Oct 9 10:01:02 bastion LinuxCommandsWazuh: User ankur [71448]: 582 clickhouse-ssh Oct 9 10:01:06 bastion LinuxCommandsWazuh: User ankur [71512]: 582 clickhouse-ssh Oct 9 10:28:05 bastion LinuxCommandsWazuh: User ankur [98157]: 582 clickhouse-ssh Oct 9 10:52:30 bastion LinuxCommandsWazuh: User ashish [122351]: 583 byobu Oct 9 10:52:32 bastion LinuxCommandsWazuh: User ashish [122461]: 583 byobu Oct 9 11:43:15 bastion LinuxCommandsWazuh: User ashish [135294]: 583 byobu Oct 9 11:43:33 bastion LinuxCommandsWazuh: User ashish [122461]: 584 clickhouse-ssh Oct 9 12:15:18 bastion LinuxCommandsWazuh: User mohtashim [150497]: 766 exit Oct 9 12:18:59 bastion LinuxCommandsWazuh: User mohtashim [150497]: 767 psql -h 10.94.16.3 -U postgres -d vortex_v2 Oct 9 12:20:23 bastion LinuxCommandsWazuh: User ayush [151363]: 478 mongo Oct 9 12:21:36 bastion LinuxCommandsWazuh: User ayush [151363]: 478 mongo Oct 9 12:27:15 bastion LinuxCommandsWazuh: User mohtashim [150497]: 768 psql Oct 9 12:29:39 bastion LinuxCommandsWazuh: User mohtashim [150497]: 769 psql -h 10.94.16.3 -U postgres -d vortex_v2 Oct 9 12:47:48 bastion LinuxCommandsWazuh: User abhijeet [154056]: 1998 kubectl get pods | grep coo Oct 9 12:47:49 bastion LinuxCommandsWazuh: User abhijeet [154056]: 1999 lsc Oct 9 12:51:33 bastion LinuxCommandsWazuh: User anam [154478]: Oct 9 12:52:16 bastion LinuxCommandsWazuh: User abhijeet [154056]: 2000 cat .bashrc Oct 9 12:52:43 bastion LinuxCommandsWazuh: User abhijeet [154638]: 1998 kubectl get pods | grep coo Oct 9 12:52:47 bastion LinuxCommandsWazuh: User anam [154654]: 1 exit Oct 9 12:52:49 bastion LinuxCommandsWazuh: User anam [154654]: 2 cd Oct 9 12:54:08 bastion LinuxCommandsWazuh: User anam [154654]: 3 vim .bashrc Oct 9 12:54:19 bastion LinuxCommandsWazuh: User anam [154654]: 4 source .bashrc Oct 9 12:54:21 bastion LinuxCommandsWazuh: User abhijeet [154742]: 1998 kubectl get pods | grep coo Oct 9 12:54:36 bastion LinuxCommandsWazuh: User anam [154654]: 5 internal-tool Oct 9 12:54:40 bastion LinuxCommandsWazuh: User abhijeet [154771]: 1998 exit Oct 9 12:54:41 bastion LinuxCommandsWazuh: User abhijeet [154771]: 1998 exit Oct 9 12:54:43 bastion LinuxCommandsWazuh: User anam [154654]: 5 internal-tool Oct 9 12:54:53 bastion LinuxCommandsWazuh: User anam [154654]: 6 source .bashrc Oct 9 12:55:04 bastion LinuxCommandsWazuh: User abhijeet [154056]: 2001 ls Oct 9 12:55:30 bastion LinuxCommandsWazuh: User anam [154654]: 7 vim .bashrc Oct 9 12:55:32 bastion LinuxCommandsWazuh: User anam [154654]: 8 source .bashrc Oct 9 12:55:35 bastion LinuxCommandsWazuh: User anam [154654]: internal-tool Oct 9 12:55:42 bastion LinuxCommandsWazuh: User abhijeet [154056]: 2001 ls Oct 9 12:55:48 bastion LinuxCommandsWazuh: User anam [154654]: 10 cd .ssh/ Oct 9 12:55:49 bastion LinuxCommandsWazuh: User anam [154654]: 11 lsc Oct 9 12:55:50 bastion LinuxCommandsWazuh: User anam [154654]: 12 ls Oct 9 12:56:34 bastion LinuxCommandsWazuh: User anam [154654]: 12 ls Oct 9 12:56:36 bastion LinuxCommandsWazuh: User anam [154654]: 13 ks Oct 9 12:56:37 bastion LinuxCommandsWazuh: User anam [154654]: 14 ls Oct 9 12:56:54 bastion LinuxCommandsWazuh: User anam [154654]: 14 ls Oct 9 12:56:58 bastion LinuxCommandsWazuh: User anam [154654]: 15 cat known_hosts Oct 9 12:56:58 bastion LinuxCommandsWazuh: User anam [154654]: 16 ls Oct 9 12:56:59 bastion LinuxCommandsWazuh: User anam [154654]: 16 ls Oct 9 12:58:40 bastion LinuxCommandsWazuh: User anam [155735]: 1 exit Oct 9 12:58:48 bastion LinuxCommandsWazuh: User abhijeet [155749]: 1998 exit Oct 9 13:10:48 bastion LinuxCommandsWazuh: User mohtashim [156716]: 770 exit Oct 9 13:12:58 bastion LinuxCommandsWazuh: User ashish [156855]: 583 byobu Oct 9 13:13:19 bastion LinuxCommandsWazuh: User ashish [122461]: 585 mongo pixel_v1; Oct 9 13:28:30 bastion LinuxCommandsWazuh: User ankur [166399]: 583 byobu Oct 9 13:29:19 bastion LinuxCommandsWazuh: User abhijeet [154056]: 2002 internal-server Oct 9 13:29:26 bastion LinuxCommandsWazuh: User abhijeet [154056]: 2003 kubectl get pods | grep coo Oct 9 13:29:31 bastion LinuxCommandsWazuh: User abhijeet [154638]: 1999 sudo su anam Oct 9 13:30:57 bastion LinuxCommandsWazuh: User ankur [98157]: 583 mongo Oct 9 13:31:00 bastion LinuxCommandsWazuh: User ankur [71512]: 582 clickhouse-ssh Oct 9 13:31:01 bastion LinuxCommandsWazuh: User ankur [166399]: 583 byobu Oct 9 14:02:26 bastion LinuxCommandsWazuh: User rihan [171420]: 1406 redis Oct 9 14:04:14 bastion LinuxCommandsWazuh: User rihan [171420]: 1406 redis Oct 9 14:32:41 bastion LinuxCommandsWazuh: User abhijeet [155749]: 1999 internal-server Oct 9 15:01:06 bastion LinuxCommandsWazuh: User ashish [176186]: 583 byobu Oct 9 15:19:46 bastion LinuxCommandsWazuh: User ashish [194605]: 583 byobu Oct 9 15:19:48 bastion LinuxCommandsWazuh: message repeated 3 times: [ User ashish [194605]: 583 byobu] Oct 9 15:54:00 bastion LinuxCommandsWazuh: User anam [215060]: 17 sudo su abhijeet Oct 9 15:54:18 bastion LinuxCommandsWazuh: User anam [215060]: 18 switch abhijeet Oct 9 15:54:42 bastion LinuxCommandsWazuh: User abhijeet [215099]: 1998 internal-server Oct 9 16:06:21 bastion LinuxCommandsWazuh: User ankur [216771]: 587 exit Oct 9 16:06:23 bastion LinuxCommandsWazuh: User ankur [216830]: 587 exit Oct 9 16:07:38 bastion LinuxCommandsWazuh: User ankur [218193]: 587 exit Oct 9 16:09:23 bastion LinuxCommandsWazuh: User ankur [220855]: 587 exit Oct 9 16:19:00 bastion LinuxCommandsWazuh: User ankur [234974]: 588 byobu Oct 9 16:19:48 bastion LinuxCommandsWazuh: User ashish [235816]: 583 byobu Oct 9 16:21:08 bastion LinuxCommandsWazuh: User ankur [234974]: 589 clickhouse-ssh Oct 9 16:21:13 bastion LinuxCommandsWazuh: User ankur [220855]: 588 clickhouse-ssh Oct 9 16:23:29 bastion LinuxCommandsWazuh: User ankur [239204]: 592 exit Oct 9 16:41:53 bastion LinuxCommandsWazuh: User ankur [216830]: 588 clickhouse-ssh Oct 9 16:41:55 bastion LinuxCommandsWazuh: User ankur [218193]: 588 byobu Oct 9 16:42:31 bastion LinuxCommandsWazuh: User ashish [235816]: 584 clickhouse-ssh Oct 9 16:46:03 bastion LinuxCommandsWazuh: User ashish [254947]: 585 exit Oct 9 16:46:36 bastion LinuxCommandsWazuh: User ashish [255052]: 585 exit Oct 9 16:46:52 bastion LinuxCommandsWazuh: User ashish [122461]: 586 clickhouse-ssh Oct 9 16:58:42 bastion LinuxCommandsWazuh: User ashish [122461]: 587 mongo pixel_v1; Oct 9 16:58:43 bastion LinuxCommandsWazuh: User ashish [255052]: 586 byobu Oct 9 17:21:49 bastion LinuxCommandsWazuh: User ashish [254947]: 586 clickhouse-ssh Oct 9 17:21:53 bastion LinuxCommandsWazuh: message repeated 5 times: [ User ashish [254947]: 586 clickhouse-ssh ] Oct 9 17:21:54 bastion LinuxCommandsWazuh: User ashish [254947]: 587 ls Oct 9 17:21:55 bastion LinuxCommandsWazuh: message repeated 3 times: [ User ashish [254947]: 587 ls] Oct 9 17:22:00 bastion LinuxCommandsWazuh: User ashish [254947]: 587 ls Oct 9 17:22:04 bastion LinuxCommandsWazuh: User ashish [268644]: 592 ls Oct 9 17:22:07 bastion LinuxCommandsWazuh: User ashish [268698]: 592 ls Oct 9 17:23:26 bastion LinuxCommandsWazuh: User ashish [268698]: 593 stern house-of-click Oct 9 17:24:57 bastion LinuxCommandsWazuh: User ashish [268698]: 594 stern house-of-click | grep "DEBUG: Found " Oct 9 17:32:19 bastion LinuxCommandsWazuh: User ashish [268698]: 594 stern house-of-click | grep "DEBUG: Found " Oct 9 17:32:20 bastion LinuxCommandsWazuh: message repeated 4 times: [ User ashish [268698]: 594 stern house-of-click | grep "DEBUG: Found "] Oct 9 17:32:27 bastion LinuxCommandsWazuh: User ashish [278910]: 592 ls Oct 9 17:33:47 bastion LinuxCommandsWazuh: User ashish [268698]: 595 stern house-of-click | grep "DEBUG: Found" Oct 9 17:33:59 bastion LinuxCommandsWazuh: User ankur [280489]: 596 exit Oct 9 17:34:00 bastion LinuxCommandsWazuh: User ashish [268698]: 596 kubectl get pds Oct 9 17:34:01 bastion LinuxCommandsWazuh: User ankur [280628]: 596 exit Oct 9 17:34:02 bastion LinuxCommandsWazuh: User ashish [268698]: 597 kubectl get pods Oct 9 17:36:01 bastion LinuxCommandsWazuh: User ashish [268698]: 598 kubectl logs -f house-of-click-744955fc56-96tc6 Oct 9 17:36:04 bastion LinuxCommandsWazuh: User ashish [268698]: 599 kubectl get pods Oct 9 17:37:17 bastion LinuxCommandsWazuh: User ashish [268698]: 599 kubectl get pods Oct 9 17:37:19 bastion LinuxCommandsWazuh: User ashish [268698]: 600 kubectl logs -l app=house-of-click --all-containers=true -f Oct 9 17:38:01 bastion LinuxCommandsWazuh: message repeated 6 times: [ User ashish [268698]: 600 kubectl logs -l app=house-of-click --all-containers=true -f] Oct 9 17:39:10 bastion LinuxCommandsWazuh: User rihan [171420]: 1406 redis Oct 9 17:41:51 bastion LinuxCommandsWazuh: User ashish [268698]: 601 stern house-of-click Oct 9 17:42:20 bastion LinuxCommandsWazuh: User mohtashim [296728]: 771 clickhouse-ssh Oct 9 17:42:37 bastion LinuxCommandsWazuh: User ashish [268698]: 602 stern house-of-click | grep "DEBUG: Found" Oct 9 17:42:44 bastion LinuxCommandsWazuh: User ashish [268698]: 602 stern house-of-click | grep "DEBUG: Found" Oct 9 17:43:06 bastion LinuxCommandsWazuh: User venky [298257]: 1999 kubectl exec -it cookie-cutter-59474cd9d4-bcrrl bash Oct 9 17:44:03 bastion LinuxCommandsWazuh: User venky [298257]: 1999 kubectl exec -it cookie-cutter-59474cd9d4-bcrrl bash Oct 9 17:44:05 bastion LinuxCommandsWazuh: User venky [300142]: 1999 kubectl exec -it cookie-cutter-59474cd9d4-bcrrl bash Oct 9 17:44:15 bastion LinuxCommandsWazuh: User venky [300142]: 2000 kubectl get po Oct 9 17:44:20 bastion LinuxCommandsWazuh: User venky [300142]: 2001 kubectl get po | grep hou Oct 9 17:45:05 bastion LinuxCommandsWazuh: User venky [300142]: 2002 stern house-of-click-744955fc56-m2g6h Oct 9 17:45:14 bastion LinuxCommandsWazuh: User venky [300142]: 2003 stern house-of-click- Oct 9 17:45:21 bastion LinuxCommandsWazuh: User venky [300142]: 2004 stern house-of-click- | grep 502 Oct 9 17:45:26 bastion LinuxCommandsWazuh: User venky [300142]: 2004 stern house-of-click- | grep 502 Oct 9 17:45:38 bastion LinuxCommandsWazuh: User venky [300142]: 2005 stern house-of-click- | grep \" 502 Oct 9 17:45:41 bastion LinuxCommandsWazuh: User venky [300142]: 2006 stern house-of-click- | grep /" 502 Oct 9 17:45:49 bastion LinuxCommandsWazuh: User venky [300142]: 2007 stern house-of-click- | grep '\" 502' Oct 9 17:47:37 bastion LinuxCommandsWazuh: User venky [300142]: 2008 stern house-of-click- | grep 502 Oct 9 17:47:38 bastion LinuxCommandsWazuh: message repeated 2 times: [ User venky [300142]: 2008 stern house-of-click- | grep 502] Oct 9 17:47:54 bastion LinuxCommandsWazuh: User venky [300142]: 2009 stern house-of-click- | grep "DEBUG: Found" Oct 9 17:48:21 bastion LinuxCommandsWazuh: User venky [300142]: 2010 stern house-of-click- | grep DEBUG Oct 9 17:49:14 bastion LinuxCommandsWazuh: User venky [300142]: 2010 stern house-of-click- | grep DEBUG Oct 9 17:49:14 bastion LinuxCommandsWazuh: message repeated 2 times: [ User venky [300142]: 2010 stern house-of-click- | grep DEBUG] Oct 9 17:49:17 bastion LinuxCommandsWazuh: User venky [300142]: 2011 stern house-of-click- | grep Oct 9 17:49:20 bastion LinuxCommandsWazuh: User venky [300142]: 2012 stern house-of-click- Oct 9 17:49:46 bastion LinuxCommandsWazuh: User venky [300142]: 2013 stern house-of-click- | grep get-total-active-network-users Oct 9 17:49:54 bastion LinuxCommandsWazuh: User venky [300142]: 2014 stern house-of-click- | grep insert-singl Oct 9 17:50:26 bastion LinuxCommandsWazuh: User venky [300142]: 2015 stern house-of-click- | grep get-total-active-network-users Oct 9 17:50:27 bastion LinuxCommandsWazuh: message repeated 2 times: [ User venky [300142]: 2015 stern house-of-click- | grep get-total-active-network-users] Oct 9 17:50:35 bastion LinuxCommandsWazuh: User venky [300142]: 2016 stern house-of-click- | grep get-visit-summary Oct 9 17:50:35 bastion LinuxCommandsWazuh: User venky [300142]: 2016 stern house-of-click- | grep get-visit-summary Oct 9 17:51:07 bastion LinuxCommandsWazuh: User venky [300142]: 2016 stern house-of-click- | grep get-visit-summary Oct 9 17:54:57 bastion LinuxCommandsWazuh: User venky [300142]: 2017 stern house-of-click- | grep get-total-active-network-users Oct 9 17:56:32 bastion LinuxCommandsWazuh: User venky [300142]: 2018 kubectl exec -it house-of-click-744955fc56-xjkmk bash Oct 9 17:57:12 bastion LinuxCommandsWazuh: User venky [300142]: 2019 kubectl rollout restart deployment house-of-click Oct 9 17:57:16 bastion LinuxCommandsWazuh: message repeated 2 times: [ User venky [300142]: 2019 kubectl rollout restart deployment house-of-click] Oct 9 17:57:28 bastion LinuxCommandsWazuh: User venky [300142]: 2020 kubectl get po | grep house Oct 9 17:57:46 bastion LinuxCommandsWazuh: User ashish [268698]: 602 stern house-of-click | grep "DEBUG: Found" Oct 9 17:57:47 bastion LinuxCommandsWazuh: message repeated 2 times: [ User ashish [268698]: 602 stern house-of-click | grep "DEBUG: Found"] Oct 9 17:57:50 bastion LinuxCommandsWazuh: User ashish [268698]: 603 kubectl get pods Oct 9 17:57:55 bastion LinuxCommandsWazuh: User venky [300142]: 2020 kubectl get po | grep house Oct 9 17:57:59 bastion LinuxCommandsWazuh: User ashish [268698]: 604 kubectl get pods | grep "house" Oct 9 17:58:00 bastion LinuxCommandsWazuh: User venky [300142]: 2020 kubectl get po | grep house Oct 9 17:58:11 bastion LinuxCommandsWazuh: User venky [300142]: 2021 stern house-of-click- | grep get-total-active-network-users Oct 9 17:58:11 bastion LinuxCommandsWazuh: message repeated 2 times: [ User venky [300142]: 2021 stern house-of-click- | grep get-total-active-network-users] Oct 9 17:59:21 bastion LinuxCommandsWazuh: User abhijeet [215099]: 1998 internal-server Oct 9 18:00:01 bastion LinuxCommandsWazuh: User venky [300142]: 2021 stern house-of-click- | grep get-total-active-network-users Oct 9 18:00:01 bastion LinuxCommandsWazuh: message repeated 3 times: [ User venky [300142]: 2021 stern house-of-click- | grep get-total-active-network-users] Oct 9 18:03:36 bastion LinuxCommandsWazuh: User ankur [333698]: 597 byobu Oct 9 18:08:11 bastion LinuxCommandsWazuh: User venky [300142]: 2021 stern house-of-click- | grep get-total-active-network-users Oct 9 18:10:49 bastion LinuxCommandsWazuh: User ayush [348007]: 478 mongo Oct 9 18:11:02 bastion LinuxCommandsWazuh: User ayush [348007]: 479 kubectl get pods | grep house Oct 9 18:11:45 bastion LinuxCommandsWazuh: User ayush [348007]: 480 stern house-of-click | grep get-total-active-network-users Oct 9 18:12:05 bastion LinuxCommandsWazuh: User venky [350412]: 1999 kubectl exec -it cookie-cutter-59474cd9d4-bcrrl bash Oct 9 18:14:22 bastion LinuxCommandsWazuh: User ashish [268698]: 604 kubectl get pods | grep "house" Oct 9 18:14:23 bastion LinuxCommandsWazuh: message repeated 3 times: [ User ashish [268698]: 604 kubectl get pods | grep "house"] Oct 9 18:18:14 bastion LinuxCommandsWazuh: User ankur [333698]: 597 byobu Oct 9 18:18:18 bastion LinuxCommandsWazuh: User rihan [362365]: 1406 redis Oct 9 18:18:23 bastion LinuxCommandsWazuh: User venky [300142]: 2021 stern house-of-click- | grep get-total-active-network-users Oct 9 18:18:23 bastion LinuxCommandsWazuh: message repeated 3 times: [ User venky [300142]: 2021 stern house-of-click- | grep get-total-active-network-users] Oct 9 18:18:31 bastion LinuxCommandsWazuh: User venky [300142]: 2022 kubectl get po -owide Oct 9 18:18:35 bastion LinuxCommandsWazuh: User ashish [268698]: 605 clickhouse-ssh Oct 9 18:18:36 bastion LinuxCommandsWazuh: User venky [300142]: 2023 kubectl get po -owide | house Oct 9 18:18:39 bastion LinuxCommandsWazuh: User ashish [268698]: 606 clear Oct 9 18:18:43 bastion LinuxCommandsWazuh: User venky [300142]: 2023 kubectl get po -owide | house Oct 9 18:18:43 bastion LinuxCommandsWazuh: User venky [300142]: 2024 ubectl get po -owide grep | hou Oct 9 18:18:49 bastion LinuxCommandsWazuh: User venky [300142]: 2025 ubectl get po -owide | grep hou Oct 9 18:18:57 bastion LinuxCommandsWazuh: User venky [300142]: 2026 kubectl get po -owide | grep hou Oct 9 18:19:20 bastion LinuxCommandsWazuh: User venky [300142]: 2026 kubectl get po -owide | grep hou Oct 9 18:19:26 bastion LinuxCommandsWazuh: User venky [300142]: 2027 kubectl get svc hou Oct 9 18:19:28 bastion LinuxCommandsWazuh: User venky [300142]: 2028 kubectl get svc Oct 9 18:19:33 bastion LinuxCommandsWazuh: User venky [300142]: 2028 kubectl get svc Oct 9 18:19:35 bastion LinuxCommandsWazuh: User venky [300142]: 2029 kubectl get po -owide | grep hou Oct 9 18:19:45 bastion LinuxCommandsWazuh: User ubuntu [364029]: 1999 exit Oct 9 18:19:46 bastion LinuxCommandsWazuh: User ubuntu [364029]: 2000 ls Oct 9 18:19:52 bastion LinuxCommandsWazuh: User venky [300142]: 2030 curl -v 10.84.3.103:10750 Oct 9 18:20:00 bastion LinuxCommandsWazuh: User venky [300142]: 2031 curl -v 10.84.3.103:10750/health Oct 9 18:20:11 bastion LinuxCommandsWazuh: User rihan [362365]: 1406 redis Oct 9 18:20:21 bastion LinuxCommandsWazuh: User ashish [268698]: 606 clear Oct 9 18:20:21 bastion LinuxCommandsWazuh: message repeated 2 times: [ User ashish [268698]: 606 clear] Oct 9 18:20:31 bastion LinuxCommandsWazuh: User ashish [268698]: 607 curl --location 'http://10.84.3.103:10750/get-total-active-network-users' --header 'accept: application/json, text/plain, */*' --header 'accept-language: en-US,en;q=0.9' --header 'authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MzIyOCwibmFtZSI6IkFzaGlzaCIsImVtYWlsIjoiYXNoaXNoQGdldG5pdHJvLmNvIiwidXNlcm5hbWUiOiJhc2hpc2hAZ2V0bml0cm8uY28iLCJpc19hY3RpdmUiOnRydWUsImlzX3N1cGVydXNlciI6ZmFsc2UsInBhc3N3b3JkIjoicGJrZGYyX3NoYTI1NiQ2MDAwMDAkTlp1dmxINFd3REZQY2xzRTZHN1RzSSRCc01nZEVCajRRQXZmbkxLNVYxWm1SK0dQYlB4Q0g0QTI1dVB5aUFxZGs0PSIsImlzX2VtYWlsX3ZlcmlmaWVkIjp0cnVlLCJpc19waG9uZV92ZXJpZmllZCI6ZmFsc2UsInBob25lIjoiOTA2ODU4Mzc1OCIsInVzZXJfdG9rZW4iOiJjR0pyWkdZeVgzTm9ZVEkxTmlRMk1EQXdNREFrVGxwMWRteElORmQzUkVaUVkyeHpSVFpITjFSelNTUkNjMDFuWkVWQ2FqUlJRWFptYmt4TE5WWXhXbTFTSzBkUVlsQjRRMGcwUVRJMWRWQjVhVUZ4WkdzMFBRPT0iLCJpYXQiOjE3NTgyODA3ODEuMTYyODg0LCJleHAiOjE3NjA4NzI3ODEuMTYyODg0fQ.PP1RFoprURPvQLw-Va9jK3AHRegOkv1VG_OBUm0hGvY' --header 'origin: https://x.nitrocommerce.ai' --header 'priority Oct 9 18:20:31 bastion LinuxCommandsWazuh: message repeated 2 times: [ User ashish [268698]: 607 curl --location 'http://10.84.3.103:10750/get-total-active-network-users' --header 'accept: application/json, text/plain, */*' --header 'accept-language: en-US,en;q=0.9' --header 'authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MzIyOCwibmFtZSI6IkFzaGlzaCIsImVtYWlsIjoiYXNoaXNoQGdldG5pdHJvLmNvIiwidXNlcm5hbWUiOiJhc2hpc2hAZ2V0bml0cm8uY28iLCJpc19hY3RpdmUiOnRydWUsImlzX3N1cGVydXNlciI6ZmFsc2UsInBhc3N3b3JkIjoicGJrZGYyX3NoYTI1NiQ2MDAwMDAkTlp1dmxINFd3REZQY2xzRTZHN1RzSSRCc01nZEVCajRRQXZmbkxLNVYxWm1SK0dQYlB4Q0g0QTI1dVB5aUFxZGs0PSIsImlzX2VtYWlsX3ZlcmlmaWVkIjp0cnVlLCJpc19waG9uZV92ZXJpZmllZCI6ZmFsc2UsInBob25lIjoiOTA2ODU4Mzc1OCIsInVzZXJfdG9rZW4iOiJjR0pyWkdZeVgzTm9ZVEkxTmlRMk1EQXdNREFrVGxwMWRteElORmQzUkVaUVkyeHpSVFpITjFSelNTUkNjMDFuWkVWQ2FqUlJRWFptYmt4TE5WWXh] Oct 9 18:21:22 bastion LinuxCommandsWazuh: User ashish [268698]: 607 curl --location 'http://10.84.3.103:10750/get-total-active-network-users' --header 'accept: application/json, text/plain, */*' --header 'accept-language: en-US,en;q=0.9' --header 'authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MzIyOCwibmFtZSI6IkFzaGlzaCIsImVtYWlsIjoiYXNoaXNoQGdldG5pdHJvLmNvIiwidXNlcm5hbWUiOiJhc2hpc2hAZ2V0bml0cm8uY28iLCJpc19hY3RpdmUiOnRydWUsImlzX3N1cGVydXNlciI6ZmFsc2UsInBhc3N3b3JkIjoicGJrZGYyX3NoYTI1NiQ2MDAwMDAkTlp1dmxINFd3REZQY2xzRTZHN1RzSSRCc01nZEVCajRRQXZmbkxLNVYxWm1SK0dQYlB4Q0g0QTI1dVB5aUFxZGs0PSIsImlzX2VtYWlsX3ZlcmlmaWVkIjp0cnVlLCJpc19waG9uZV92ZXJpZmllZCI6ZmFsc2UsInBob25lIjoiOTA2ODU4Mzc1OCIsInVzZXJfdG9rZW4iOiJjR0pyWkdZeVgzTm9ZVEkxTmlRMk1EQXdNREFrVGxwMWRteElORmQzUkVaUVkyeHpSVFpITjFSelNTUkNjMDFuWkVWQ2FqUlJRWFptYmt4TE5WWXhXbTFTSzBkUVlsQjRRMGcwUVRJMWRWQjVhVUZ4WkdzMFBRPT0iLCJpYXQiOjE3NTgyODA3ODEuMTYyODg0LCJleHAiOjE3NjA4NzI3ODEuMTYyODg0fQ.PP1RFoprURPvQLw-Va9jK3AHRegOkv1VG_OBUm0hGvY' --header 'origin: https://x.nitrocommerce.ai' --header 'priority Oct 9 18:21:22 bastion LinuxCommandsWazuh: User ashish [268698]: 607 curl --location 'http://10.84.3.103:10750/get-total-active-network-users' --header 'accept: application/json, text/plain, */*' --header 'accept-language: en-US,en;q=0.9' --header 'authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MzIyOCwibmFtZSI6IkFzaGlzaCIsImVtYWlsIjoiYXNoaXNoQGdldG5pdHJvLmNvIiwidXNlcm5hbWUiOiJhc2hpc2hAZ2V0bml0cm8uY28iLCJpc19hY3RpdmUiOnRydWUsImlzX3N1cGVydXNlciI6ZmFsc2UsInBhc3N3b3JkIjoicGJrZGYyX3NoYTI1NiQ2MDAwMDAkTlp1dmxINFd3REZQY2xzRTZHN1RzSSRCc01nZEVCajRRQXZmbkxLNVYxWm1SK0dQYlB4Q0g0QTI1dVB5aUFxZGs0PSIsImlzX2VtYWlsX3ZlcmlmaWVkIjp0cnVlLCJpc19waG9uZV92ZXJpZmllZCI6ZmFsc2UsInBob25lIjoiOTA2ODU4Mzc1OCIsInVzZXJfdG9rZW4iOiJjR0pyWkdZeVgzTm9ZVEkxTmlRMk1EQXdNREFrVGxwMWRteElORmQzUkVaUVkyeHpSVFpITjFSelNTUkNjMDFuWkVWQ2FqUlJRWFptYmt4TE5WWXhXbTFTSzBkUVlsQjRRMGcwUVRJMWRWQjVhVUZ4WkdzMFBRPT0iLCJpYXQiOjE3NTgyODA3ODEuMTYyODg0LCJleHAiOjE3NjA4NzI3ODEuMTYyODg0fQ.PP1RFoprURPvQLw-Va9jK3AHRegOkv1VG_OBUm0hGvY' --header 'origin: https://x.nitrocommerce.ai' --header 'priority Oct 9 18:21:23 bastion LinuxCommandsWazuh: User ashish [268698]: 608 curl -X POST 'http://10.84.3.103:10750/get-total-active-network-users' --header 'Accept: application/json, text/plain, */*' --header 'Accept-Language: en-US,en;q=0.9' --header 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MzIyOCwibmFtZSI6IkFzaGlzaCIsImVtYWlsIjoiYXNoaXNoQGdldG5pdHJvLmNvIiwidXNlcm5hbWUiOiJhc2hpc2hAZ2V0bml0cm8uY28iLCJpc19hY3RpdmUiOnRydWUsImlzX3N1cGVydXNlciI6ZmFsc2UsInBhc3N3b3JkIjoicGJrZGYyX3NoYTI1NiQ2MDAwMDAkTlp1dmxINFd3REZQY2xzRTZHN1RzSSRCc01nZEVCajRRQXZmbkxLNVYxWm1SK0dQYlB4Q0g0QTI1dVB5aUFxZGs0PSIsImlzX2VtYWlsX3ZlcmlmaWVkIjp0cnVlLCJpc19waG9uZV92ZXJpZmllZCI6ZmFsc2UsInBob25lIjoiOTA2ODU4Mzc1OCIsInVzZXJfdG9rZW4iOiJjR0pyWkdZeVgzTm9ZVEkxTmlRMk1EQXdNREFrVGxwMWRteElORmQzUkVaUVkyeHpSVFpITjFSelNTUkNjMDFuWkVWQ2FqUlJRWFptYmt4TE5WWXhXbTFTSzBkUVlsQjRRMGcwUVRJMWRWQjVhVUZ4WkdzMFBRPT0iLCJpYXQiOjE3NTgyODA3ODEuMTYyODg0LCJleHAiOjE3NjA4NzI3ODEuMTYyODg0fQ.PP1RFoprURPvQLw-Va9jK3AHRegOkv1VG_OBUm0hGvY' --header 'Origin: https://x.nitrocommerce.ai' --header 'Referer: ht Oct 9 18:21:29 bastion LinuxCommandsWazuh: User ashish [268698]: 609 curl -X POST 'http://10.84.3.103:10750/get-total-active-network-users' --header 'Accept: application/json, text/plain, */*' --header 'Accept-Language: en-US,en;q=0.9' --header 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MzIyOCwibmFtZSI6IkFzaGlzaCIsImVtYWlsIjoiYXNoaXNoQGdldG5pdHJvLmNvIiwidXNlcm5hbWUiOiJhc2hpc2hAZ2V0bml0cm8uY28iLCJpc19hY3RpdmUiOnRydWUsImlzX3N1cGVydXNlciI6ZmFsc2UsInBhc3N3b3JkIjoicGJrZGYyX3NoYTI1NiQ2MDAwMDAkTlp1dmxINFd3REZQY2xzRTZHN1RzSSRCc01nZEVCajRRQXZmbkxLNVYxWm1SK0dQYlB4Q0g0QTI1dVB5aUFxZGs0PSIsImlzX2VtYWlsX3ZlcmlmaWVkIjp0cnVlLCJpc19waG9uZV92ZXJpZmllZCI6ZmFsc2UsInBob25lIjoiOTA2ODU4Mzc1OCIsInVzZXJfdG9rZW4iOiJjR0pyWkdZeVgzTm9ZVEkxTmlRMk1EQXdNREFrVGxwMWRteElORmQzUkVaUVkyeHpSVFpITjFSelNTUkNjMDFuWkVWQ2FqUlJRWFptYmt4TE5WWXhXbTFTSzBkUVlsQjRRMGcwUVRJMWRWQjVhVUZ4WkdzMFBRPT0iLCJpYXQiOjE3NTgyODA3ODEuMTYyODg0LCJleHAiOjE3NjA4NzI3ODEuMTYyODg0fQ.PP1RFoprURPvQLw-Va9jK3AHRegOkv1VG_OBUm0hGvY' --header 'Origin: https://x.nitrocommerce.ai' --header 'Referer: ht Oct 9 18:21:36 bastion LinuxCommandsWazuh: User venky [300142]: 2031 curl -v 10.84.3.103:10750/health Oct 9 18:21:38 bastion LinuxCommandsWazuh: User venky [300142]: 2032 kubectl get po -owide | grep hou Oct 9 18:21:58 bastion LinuxCommandsWazuh: User ashish [268698]: 609 curl -X POST 'http://10.84.3.103:10750/get-total-active-network-users' --header 'Accept: application/json, text/plain, */*' --header 'Accept-Language: en-US,en;q=0.9' --header 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MzIyOCwibmFtZSI6IkFzaGlzaCIsImVtYWlsIjoiYXNoaXNoQGdldG5pdHJvLmNvIiwidXNlcm5hbWUiOiJhc2hpc2hAZ2V0bml0cm8uY28iLCJpc19hY3RpdmUiOnRydWUsImlzX3N1cGVydXNlciI6ZmFsc2UsInBhc3N3b3JkIjoicGJrZGYyX3NoYTI1NiQ2MDAwMDAkTlp1dmxINFd3REZQY2xzRTZHN1RzSSRCc01nZEVCajRRQXZmbkxLNVYxWm1SK0dQYlB4Q0g0QTI1dVB5aUFxZGs0PSIsImlzX2VtYWlsX3ZlcmlmaWVkIjp0cnVlLCJpc19waG9uZV92ZXJpZmllZCI6ZmFsc2UsInBob25lIjoiOTA2ODU4Mzc1OCIsInVzZXJfdG9rZW4iOiJjR0pyWkdZeVgzTm9ZVEkxTmlRMk1EQXdNREFrVGxwMWRteElORmQzUkVaUVkyeHpSVFpITjFSelNTUkNjMDFuWkVWQ2FqUlJRWFptYmt4TE5WWXhXbTFTSzBkUVlsQjRRMGcwUVRJMWRWQjVhVUZ4WkdzMFBRPT0iLCJpYXQiOjE3NTgyODA3ODEuMTYyODg0LCJleHAiOjE3NjA4NzI3ODEuMTYyODg0fQ.PP1RFoprURPvQLw-Va9jK3AHRegOkv1VG_OBUm0hGvY' --header 'Origin: https://x.nitrocommerce.ai' --header 'Referer: ht Oct 9 18:22:00 bastion LinuxCommandsWazuh: message repeated 4 times: [ User ashish [268698]: 609 curl -X POST 'http://10.84.3.103:10750/get-total-active-network-users' --header 'Accept: application/json, text/plain, */*' --header 'Accept-Language: en-US,en;q=0.9' --header 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MzIyOCwibmFtZSI6IkFzaGlzaCIsImVtYWlsIjoiYXNoaXNoQGdldG5pdHJvLmNvIiwidXNlcm5hbWUiOiJhc2hpc2hAZ2V0bml0cm8uY28iLCJpc19hY3RpdmUiOnRydWUsImlzX3N1cGVydXNlciI6ZmFsc2UsInBhc3N3b3JkIjoicGJrZGYyX3NoYTI1NiQ2MDAwMDAkTlp1dmxINFd3REZQY2xzRTZHN1RzSSRCc01nZEVCajRRQXZmbkxLNVYxWm1SK0dQYlB4Q0g0QTI1dVB5aUFxZGs0PSIsImlzX2VtYWlsX3ZlcmlmaWVkIjp0cnVlLCJpc19waG9uZV92ZXJpZmllZCI6ZmFsc2UsInBob25lIjoiOTA2ODU4Mzc1OCIsInVzZXJfdG9rZW4iOiJjR0pyWkdZeVgzTm9ZVEkxTmlRMk1EQXdNREFrVGxwMWRteElORmQzUkVaUVkyeHpSVFpITjFSelNTUkNjMDFuWkVWQ2FqUlJRWFptYmt4TE5WWXhXbT] Oct 9 18:22:05 bastion LinuxCommandsWazuh: User venky [300142]: 2033 stern house-of-click-6d9f79b55b-7plbt Oct 9 18:22:11 bastion LinuxCommandsWazuh: User venky [300142]: 2033 stern house-of-click-6d9f79b55b-7plbt Oct 9 18:22:22 bastion LinuxCommandsWazuh: User venky [300142]: 2034 kubectl logs house-of-click-6d9f79b55b-7plbt Oct 9 18:22:30 bastion LinuxCommandsWazuh: User ashish [268698]: 609 curl -X POST 'http://10.84.3.103:10750/get-total-active-network-users' --header 'Accept: application/json, text/plain, */*' --header 'Accept-Language: en-US,en;q=0.9' --header 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MzIyOCwibmFtZSI6IkFzaGlzaCIsImVtYWlsIjoiYXNoaXNoQGdldG5pdHJvLmNvIiwidXNlcm5hbWUiOiJhc2hpc2hAZ2V0bml0cm8uY28iLCJpc19hY3RpdmUiOnRydWUsImlzX3N1cGVydXNlciI6ZmFsc2UsInBhc3N3b3JkIjoicGJrZGYyX3NoYTI1NiQ2MDAwMDAkTlp1dmxINFd3REZQY2xzRTZHN1RzSSRCc01nZEVCajRRQXZmbkxLNVYxWm1SK0dQYlB4Q0g0QTI1dVB5aUFxZGs0PSIsImlzX2VtYWlsX3ZlcmlmaWVkIjp0cnVlLCJpc19waG9uZV92ZXJpZmllZCI6ZmFsc2UsInBob25lIjoiOTA2ODU4Mzc1OCIsInVzZXJfdG9rZW4iOiJjR0pyWkdZeVgzTm9ZVEkxTmlRMk1EQXdNREFrVGxwMWRteElORmQzUkVaUVkyeHpSVFpITjFSelNTUkNjMDFuWkVWQ2FqUlJRWFptYmt4TE5WWXhXbTFTSzBkUVlsQjRRMGcwUVRJMWRWQjVhVUZ4WkdzMFBRPT0iLCJpYXQiOjE3NTgyODA3ODEuMTYyODg0LCJleHAiOjE3NjA4NzI3ODEuMTYyODg0fQ.PP1RFoprURPvQLw-Va9jK3AHRegOkv1VG_OBUm0hGvY' --header 'Origin: https://x.nitrocommerce.ai' --header 'Referer: ht Oct 9 18:22:30 bastion LinuxCommandsWazuh: message repeated 2 times: [ User ashish [268698]: 609 curl -X POST 'http://10.84.3.103:10750/get-total-active-network-users' --header 'Accept: application/json, text/plain, */*' --header 'Accept-Language: en-US,en;q=0.9' --header 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MzIyOCwibmFtZSI6IkFzaGlzaCIsImVtYWlsIjoiYXNoaXNoQGdldG5pdHJvLmNvIiwidXNlcm5hbWUiOiJhc2hpc2hAZ2V0bml0cm8uY28iLCJpc19hY3RpdmUiOnRydWUsImlzX3N1cGVydXNlciI6ZmFsc2UsInBhc3N3b3JkIjoicGJrZGYyX3NoYTI1NiQ2MDAwMDAkTlp1dmxINFd3REZQY2xzRTZHN1RzSSRCc01nZEVCajRRQXZmbkxLNVYxWm1SK0dQYlB4Q0g0QTI1dVB5aUFxZGs0PSIsImlzX2VtYWlsX3ZlcmlmaWVkIjp0cnVlLCJpc19waG9uZV92ZXJpZmllZCI6ZmFsc2UsInBob25lIjoiOTA2ODU4Mzc1OCIsInVzZXJfdG9rZW4iOiJjR0pyWkdZeVgzTm9ZVEkxTmlRMk1EQXdNREFrVGxwMWRteElORmQzUkVaUVkyeHpSVFpITjFSelNTUkNjMDFuWkVWQ2FqUlJRWFptYmt4TE5WWXhXbT] Oct 9 18:22:34 bastion LinuxCommandsWazuh: User ashish [268698]: 610 curl -X POST 'http://10.84.6.177:10750/get-total-active-network-users' --header 'Accept: application/json, text/plain, */*' --header 'Accept-Language: en-US,en;q=0.9' --header 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MzIyOCwibmFtZSI6IkFzaGlzaCIsImVtYWlsIjoiYXNoaXNoQGdldG5pdHJvLmNvIiwidXNlcm5hbWUiOiJhc2hpc2hAZ2V0bml0cm8uY28iLCJpc19hY3RpdmUiOnRydWUsImlzX3N1cGVydXNlciI6ZmFsc2UsInBhc3N3b3JkIjoicGJrZGYyX3NoYTI1NiQ2MDAwMDAkTlp1dmxINFd3REZQY2xzRTZHN1RzSSRCc01nZEVCajRRQXZmbkxLNVYxWm1SK0dQYlB4Q0g0QTI1dVB5aUFxZGs0PSIsImlzX2VtYWlsX3ZlcmlmaWVkIjp0cnVlLCJpc19waG9uZV92ZXJpZmllZCI6ZmFsc2UsInBob25lIjoiOTA2ODU4Mzc1OCIsInVzZXJfdG9rZW4iOiJjR0pyWkdZeVgzTm9ZVEkxTmlRMk1EQXdNREFrVGxwMWRteElORmQzUkVaUVkyeHpSVFpITjFSelNTUkNjMDFuWkVWQ2FqUlJRWFptYmt4TE5WWXhXbTFTSzBkUVlsQjRRMGcwUVRJMWRWQjVhVUZ4WkdzMFBRPT0iLCJpYXQiOjE3NTgyODA3ODEuMTYyODg0LCJleHAiOjE3NjA4NzI3ODEuMTYyODg0fQ.PP1RFoprURPvQLw-Va9jK3AHRegOkv1VG_OBUm0hGvY' --header 'Origin: https://x.nitrocommerce.ai' --header 'Referer: ht Oct 9 18:22:34 bastion LinuxCommandsWazuh: User ashish [268698]: 610 curl -X POST 'http://10.84.6.177:10750/get-total-active-network-users' --header 'Accept: application/json, text/plain, */*' --header 'Accept-Language: en-US,en;q=0.9' --header 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MzIyOCwibmFtZSI6IkFzaGlzaCIsImVtYWlsIjoiYXNoaXNoQGdldG5pdHJvLmNvIiwidXNlcm5hbWUiOiJhc2hpc2hAZ2V0bml0cm8uY28iLCJpc19hY3RpdmUiOnRydWUsImlzX3N1cGVydXNlciI6ZmFsc2UsInBhc3N3b3JkIjoicGJrZGYyX3NoYTI1NiQ2MDAwMDAkTlp1dmxINFd3REZQY2xzRTZHN1RzSSRCc01nZEVCajRRQXZmbkxLNVYxWm1SK0dQYlB4Q0g0QTI1dVB5aUFxZGs0PSIsImlzX2VtYWlsX3ZlcmlmaWVkIjp0cnVlLCJpc19waG9uZV92ZXJpZmllZCI6ZmFsc2UsInBob25lIjoiOTA2ODU4Mzc1OCIsInVzZXJfdG9rZW4iOiJjR0pyWkdZeVgzTm9ZVEkxTmlRMk1EQXdNREFrVGxwMWRteElORmQzUkVaUVkyeHpSVFpITjFSelNTUkNjMDFuWkVWQ2FqUlJRWFptYmt4TE5WWXhXbTFTSzBkUVlsQjRRMGcwUVRJMWRWQjVhVUZ4WkdzMFBRPT0iLCJpYXQiOjE3NTgyODA3ODEuMTYyODg0LCJleHAiOjE3NjA4NzI3ODEuMTYyODg0fQ.PP1RFoprURPvQLw-Va9jK3AHRegOkv1VG_OBUm0hGvY' --header 'Origin: https://x.nitrocommerce.ai' --header 'Referer: ht Oct 9 18:22:43 bastion LinuxCommandsWazuh: User venky [300142]: 2034 kubectl logs house-of-click-6d9f79b55b-7plbt Oct 9 18:22:43 bastion LinuxCommandsWazuh: User venky [300142]: 2034 kubectl logs house-of-click-6d9f79b55b-7plbt Oct 9 18:22:45 bastion LinuxCommandsWazuh: User venky [300142]: 2035 kubectl get po -owide | grep hou Oct 9 18:23:16 bastion LinuxCommandsWazuh: User venky [300142]: 2035 kubectl get po -owide | grep hou Oct 9 18:23:16 bastion LinuxCommandsWazuh: message repeated 2 times: [ User venky [300142]: 2035 kubectl get po -owide | grep hou] Oct 9 18:23:34 bastion LinuxCommandsWazuh: User ashish [268698]: 611 curl -X POST 'http://10.84.6.177:10750/get-total-active-network-users' --header 'Accept: application/json, text/plain, */*' --header 'Accept-Language: en-US,en;q=0.9' --header 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MzIyOCwibmFtZSI6IkFzaGlzaCIsImVtYWlsIjoiYXNoaXNoQGdldG5pdHJvLmNvIiwidXNlcm5hbWUiOiJhc2hpc2hAZ2V0bml0cm8uY28iLCJpc19hY3RpdmUiOnRydWUsImlzX3N1cGVydXNlciI6ZmFsc2UsInBhc3N3b3JkIjoicGJrZGYyX3NoYTI1NiQ2MDAwMDAkTlp1dmxINFd3REZQY2xzRTZHN1RzSSRCc01nZEVCajRRQXZmbkxLNVYxWm1SK0dQYlB4Q0g0QTI1dVB5aUFxZGs0PSIsImlzX2VtYWlsX3ZlcmlmaWVkIjp0cnVlLCJpc19waG9uZV92ZXJpZmllZCI6ZmFsc2UsInBob25lIjoiOTA2ODU4Mzc1OCIsInVzZXJfdG9rZW4iOiJjR0pyWkdZeVgzTm9ZVEkxTmlRMk1EQXdNREFrVGxwMWRteElORmQzUkVaUVkyeHpSVFpITjFSelNTUkNjMDFuWkVWQ2FqUlJRWFptYmt4TE5WWXhXbTFTSzBkUVlsQjRRMGcwUVRJMWRWQjVhVUZ4WkdzMFBRPT0iLCJpYXQiOjE3NTgyODA3ODEuMTYyODg0LCJleHAiOjE3NjA4NzI3ODEuMTYyODg0fQ.PP1RFoprURPvQLw-Va9jK3AHRegOkv1VG_OBUm0hGvY' --header 'Origin: https://x.nitrocommerce.ai' --header 'Referer: ht Oct 9 18:28:32 bastion LinuxCommandsWazuh: User venky [350412]: 2000 stern house-of-click | grep get-total-active-network-users Oct 9 18:28:34 bastion LinuxCommandsWazuh: message repeated 3 times: [ User venky [350412]: 2000 stern house-of-click | grep get-total-active-network-users] Oct 9 18:28:34 bastion LinuxCommandsWazuh: User ayush [348007]: 481 sudo su - venky Oct 9 18:29:59 bastion LinuxCommandsWazuh: User ayush [374413]: 481 sudo su - venky Oct 9 18:30:17 bastion LinuxCommandsWazuh: User ayush [374413]: 482 kubectl get pods | grep chat Oct 9 18:30:30 bastion LinuxCommandsWazuh: User ayush [374413]: 483 kubectl exec -it bash Oct 9 18:33:39 bastion LinuxCommandsWazuh: User ayush [374413]: 484 kubectl exec -it chatbot-cdbd868fd-x8w99 bash Oct 9 18:33:56 bastion LinuxCommandsWazuh: User ayush [374413]: 485 kubectl get configmap Oct 9 18:34:29 bastion LinuxCommandsWazuh: User ayush [374413]: 486 kubectl edit configmap chatbot-config Oct 9 18:34:42 bastion LinuxCommandsWazuh: User mohtashim [296728]: 771 clickhouse-ssh Oct 9 18:51:09 bastion LinuxCommandsWazuh: User ashish [268698]: 611 curl -X POST 'http://10.84.6.177:10750/get-total-active-network-users' --header 'Accept: application/json, text/plain, */*' --header 'Accept-Language: en-US,en;q=0.9' --header 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MzIyOCwibmFtZSI6IkFzaGlzaCIsImVtYWlsIjoiYXNoaXNoQGdldG5pdHJvLmNvIiwidXNlcm5hbWUiOiJhc2hpc2hAZ2V0bml0cm8uY28iLCJpc19hY3RpdmUiOnRydWUsImlzX3N1cGVydXNlciI6ZmFsc2UsInBhc3N3b3JkIjoicGJrZGYyX3NoYTI1NiQ2MDAwMDAkTlp1dmxINFd3REZQY2xzRTZHN1RzSSRCc01nZEVCajRRQXZmbkxLNVYxWm1SK0dQYlB4Q0g0QTI1dVB5aUFxZGs0PSIsImlzX2VtYWlsX3ZlcmlmaWVkIjp0cnVlLCJpc19waG9uZV92ZXJpZmllZCI6ZmFsc2UsInBob25lIjoiOTA2ODU4Mzc1OCIsInVzZXJfdG9rZW4iOiJjR0pyWkdZeVgzTm9ZVEkxTmlRMk1EQXdNREFrVGxwMWRteElORmQzUkVaUVkyeHpSVFpITjFSelNTUkNjMDFuWkVWQ2FqUlJRWFptYmt4TE5WWXhXbTFTSzBkUVlsQjRRMGcwUVRJMWRWQjVhVUZ4WkdzMFBRPT0iLCJpYXQiOjE3NTgyODA3ODEuMTYyODg0LCJleHAiOjE3NjA4NzI3ODEuMTYyODg0fQ.PP1RFoprURPvQLw-Va9jK3AHRegOkv1VG_OBUm0hGvY' --header 'Origin: https://x.nitrocommerce.ai' --header 'Referer: ht Oct 9 18:51:09 bastion LinuxCommandsWazuh: message repeated 2 times: [ User ashish [268698]: 611 curl -X POST 'http://10.84.6.177:10750/get-total-active-network-users' --header 'Accept: application/json, text/plain, */*' --header 'Accept-Language: en-US,en;q=0.9' --header 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MzIyOCwibmFtZSI6IkFzaGlzaCIsImVtYWlsIjoiYXNoaXNoQGdldG5pdHJvLmNvIiwidXNlcm5hbWUiOiJhc2hpc2hAZ2V0bml0cm8uY28iLCJpc19hY3RpdmUiOnRydWUsImlzX3N1cGVydXNlciI6ZmFsc2UsInBhc3N3b3JkIjoicGJrZGYyX3NoYTI1NiQ2MDAwMDAkTlp1dmxINFd3REZQY2xzRTZHN1RzSSRCc01nZEVCajRRQXZmbkxLNVYxWm1SK0dQYlB4Q0g0QTI1dVB5aUFxZGs0PSIsImlzX2VtYWlsX3ZlcmlmaWVkIjp0cnVlLCJpc19waG9uZV92ZXJpZmllZCI6ZmFsc2UsInBob25lIjoiOTA2ODU4Mzc1OCIsInVzZXJfdG9rZW4iOiJjR0pyWkdZeVgzTm9ZVEkxTmlRMk1EQXdNREFrVGxwMWRteElORmQzUkVaUVkyeHpSVFpITjFSelNTUkNjMDFuWkVWQ2FqUlJRWFptYmt4TE5WWXhXbT] Oct 9 18:51:12 bastion LinuxCommandsWazuh: User ashish [268698]: 611 curl -X POST 'http://10.84.6.177:10750/get-total-active-network-users' --header 'Accept: application/json, text/plain, */*' --header 'Accept-Language: en-US,en;q=0.9' --header 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MzIyOCwibmFtZSI6IkFzaGlzaCIsImVtYWlsIjoiYXNoaXNoQGdldG5pdHJvLmNvIiwidXNlcm5hbWUiOiJhc2hpc2hAZ2V0bml0cm8uY28iLCJpc19hY3RpdmUiOnRydWUsImlzX3N1cGVydXNlciI6ZmFsc2UsInBhc3N3b3JkIjoicGJrZGYyX3NoYTI1NiQ2MDAwMDAkTlp1dmxINFd3REZQY2xzRTZHN1RzSSRCc01nZEVCajRRQXZmbkxLNVYxWm1SK0dQYlB4Q0g0QTI1dVB5aUFxZGs0PSIsImlzX2VtYWlsX3ZlcmlmaWVkIjp0cnVlLCJpc19waG9uZV92ZXJpZmllZCI6ZmFsc2UsInBob25lIjoiOTA2ODU4Mzc1OCIsInVzZXJfdG9rZW4iOiJjR0pyWkdZeVgzTm9ZVEkxTmlRMk1EQXdNREFrVGxwMWRteElORmQzUkVaUVkyeHpSVFpITjFSelNTUkNjMDFuWkVWQ2FqUlJRWFptYmt4TE5WWXhXbTFTSzBkUVlsQjRRMGcwUVRJMWRWQjVhVUZ4WkdzMFBRPT0iLCJpYXQiOjE3NTgyODA3ODEuMTYyODg0LCJleHAiOjE3NjA4NzI3ODEuMTYyODg0fQ.PP1RFoprURPvQLw-Va9jK3AHRegOkv1VG_OBUm0hGvY' --header 'Origin: https://x.nitrocommerce.ai' --header 'Referer: ht Oct 9 18:51:14 bastion LinuxCommandsWazuh: User ayush [374413]: 487 kubectl exec -it chatbot-cdbd868fd-x8w99 bash Oct 9 18:51:41 bastion LinuxCommandsWazuh: User ashish [268698]: 612 clickhouse-ssh Oct 9 18:54:18 bastion LinuxCommandsWazuh: User ankur [398106]: 598 exit Oct 9 18:54:21 bastion LinuxCommandsWazuh: User ankur [398256]: 598 exit Oct 9 18:55:33 bastion LinuxCommandsWazuh: User ubuntu [364029]: 2000 ls Oct 9 18:55:52 bastion LinuxCommandsWazuh: User ubuntu [364029]: 2001 psql Oct 9 18:56:11 bastion LinuxCommandsWazuh: User ubuntu [364029]: 2002 vi .bashrc Oct 9 18:56:58 bastion LinuxCommandsWazuh: User ankur [403642]: 598 exit Oct 9 18:57:00 bastion LinuxCommandsWazuh: User ankur [403642]: 599 ls Oct 9 18:57:09 bastion LinuxCommandsWazuh: User ankur [403642]: 600 k get pods | grep house Oct 9 18:57:31 bastion LinuxCommandsWazuh: message repeated 3 times: [ User ankur [403642]: 600 k get pods | grep house] Oct 9 18:57:39 bastion LinuxCommandsWazuh: User ankur [403642]: 601 k logs -f house-of-click-6d9f79b55b-7plbt Oct 9 18:57:48 bastion LinuxCommandsWazuh: message repeated 4 times: [ User ankur [403642]: 601 k logs -f house-of-click-6d9f79b55b-7plbt] Oct 9 18:58:07 bastion LinuxCommandsWazuh: User ankur [398106]: 599 byobu Oct 9 19:11:30 bastion LinuxCommandsWazuh: User ubuntu [364029]: 2003 psql -h 10.94.16.3 -d nitrox_v2 -U postgres Oct 9 19:34:58 bastion LinuxCommandsWazuh: User ashish [426311]: 594 byobu Oct 9 20:00:58 bastion LinuxCommandsWazuh: User ashish [268698]: 612 clickhouse-ssh Oct 9 20:02:52 bastion LinuxCommandsWazuh: User ashish [268698]: 613 curl -X POST 'http://10.84.6.177:10750/get-total-active-network-users' --header 'Accept: application/json, text/plain, */*' --header 'Accept-Language: en-US,en;q=0.9' --header 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MzIyOCwibmFtZSI6IkFzaGlzaCIsImVtYWlsIjoiYXNoaXNoQGdldG5pdHJvLmNvIiwidXNlcm5hbWUiOiJhc2hpc2hAZ2V0bml0cm8uY28iLCJpc19hY3RpdmUiOnRydWUsImlzX3N1cGVydXNlciI6ZmFsc2UsInBhc3N3b3JkIjoicGJrZGYyX3NoYTI1NiQ2MDAwMDAkTlp1dmxINFd3REZQY2xzRTZHN1RzSSRCc01nZEVCajRRQXZmbkxLNVYxWm1SK0dQYlB4Q0g0QTI1dVB5aUFxZGs0PSIsImlzX2VtYWlsX3ZlcmlmaWVkIjp0cnVlLCJpc19waG9uZV92ZXJpZmllZCI6ZmFsc2UsInBob25lIjoiOTA2ODU4Mzc1OCIsInVzZXJfdG9rZW4iOiJjR0pyWkdZeVgzTm9ZVEkxTmlRMk1EQXdNREFrVGxwMWRteElORmQzUkVaUVkyeHpSVFpITjFSelNTUkNjMDFuWkVWQ2FqUlJRWFptYmt4TE5WWXhXbTFTSzBkUVlsQjRRMGcwUVRJMWRWQjVhVUZ4WkdzMFBRPT0iLCJpYXQiOjE3NTgyODA3ODEuMTYyODg0LCJleHAiOjE3NjA4NzI3ODEuMTYyODg0fQ.PP1RFoprURPvQLw-Va9jK3AHRegOkv1VG_OBUm0hGvY' --header 'Origin: https://x.nitrocommerce.ai' --header 'Referer: ht Oct 9 20:11:14 bastion LinuxCommandsWazuh: User abhijeet [462153]: 1998 internal-server Oct 9 20:11:28 bastion LinuxCommandsWazuh: User abhijeet [462153]: 1999 ls Oct 9 20:19:58 bastion LinuxCommandsWazuh: User abhijeet [462153]: 2000 internal-server