 12:56:33 bastion LinuxCommandsWazuh: User ankur [1947673]: 1925 stern cookie-cutter Sep 8 12:56:41 bastion LinuxCommandsWazuh: message repeated 7 times: [ User ankur [1947673]: 1925 stern cookie-cutter] Sep 8 12:57:06 bastion LinuxCommandsWazuh: User mohtashim [1983045]: 837 sten cookie-cutter Sep 8 12:57:45 bastion LinuxCommandsWazuh: User mohtashim [1983045]: 838 clear Sep 8 12:57:48 bastion LinuxCommandsWazuh: User mohtashim [1983045]: 838 clear Sep 8 12:58:39 bastion LinuxCommandsWazuh: User abhijeet [1917702]: 2024 kubectl get pods | grep vor Sep 8 12:58:55 bastion LinuxCommandsWazuh: User abhijeet [1917702]: 2025 kubectl logs vortex-765b5957f9-gpzk8 --tail 100 -f Sep 8 12:59:03 bastion LinuxCommandsWazuh: User abhijeet [1917702]: 2026 kubectl get pods | grep ray Sep 8 12:59:39 bastion LinuxCommandsWazuh: User abhijeet [1917702]: 2027 kubectl logs ray-patched-57449969f6-8rxh6 --tail 100 -f Sep 8 12:59:50 bastion LinuxCommandsWazuh: User mohtashim [1983045]: 839 mongo pixel_v1 Sep 8 12:59:51 bastion LinuxCommandsWazuh: User abhijeet [1917702]: 2028 kubectl get deployment -n nitrox-production Sep 8 13:00:07 bastion LinuxCommandsWazuh: User ankur [1947673]: 1926 k get pods | grep ray Sep 8 13:00:16 bastion LinuxCommandsWazuh: User abhijeet [1917702]: 2029 kubectl rollout restart ray-patched -n nitrox-production Sep 8 13:00:28 bastion LinuxCommandsWazuh: User abhijeet [1917702]: 2030 kubectl rollout restart deployment ray-patched -n nitrox-production Sep 8 13:00:30 bastion LinuxCommandsWazuh: User ankur [1947673]: 1927 stern ray-patched-57449969f6-9xj8z Sep 8 13:00:37 bastion LinuxCommandsWazuh: User ankur [1947673]: 1927 stern ray-patched-57449969f6-9xj8z Sep 8 13:00:40 bastion LinuxCommandsWazuh: User ankur [1947673]: 1928 k get pods | grep ray Sep 8 13:00:58 bastion LinuxCommandsWazuh: User ankur [1947673]: 1929 stern ray-patched-57449969f6-8rxh6 Sep 8 13:01:00 bastion LinuxCommandsWazuh: User ankur [1947673]: 1930 k get pods | grep ray Sep 8 13:01:01 bastion LinuxCommandsWazuh: User abhijeet [1917702]: 2031 kubectl rollout status deployment ray-patched -n nitrox-production Sep 8 13:01:06 bastion LinuxCommandsWazuh: User abhijeet [1917702]: 2032 kubectl get pods | grep ray Sep 8 13:01:07 bastion LinuxCommandsWazuh: User ankur [1947673]: 1931 k get hpa Sep 8 13:01:10 bastion LinuxCommandsWazuh: User mohtashim [1965358]: 856 stern forever Sep 8 13:01:10 bastion LinuxCommandsWazuh: User mohtashim [1965358]: 856 stern forever Sep 8 13:01:48 bastion LinuxCommandsWazuh: User abhijeet [1917702]: 2032 kubectl get pods | grep ray Sep 8 13:01:51 bastion LinuxCommandsWazuh: message repeated 2 times: [ User abhijeet [1917702]: 2032 kubectl get pods | grep ray] Sep 8 13:02:07 bastion LinuxCommandsWazuh: User ankur [1947673]: 1932 k get hpa Sep 8 13:02:10 bastion LinuxCommandsWazuh: User ankur [1947673]: 1933 k get pods | grep ray Sep 8 13:02:35 bastion LinuxCommandsWazuh: User ankur [1947673]: 1934 stern ray-patched-86c877bf9f-xcfgq Sep 8 13:02:36 bastion LinuxCommandsWazuh: message repeated 6 times: [ User ankur [1947673]: 1934 stern ray-patched-86c877bf9f-xcfgq] Sep 8 13:03:10 bastion LinuxCommandsWazuh: User mohtashim [1965358]: 856 stern forever Sep 8 13:03:10 bastion LinuxCommandsWazuh: User mohtashim [1965358]: 856 stern forever Sep 8 13:03:10 bastion LinuxCommandsWazuh: User abhijeet [1917702]: 2033 kubectl logs ray-patched-86c877bf9f-dm5hp --tail 100 -f Sep 8 13:03:10 bastion LinuxCommandsWazuh: User mohtashim [1965358]: 856 stern forever Sep 8 13:03:10 bastion LinuxCommandsWazuh: User mohtashim [1965358]: 856 stern forever Sep 8 13:43:04 bastion LinuxCommandsWazuh: User abhijeet [2073258]: 1998 exit Sep 8 13:44:21 bastion LinuxCommandsWazuh: User ayush [2075849]: 434 cool-server Sep 8 13:47:41 bastion LinuxCommandsWazuh: User ankur [1947673]: 1934 stern ray-patched-86c877bf9f-xcfgq Sep 8 13:47:41 bastion LinuxCommandsWazuh: message repeated 3 times: [ User ankur [1947673]: 1934 stern ray-patched-86c877bf9f-xcfgq] Sep 8 13:47:53 bastion LinuxCommandsWazuh: User ankur [1947425]: 1918 byobu Sep 8 14:29:50 bastion LinuxCommandsWazuh: User ankur [2124744]: 1936 exit Sep 8 14:29:55 bastion LinuxCommandsWazuh: User ankur [2124744]: 1936 exit Sep 8 14:35:59 bastion LinuxCommandsWazuh: User ayush [2075849]: 434 cool-server Sep 8 14:41:55 bastion LinuxCommandsWazuh: User ankur [2136557]: 1937 byobu Sep 8 14:42:12 bastion LinuxCommandsWazuh: User ankur [2136557]: 1937 byobu Sep 8 14:55:19 bastion LinuxCommandsWazuh: User abhijeet [2137825]: 1998 sudo su ayush Sep 8 14:55:20 bastion LinuxCommandsWazuh: User abhijeet [2137825]: 1999 ls Sep 8 14:55:25 bastion LinuxCommandsWazuh: User ayush [2137848]: 434 cool-server Sep 8 15:03:22 bastion LinuxCommandsWazuh: User ashish [2138808]: 434 byobu Sep 8 15:03:27 bastion LinuxCommandsWazuh: message repeated 3 times: [ User ashish [2138808]: 434 byobu] Sep 8 15:03:28 bastion LinuxCommandsWazuh: User ashish [2138808]: 435 ls Sep 8 15:03:46 bastion LinuxCommandsWazuh: User ashish [2138888]: 434 byobu Sep 8 15:04:06 bastion LinuxCommandsWazuh: User ashish [2138888]: 435 k get pods Sep 8 15:04:20 bastion LinuxCommandsWazuh: User ashish [2138888]: 436 kubectl get pods Sep 8 15:06:00 bastion LinuxCommandsWazuh: User ashish [2138888]: 437 kubectl logs -f rewards-7754c8c7cb-clkt4 Sep 8 15:06:10 bastion LinuxCommandsWazuh: User ankur [2142042]: 1937 byobu Sep 8 15:06:27 bastion LinuxCommandsWazuh: User ankur [1380161]: 1923 k get pods | grep vortex Sep 8 15:06:33 bastion LinuxCommandsWazuh: User aman [2143019]: 209 clear Sep 8 15:06:37 bastion LinuxCommandsWazuh: User ankur [1380161]: 1924 stern vortex-dramatiq Sep 8 15:06:38 bastion LinuxCommandsWazuh: User aman [2143019]: 210 kubectl get pods Sep 8 15:06:53 bastion LinuxCommandsWazuh: User aman [2143019]: 211 kubectl get logs -f nitrox-dramatiq-8bb54b5b-6hdz4 Sep 8 15:06:56 bastion LinuxCommandsWazuh: User ankur [1380161]: 1924 stern vortex-dramatiq Sep 8 15:06:58 bastion LinuxCommandsWazuh: User aman [2143019]: 211 kubectl get logs -f nitrox-dramatiq-8bb54b5b-6hdz4 Sep 8 15:06:58 bastion LinuxCommandsWazuh: User aman [2143019]: 211 kubectl get logs -f nitrox-dramatiq-8bb54b5b-6hdz4 Sep 8 15:07:05 bastion LinuxCommandsWazuh: User ankur [1380161]: 1925 stern vortex-dramatiq | grep error Sep 8 15:07:10 bastion LinuxCommandsWazuh: User aman [2143019]: 212 vim Makefile Sep 8 15:07:20 bastion LinuxCommandsWazuh: User ankur [2142042]: 1937 byobu Sep 8 15:07:22 bastion LinuxCommandsWazuh: User aman [2143019]: 213 make cookie-logs Sep 8 15:07:22 bastion LinuxCommandsWazuh: message repeated 2 times: [ User aman [2143019]: 213 make cookie-logs] Sep 8 15:07:23 bastion LinuxCommandsWazuh: User aman [2143019]: 214 clear Sep 8 15:07:27 bastion LinuxCommandsWazuh: User aman [2143019]: 215 kubectl get pods Sep 8 15:07:34 bastion LinuxCommandsWazuh: User aman [2143019]: 215 kubectl get pods Sep 8 15:07:34 bastion LinuxCommandsWazuh: User aman [2143019]: 215 kubectl get pods Sep 8 15:09:34 bastion LinuxCommandsWazuh: User ankur [2146820]: 1947 exit Sep 8 15:09:52 bastion LinuxCommandsWazuh: User ankur [176760]: 1903 k get pods | grep dramtiq Sep 8 15:09:55 bastion LinuxCommandsWazuh: User ankur [176760]: 1904 k get pods | grep dramatiq Sep 8 15:10:04 bastion LinuxCommandsWazuh: User ankur [176760]: 1905 k logs -f nitrox-dramatiq Sep 8 15:17:08 bastion LinuxCommandsWazuh: User ashish [2138888]: 438 kubectl logs -f rewards-be-6cb8f8b9b7-9mnlx Sep 8 15:17:09 bastion LinuxCommandsWazuh: User ashish [2138808]: 436 byobu Sep 8 15:27:04 bastion LinuxCommandsWazuh: User shamailtayyab [2171558]: 1997 ssh ubuntu@34.131.172.123 Sep 8 15:27:45 bastion LinuxCommandsWazuh: User shamailtayyab [2172251]: 1997 ssh ubuntu@34.131.172.123 Sep 8 15:27:48 bastion LinuxCommandsWazuh: User shamailtayyab [2172251]: 1998 ssh ubuntu@10.190.0.29 Sep 8 15:30:23 bastion LinuxCommandsWazuh: User ankur [2175073]: 1947 exit Sep 8 15:30:29 bastion LinuxCommandsWazuh: User ankur [176760]: 1906 k logs -f nitrox-dramatiq-8bb54b5b-6hdz4 Sep 8 15:30:30 bastion LinuxCommandsWazuh: message repeated 4 times: [ User ankur [176760]: 1906 k logs -f nitrox-dramatiq-8bb54b5b-6hdz4] Sep 8 15:30:42 bastion LinuxCommandsWazuh: User ankur [176760]: 1906 k logs -f nitrox-dramatiq-8bb54b5b-6hdz4 Sep 8 15:31:47 bastion LinuxCommandsWazuh: User ankur [2177240]: 1947 exit Sep 8 15:31:49 bastion LinuxCommandsWazuh: User ankur [2177240]: 1948 grep -i "connection accepted" /var/log/mongodb/mongod.log | tail -n 200 Sep 8 15:31:54 bastion LinuxCommandsWazuh: User ankur [2177240]: 1949 ls Sep 8 15:32:05 bastion LinuxCommandsWazuh: User ankur [2177240]: 1950 cd /var/log/mongodb/ Sep 8 15:32:06 bastion LinuxCommandsWazuh: User ankur [2177240]: 1951 ls Sep 8 15:32:07 bastion LinuxCommandsWazuh: User ankur [2177240]: 1952 ls -la Sep 8 15:32:14 bastion LinuxCommandsWazuh: User ankur [2177240]: 1953 cd Sep 8 15:32:41 bastion LinuxCommandsWazuh: User mohtashim [2178976]: 862 exit Sep 8 15:34:36 bastion LinuxCommandsWazuh: User ankur [2182299]: 1954 exit Sep 8 15:36:35 bastion LinuxCommandsWazuh: User ankur [2182299]: 1955 k get pods | grep cookie Sep 8 15:37:37 bastion LinuxCommandsWazuh: User ankur [2182299]: 1956 k exec -it cookie-cutter-765945bf55-2zc2h bash Sep 8 15:37:42 bastion LinuxCommandsWazuh: User ankur [2182299]: 1957 k get hpa Sep 8 15:39:24 bastion LinuxCommandsWazuh: User abhijeet [2191278]: 1998 sudo su ayush Sep 8 15:39:24 bastion LinuxCommandsWazuh: User abhijeet [2191278]: 1999 ls Sep 8 15:39:37 bastion LinuxCommandsWazuh: User abhijeet [2191278]: 2000 kubectl get pods | grep mongo Sep 8 15:39:40 bastion LinuxCommandsWazuh: User abhijeet [2191278]: 2001 kubectl get pods | grep expo Sep 8 15:39:57 bastion LinuxCommandsWazuh: User abhijeet [2191278]: 2002 kubectl logs vortex-dramatiq-exports-df64b944b-m8b59 --tail 100 -f Sep 8 15:40:01 bastion LinuxCommandsWazuh: User abhijeet [2191278]: 2003 date Sep 8 15:40:13 bastion LinuxCommandsWazuh: User abhijeet [2191278]: 2004 kubectl get pods | grep vor Sep 8 15:40:32 bastion LinuxCommandsWazuh: User abhijeet [2191278]: 2005 kubectl get pods | grep coo Sep 8 15:41:09 bastion LinuxCommandsWazuh: User abhijeet [2191278]: 2006 kubectl logs cookie-cutter-765945bf55-g2xqj --tail 100 -f Sep 8 15:41:26 bastion LinuxCommandsWazuh: User abhijeet [2191278]: 2007 kubectl logs cookie-cutter-765945bf55-g2xqj --tail 100 -f | grep mong Sep 8 15:43:26 bastion LinuxCommandsWazuh: User abhijeet [2191278]: 2008 kubectl logs cookie-cutter-765945bf55-g2xqj --tail 100 -f | grep mongo Sep 8 16:00:48 bastion LinuxCommandsWazuh: User ayush [2137848]: 434 cool-server Sep 8 16:49:14 bastion LinuxCommandsWazuh: User ashish [2311986]: 440 byobu Sep 8 16:49:16 bastion LinuxCommandsWazuh: message repeated 4 times: [ User ashish [2311986]: 440 byobu] Sep 8 16:49:19 bastion LinuxCommandsWazuh: User ashish [2312063]: 440 byobu Sep 8 16:49:37 bastion LinuxCommandsWazuh: User ankur [2312565]: 1956 byobu Sep 8 16:49:38 bastion LinuxCommandsWazuh: User ankur [2312565]: 1957 yb Sep 8 16:49:44 bastion LinuxCommandsWazuh: User ankur [2182299]: 1957 k get hpa Sep 8 16:50:09 bastion LinuxCommandsWazuh: User ashish [2312063]: 441 mongo Sep 8 16:50:10 bastion LinuxCommandsWazuh: User ashish [2311986]: 440 byobu Sep 8 17:01:34 bastion LinuxCommandsWazuh: User mohtashim [2325156]: 863 psql -h 10.94.16.3 -U postgres -d vortex_v2 Sep 8 17:01:37 bastion LinuxCommandsWazuh: User mohtashim [2325156]: 864 clear Sep 8 17:01:44 bastion LinuxCommandsWazuh: User mohtashim [2325156]: 865 k get pods Sep 8 17:02:04 bastion LinuxCommandsWazuh: User mohtashim [2325156]: 866 clear Sep 8 17:02:08 bastion LinuxCommandsWazuh: User mohtashim [2325156]: 867 k get pods Sep 8 17:02:15 bastion LinuxCommandsWazuh: message repeated 2 times: [ User mohtashim [2325156]: 867 k get pods] Sep 8 17:02:29 bastion LinuxCommandsWazuh: User mohtashim [2325156]: 868 psql -h 10.94.16.3 -U postgres -d vortex_v2 Sep 8 17:04:06 bastion LinuxCommandsWazuh: User mohtashim [2325156]: 868 psql -h 10.94.16.3 -U postgres -d vortex_v2 Sep 8 17:04:11 bastion LinuxCommandsWazuh: User mohtashim [2325156]: 869 k get pods Sep 8 17:04:25 bastion LinuxCommandsWazuh: User mohtashim [2325156]: 870 k logs -f cookie-cutter-queues-d4c6d7d8d-lq75q Sep 8 17:04:25 bastion LinuxCommandsWazuh: User mohtashim [2325156]: 870 k logs -f cookie-cutter-queues-d4c6d7d8d-lq75q Sep 8 17:05:13 bastion LinuxCommandsWazuh: User mohtashim [2325156]: 871 clear Sep 8 17:05:47 bastion LinuxCommandsWazuh: User mohtashim [2325156]: 872 stern cookie-cutter | grep "handle_map_collab_utm" Sep 8 17:05:47 bastion LinuxCommandsWazuh: message repeated 2 times: [ User mohtashim [2325156]: 872 stern cookie-cutter | grep "handle_map_collab_utm"] Sep 8 17:06:31 bastion LinuxCommandsWazuh: User mohtashim [2325156]: 873 stern cookie-cutter | grep "handle_map_collab_utm>success>" Sep 8 17:06:31 bastion LinuxCommandsWazuh: User mohtashim [2325156]: 873 stern cookie-cutter | grep "handle_map_collab_utm>success>" Sep 8 17:09:46 bastion LinuxCommandsWazuh: User ankur [2182299]: 1958 k get configmaps Sep 8 17:14:30 bastion LinuxCommandsWazuh: User ankur [2182299]: 1959 k edit configmaps nitrox-ck-config Sep 8 17:32:39 bastion LinuxCommandsWazuh: User mohtashim [2325156]: 874 clear Sep 8 17:32:42 bastion LinuxCommandsWazuh: User mohtashim [2325156]: 874 clear Sep 8 17:32:56 bastion LinuxCommandsWazuh: User mohtashim [2325156]: 875 psql Sep 8 17:32:58 bastion LinuxCommandsWazuh: message repeated 2 times: [ User mohtashim [2325156]: 875 psql] Sep 8 17:33:11 bastion LinuxCommandsWazuh: User mohtashim [2325156]: 876 psql -h 10.94.16.3 -U postgres -d forever Sep 8 17:33:15 bastion LinuxCommandsWazuh: User mohtashim [2325156]: 877 psql -h 10.94.16.3 -U postgres -d forever_v1 Sep 8 17:33:19 bastion LinuxCommandsWazuh: User mohtashim [2325156]: 878 psql -h 10.94.16.3 -U postgres -d forever_v2 Sep 8 17:33:41 bastion LinuxCommandsWazuh: User mohtashim [2325156]: 879 mongo forever-mongo' Sep 8 17:33:44 bastion LinuxCommandsWazuh: User mohtashim [2325156]: 879 mongo forever-mongo' Sep 8 17:34:30 bastion LinuxCommandsWazuh: User mohtashim [2325156]: 880 mongo forever-mongo Sep 8 17:42:49 bastion LinuxCommandsWazuh: User abhijeet [2351471]: 1998 kubectl logs cookie-cutter-765945bf55-g2xqj --tail 100 -f | grep mongo Sep 8 17:43:05 bastion LinuxCommandsWazuh: User abhijeet [2351471]: 1999 kubectl get pods -o wide Sep 8 17:52:43 bastion LinuxCommandsWazuh: User mohtashim [2325156]: 881 mongo forever_v1 Sep 8 17:52:46 bastion LinuxCommandsWazuh: User mohtashim [2325156]: 882 clear Sep 8 17:57:11 bastion LinuxCommandsWazuh: User abhijeet [2353130]: 1998 kubectl logs cookie-cutter-765945bf55-g2xqj --tail 100 -f | grep mongo Sep 8 17:57:28 bastion LinuxCommandsWazuh: User ayush [2353145]: 434 cool-server Sep 8 18:05:04 bastion LinuxCommandsWazuh: User ankur [2354667]: 1958 byobu Sep 8 18:05:23 bastion LinuxCommandsWazuh: User ankur [2182299]: 1960 k get pods | grep cookie Sep 8 18:05:31 bastion LinuxCommandsWazuh: User ankur [2182299]: 1960 k get pods | grep cookie Sep 8 18:09:32 bastion LinuxCommandsWazuh: User ankur [2182299]: 1960 k get pods | grep cookie Sep 8 18:09:33 bastion LinuxCommandsWazuh: message repeated 5 times: [ User ankur [2182299]: 1960 k get pods | grep cookie] Sep 8 18:21:53 bastion LinuxCommandsWazuh: User abhijeet [2372322]: 1998 kubectl logs cookie-cutter-765945bf55-g2xqj --tail 100 -f | grep mongo Sep 8 18:21:57 bastion LinuxCommandsWazuh: User abhijeet [2372322]: 1999 kubectl get pods -n loki Sep 8 18:22:16 bastion LinuxCommandsWazuh: User abhijeet [2372322]: 2000 kubectl logs prometheus-server-647698f9f4-grpg2 --tail 100 -f Sep 8 18:24:07 bastion LinuxCommandsWazuh: User abhijeet [2372322]: 2001 kubectl logs prometheus-server-647698f9f4-grpg2 -n loki --tail 100 -f Sep 8 18:24:14 bastion LinuxCommandsWazuh: User abhijeet [2372322]: 2002 kubectl get service -n loki Sep 8 18:26:49 bastion LinuxCommandsWazuh: User abhijeet [2372322]: 2003 kubectl get pods Sep 8 18:30:45 bastion LinuxCommandsWazuh: User abhijeet [2372322]: 2004 kubectl get cm -n loki Sep 8 18:31:04 bastion LinuxCommandsWazuh: User abhijeet [2372322]: 2005 kubectl get cm prometheus-server -n loki -o wide Sep 8 18:31:10 bastion LinuxCommandsWazuh: User abhijeet [2372322]: 2006 kubectl get cm prometheus-server -n loki -o yaml Sep 8 18:34:42 bastion LinuxCommandsWazuh: User abhijeet [2372322]: 2007 kubectl edit cm prometheus-server -n loki Sep 8 18:34:51 bastion LinuxCommandsWazuh: User abhijeet [2372322]: 2008 kubectl get pods -o wide Sep 8 18:35:12 bastion LinuxCommandsWazuh: User abhijeet [2372322]: 2009 kubectl get pods -o wide | grep 10.84.14.77 Sep 8 18:35:16 bastion LinuxCommandsWazuh: User abhijeet [2372322]: 2010 kubectl get pods -o wide | grep 10.84.14. Sep 8 18:35:36 bastion LinuxCommandsWazuh: User abhijeet [2372322]: 2011 kubectl get pods -o wide | grep 10.84 Sep 8 18:35:49 bastion LinuxCommandsWazuh: User abhijeet [2372322]: 2012 kubectl get pods -o wide | grep 10.84.14 Sep 8 18:35:54 bastion LinuxCommandsWazuh: User abhijeet [2372322]: 2013 kubectl get pods -o wide | grep 10.84.42 Sep 8 18:36:02 bastion LinuxCommandsWazuh: User abhijeet [2372322]: 2014 kubectl get pods -o wide | grep 10.84.42.93 Sep 8 18:36:07 bastion LinuxCommandsWazuh: User abhijeet [2372322]: 2015 kubectl get pods -o wide | grep 10.84.3 Sep 8 18:36:12 bastion LinuxCommandsWazuh: User abhijeet [2372322]: 2016 kubectl get pods -o wide | grep 10.84.3/38 Sep 8 18:38:08 bastion LinuxCommandsWazuh: User abhijeet [2372322]: 2017 kubectl get pods -o wide | grep 10.84.25.65 Sep 8 18:38:12 bastion LinuxCommandsWazuh: User abhijeet [2372322]: 2018 kubectl get pods -o wide | grep 10.84.25 Sep 8 18:43:39 bastion LinuxCommandsWazuh: User abhijeet [2372322]: 2019 kubectl exec -it cookie-cutter-5bdf75ff89-7d8vf -- bash Sep 8 18:43:52 bastion LinuxCommandsWazuh: User abhijeet [2372322]: 2020 kubectl describe cookie-cutter-5bdf75ff89-7d8vf Sep 8 18:44:15 bastion LinuxCommandsWazuh: User abhijeet [2372322]: 2021 kubectl describe cookie-cutter-5bdf75ff89-7d8vf -n nitrox-production Sep 8 18:44:24 bastion LinuxCommandsWazuh: User abhijeet [2372322]: 2022 kubectl describe pod cookie-cutter-5bdf75ff89-7d8vf -n nitrox-production Sep 8 18:44:48 bastion LinuxCommandsWazuh: User abhijeet [2372322]: 2023 kubectl inspect pod cookie-cutter-5bdf75ff89-7d8vf -n nitrox-production Sep 8 18:44:51 bastion LinuxCommandsWazuh: User abhijeet [2372322]: 2024 kubectl describe pod cookie-cutter-5bdf75ff89-7d8vf -n nitrox-production Sep 8 19:12:50 bastion LinuxCommandsWazuh: User ankur [2182299]: 1960 k get pods | grep cookie Sep 8 19:12:51 bastion LinuxCommandsWazuh: message repeated 4 times: [ User ankur [2182299]: 1960 k get pods | grep cookie] Sep 8 19:13:34 bastion LinuxCommandsWazuh: User abhijeet [2425199]: 1998 kubectl logs cookie-cutter-765945bf55-g2xqj --tail 100 -f | grep mongo Sep 8 19:13:42 bastion LinuxCommandsWazuh: User abhijeet [2425199]: 1999 kubectl get pods -o wide Sep 8 19:13:45 bastion LinuxCommandsWazuh: User abhijeet [2425199]: 2000 kubectl get pods -o wide | grep 10.84.26.26 Sep 8 19:14:03 bastion LinuxCommandsWazuh: User abhijeet [2425199]: 2001 kubectl get pods -o wide | grep 10.84.46.157 Sep 8 19:14:37 bastion LinuxCommandsWazuh: User abhijeet [2425199]: 2001 kubectl get pods -o wide | grep 10.84.46.157 Sep 8 19:14:46 bastion LinuxCommandsWazuh: User abhijeet [2425199]: 2002 kubectl get pods -o wide | grep 10.84.18.26 Sep 8 19:18:32 bastion LinuxCommandsWazuh: User abhijeet [2425199]: 2003 kubectl get pods -o wide | grep 10.84.24.162 Sep 8 19:18:49 bastion LinuxCommandsWazuh: User abhijeet [2425199]: 2004 kubectl get pods -o wide | grep 10.84.25.83 Sep 8 19:18:57 bastion LinuxCommandsWazuh: User abhijeet [2425199]: 2005 kubectl get pods -o wide | grep 10.84.3.60 Sep 8 19:19:48 bastion LinuxCommandsWazuh: User abhijeet [2425199]: 2006 kubectl logs cookie-cutter-5bdf75ff89-6w6sl --tail 200 -f Sep 8 19:19:59 bastion LinuxCommandsWazuh: User abhijeet [2425199]: 2007 kubectl logs cookie-cutter-5bdf75ff89-6w6sl --tail 200 -f | grep mongo Sep 8 19:20:28 bastion LinuxCommandsWazuh: User abhijeet [2425199]: 2008 kubectl logs cookie-cutter-5bdf75ff89-6w6sl -f | grep mongo Sep 8 19:20:29 bastion LinuxCommandsWazuh: User abhijeet [2425199]: 2009 date Sep 8 19:22:18 bastion LinuxCommandsWazuh: User abhijeet [2425199]: 2010 kubectl exec -it cookie-cutter-5bdf75ff89-6w6sl -- bash Sep 8 19:22:24 bastion LinuxCommandsWazuh: User abhijeet [2425199]: 2011 kubectl logs cookie-cutter-5bdf75ff89-6w6sl -f | grep mongo Sep 8 19:26:29 bastion LinuxCommandsWazuh: User mohtashim [2325156]: 883 psql -h 10.94.16.3 -U postgres -d vortex_v2 Sep 8 19:26:40 bastion LinuxCommandsWazuh: User mohtashim [2325156]: 884 k get pods | grep "cookie" Sep 8 19:34:08 bastion LinuxCommandsWazuh: User abhijeet [2425199]: 2012 kubectl get pods -o wide | grep 10.84.26.26 Sep 8 19:34:24 bastion LinuxCommandsWazuh: User abhijeet [2425199]: 2013 kubectl top pods | grep for Sep 8 19:35:37 bastion LinuxCommandsWazuh: User abhijeet [2425199]: 2014 kubectl get pods -o wide | grep 10.84.45.11 Sep 8 19:35:59 bastion LinuxCommandsWazuh: User abhijeet [2425199]: 2015 kubectl get pods -o wide | grep 10.84.3.43 Sep 8 19:36:11 bastion LinuxCommandsWazuh: User abhijeet [2425199]: 2016 kubectl get pods -o wide | grep 10.84.3.62 Sep 8 19:36:29 bastion LinuxCommandsWazuh: User abhijeet [2425199]: 2017 kubectl get pods -o wide | grep 10.84.42.112 Sep 8 19:37:32 bastion LinuxCommandsWazuh: User ankur [2182299]: 1961 k get pods | grep fore Sep 8 19:37:41 bastion LinuxCommandsWazuh: User ankur [2182299]: 1962 k get pods -o wide | grep fore Sep 8 19:37:51 bastion LinuxCommandsWazuh: User ankur [2182299]: 1963 k get hpa Sep 8 19:38:00 bastion LinuxCommandsWazuh: User ankur [2182299]: 1964 k get pods -o wide | grep fore Sep 8 19:38:18 bastion LinuxCommandsWazuh: User ankur [2182299]: 1965 stern forever Sep 8 19:39:14 bastion LinuxCommandsWazuh: User ankur [2182299]: 1966 stern forever | grep "Connecting to" Sep 8 19:39:23 bastion LinuxCommandsWazuh: User ankur [2182299]: 1967 stern forever Sep 8 19:43:40 bastion LinuxCommandsWazuh: User ankur [2182299]: 1967 stern forever Sep 8 19:44:31 bastion LinuxCommandsWazuh: User ankur [2182299]: 1968 k exec -it forever-585f8d576-r87gw bash Sep 8 19:44:41 bastion LinuxCommandsWazuh: User ankur [2182299]: 1969 k exec -it forever-585f8d576-r87gw -- bash Sep 8 19:45:56 bastion LinuxCommandsWazuh: User ankur [2182299]: 1970 k exec -it forever-585f8d576-r87gw bash Sep 8 19:46:03 bastion LinuxCommandsWazuh: User ankur [2182299]: 1971 k exec -it forever-585f8d576-r87gw sh Sep 8 19:46:15 bastion LinuxCommandsWazuh: User abhijeet [2425199]: 2018 kubectl get pods -o wide | grep 10.84.26.26 Sep 8 19:51:15 bastion LinuxCommandsWazuh: User ankur [2182299]: 1972 k exec -it forever-585f8d576-r87gw bash Sep 8 19:51:24 bastion LinuxCommandsWazuh: User ankur [2182299]: 1973 k get pods -o wide | grep fore Sep 8 19:51:25 bastion LinuxCommandsWazuh: User ankur [2182299]: 1974 kubectl exec -it -- ps -ef | grep gunicorn Sep 8 19:51:36 bastion LinuxCommandsWazuh: User ankur [2182299]: 1975 kubectl exec -it forever-585f8d576-blljf -- ps -ef | grep gunicorn Sep 8 19:51:48 bastion LinuxCommandsWazuh: User ankur [2182299]: 1976 kubectl exec -it forever-585f8d576-r87gw -- ps -ef | grep gunicorn Sep 8 19:52:23 bastion LinuxCommandsWazuh: User ayush [2465140]: 434 cool-server Sep 8 19:53:08 bastion LinuxCommandsWazuh: User ankur [2182299]: 1977 kubectl exec -it -- ls /proc | grep '^[0-9]' Sep 8 19:53:16 bastion LinuxCommandsWazuh: User ankur [2182299]: 1978 kubectl exec -it forever-585f8d576-blljf -- ls /proc | grep '^[0-9]' Sep 8 19:53:24 bastion LinuxCommandsWazuh: User ankur [2182299]: 1979 kubectl exec -it forever-585f8d576-r87gw -- ls /proc | grep '^[0-9]' Sep 8 19:53:51 bastion LinuxCommandsWazuh: User ankur [2182299]: 1980 kubectl exec -it -- sh -c 'for pid in $(ls /proc | grep "^[0-9]"); do echo -n "$pid: "; cat /proc/$pid/cmdline; echo; done' Sep 8 19:54:02 bastion LinuxCommandsWazuh: User ankur [2182299]: 1981 kubectl exec -it forever-585f8d576-blljf -- sh -c 'for pid in $(ls /proc | grep "^[0-9]"); do echo -n "$pid: "; cat /proc/$pid/cmdline; echo; done' Sep 8 19:54:35 bastion LinuxCommandsWazuh: User ankur [2182299]: 1982 #kubectl exec -it -- sh -c 'grep -a gunicorn /proc/*/cmdline' Sep 8 19:54:47 bastion LinuxCommandsWazuh: User ankur [2182299]: 1983 kubectl exec -it forever-585f8d576-blljf -- sh -c 'grep -a gunicorn /proc/*/cmdline' Sep 8 19:56:36 bastion LinuxCommandsWazuh: User ankur [2182299]: 1984 kubectl exec -it -- sh -c '#012for pid in $(ls /proc | grep "^[0-9]"); do#012 cmd=$(tr -d "\0" < /proc/$pid/cmdline 2>/dev/null)#012 if echo "$cmd" | grep -q "gunicorn"; then#012 echo "$pid: $cmd"#012 fi#012done' Sep 8 19:56:49 bastion LinuxCommandsWazuh: User ankur [2182299]: 1985 kubectl exec -it forever-585f8d576-blljf -- sh -c '#012for pid in $(ls /proc | grep "^[0-9]"); do#012 cmd=$(tr -d "\0" < /proc/$pid/cmdline 2>/dev/null)#012 if echo "$cmd" | grep -q "gunicorn"; then#012 echo "$pid: $cmd"#012 fi#012done' Sep 8 19:59:25 bastion LinuxCommandsWazuh: User abhijeet [2472473]: 1998 kubectl logs cookie-cutter-765945bf55-g2xqj --tail 100 -f | grep mongo Sep 8 19:59:29 bastion LinuxCommandsWazuh: User ayush [2472550]: 434 cool-server Sep 8 20:39:51 bastion LinuxCommandsWazuh: User ayush [2353145]: 434 cool-server Sep 8 20:40:09 bastion LinuxCommandsWazuh: User ayush [2472550]: 434 cool-server