Oct 13 04:32:38 bastion LinuxCommandsWazuh: User venky [1289691]: 2000 kubectl get po | grep cook Oct 13 04:33:25 bastion LinuxCommandsWazuh: User venky [1289691]: 2001 redis Oct 13 04:33:35 bastion LinuxCommandsWazuh: User venky [1289691]: 2002 kubectl get configmap Oct 13 04:34:14 bastion LinuxCommandsWazuh: User venky [1289691]: 2003 kubectl edit configmap nitrox-ck-config Oct 13 09:55:48 bastion LinuxCommandsWazuh: User ankur [1317048]: 619 exit Oct 13 09:56:03 bastion LinuxCommandsWazuh: User ankur [863946]: 618 k get pods | grep big-o Oct 13 09:56:19 bastion LinuxCommandsWazuh: User ankur [863946]: 619 k get pods -o wide | grep big-o Oct 13 10:16:57 bastion LinuxCommandsWazuh: User ankur [1323394]: 620 byobu Oct 13 10:17:00 bastion LinuxCommandsWazuh: User ankur [863946]: 619 k get pods -o wide | grep big-o Oct 13 10:17:02 bastion LinuxCommandsWazuh: User ankur [863946]: 619 k get pods -o wide | grep big-o Oct 13 10:17:05 bastion LinuxCommandsWazuh: message repeated 3 times: [ User ankur [863946]: 619 k get pods -o wide | grep big-o] Oct 13 10:17:07 bastion LinuxCommandsWazuh: User ankur [863946]: 619 k get pods -o wide | grep big-o Oct 13 10:17:13 bastion LinuxCommandsWazuh: User ankur [863946]: 620 k logs -f big-o-cookie-cutter-69f9cdd466-lmrmq Oct 13 10:17:23 bastion LinuxCommandsWazuh: User ankur [863946]: 620 k logs -f big-o-cookie-cutter-69f9cdd466-lmrmq Oct 13 10:17:24 bastion LinuxCommandsWazuh: message repeated 3 times: [ User ankur [863946]: 620 k logs -f big-o-cookie-cutter-69f9cdd466-lmrmq] Oct 13 10:17:25 bastion LinuxCommandsWazuh: User ankur [863946]: 621 k get pods -o wide | grep big-o Oct 13 10:17:27 bastion LinuxCommandsWazuh: User ankur [863946]: 621 k get pods -o wide | grep big-o Oct 13 10:17:44 bastion LinuxCommandsWazuh: message repeated 17 times: [ User ankur [863946]: 621 k get pods -o wide | grep big-o] Oct 13 10:17:45 bastion LinuxCommandsWazuh: User ankur [863946]: 621 k get pods -o wide | grep big-o Oct 13 10:17:58 bastion LinuxCommandsWazuh: message repeated 5 times: [ User ankur [863946]: 621 k get pods -o wide | grep big-o] Oct 13 10:18:00 bastion LinuxCommandsWazuh: User ankur [863946]: 621 k get pods -o wide | grep big-o Oct 13 10:18:01 bastion LinuxCommandsWazuh: User ankur [863946]: 621 k get pods -o wide | grep big-o Oct 13 10:18:03 bastion LinuxCommandsWazuh: User ankur [863946]: 621 k get pods -o wide | grep big-o Oct 13 10:18:08 bastion LinuxCommandsWazuh: message repeated 4 times: [ User ankur [863946]: 621 k get pods -o wide | grep big-o] Oct 13 10:18:26 bastion LinuxCommandsWazuh: User ankur [863946]: 622 k logs -f big-o-cookie-cutter-6b58898689-g89n5 Oct 13 10:18:33 bastion LinuxCommandsWazuh: User ankur [863946]: 622 k logs -f big-o-cookie-cutter-6b58898689-g89n5 Oct 13 10:18:34 bastion LinuxCommandsWazuh: User ankur [863946]: 622 k logs -f big-o-cookie-cutter-6b58898689-g89n5 Oct 13 10:18:40 bastion LinuxCommandsWazuh: User ankur [863946]: 622 k logs -f big-o-cookie-cutter-6b58898689-g89n5 Oct 13 10:18:41 bastion LinuxCommandsWazuh: User ankur [863946]: 623 k get pods -o wide | grep big-o Oct 13 10:19:26 bastion LinuxCommandsWazuh: User ankur [863946]: 623 k get pods -o wide | grep big-o Oct 13 10:19:31 bastion LinuxCommandsWazuh: message repeated 5 times: [ User ankur [863946]: 623 k get pods -o wide | grep big-o] Oct 13 10:19:52 bastion LinuxCommandsWazuh: User ankur [863946]: 623 k get pods -o wide | grep big-o Oct 13 10:19:54 bastion LinuxCommandsWazuh: User ankur [863946]: 623 k get pods -o wide | grep big-o Oct 13 10:19:55 bastion LinuxCommandsWazuh: User ankur [863946]: 623 k get pods -o wide | grep big-o Oct 13 10:20:18 bastion LinuxCommandsWazuh: User ankur [863946]: 624 k logs -f big-o-cookie-cutter-6b58898689-mqgws Oct 13 10:20:46 bastion LinuxCommandsWazuh: User ankur [863946]: 624 k logs -f big-o-cookie-cutter-6b58898689-mqgws Oct 13 10:20:47 bastion LinuxCommandsWazuh: message repeated 3 times: [ User ankur [863946]: 624 k logs -f big-o-cookie-cutter-6b58898689-mqgws] Oct 13 10:20:51 bastion LinuxCommandsWazuh: User ankur [863946]: 625 k get pods -o wide | grep big-o Oct 13 10:21:06 bastion LinuxCommandsWazuh: message repeated 4 times: [ User ankur [863946]: 625 k get pods -o wide | grep big-o] Oct 13 12:28:11 bastion LinuxCommandsWazuh: User abhijeet [1347796]: 1998 kubectl logs prometheus-server-7767c5dcb6-kzs9g -n loki -f Oct 13 12:28:17 bastion LinuxCommandsWazuh: User abhijeet [1347796]: 1999 ks Oct 13 12:28:19 bastion LinuxCommandsWazuh: User abhijeet [1347796]: 2000 cd k9 Oct 13 12:28:24 bastion LinuxCommandsWazuh: User abhijeet [1347796]: 2001 cd k8s/ Oct 13 12:28:24 bastion LinuxCommandsWazuh: User abhijeet [1347796]: 2002 ls Oct 13 12:28:27 bastion LinuxCommandsWazuh: User abhijeet [1347796]: 2003 cd loki/ Oct 13 12:28:28 bastion LinuxCommandsWazuh: User abhijeet [1347796]: 2004 l Oct 13 12:28:30 bastion LinuxCommandsWazuh: User abhijeet [1347796]: 2005 cd loki/ Oct 13 12:28:30 bastion LinuxCommandsWazuh: User abhijeet [1347796]: 2006 ls Oct 13 12:38:27 bastion LinuxCommandsWazuh: User ashish [1348734]: 691 byobu Oct 13 12:38:28 bastion LinuxCommandsWazuh: message repeated 3 times: [ User ashish [1348734]: 691 byobu] Oct 13 12:41:52 bastion LinuxCommandsWazuh: User ashish [974451]: 694 redis Oct 13 12:42:28 bastion LinuxCommandsWazuh: User ashish [974451]: 695 auth 628a85a2-9474-475a-b234-f00bbae11964 Oct 13 12:43:16 bastion LinuxCommandsWazuh: User ashish [974451]: 696 redis Oct 13 12:43:17 bastion LinuxCommandsWazuh: User ashish [909816]: 692 mongo pixel_v1;l Oct 13 12:43:18 bastion LinuxCommandsWazuh: User ashish [1348734]: 691 byobu Oct 13 12:43:20 bastion LinuxCommandsWazuh: message repeated 3 times: [ User ashish [1348734]: 691 byobu] Oct 13 12:43:20 bastion LinuxCommandsWazuh: User ashish [1348734]: 692 clear Oct 13 12:43:21 bastion LinuxCommandsWazuh: message repeated 4 times: [ User ashish [1348734]: 692 clear] Oct 13 12:43:23 bastion LinuxCommandsWazuh: User ashish [1353468]: 697 mongo pixel_v1;l Oct 13 12:50:59 bastion LinuxCommandsWazuh: User venky [1361251]: 2000 redis Oct 13 13:04:52 bastion LinuxCommandsWazuh: User abhijeet [1347796]: 2007 cd .. Oct 13 13:04:52 bastion LinuxCommandsWazuh: User abhijeet [1347796]: 2008 ls Oct 13 13:04:54 bastion LinuxCommandsWazuh: User abhijeet [1347796]: 2009 cd .. Oct 13 13:04:54 bastion LinuxCommandsWazuh: User abhijeet [1347796]: 2010 ls Oct 13 13:04:56 bastion LinuxCommandsWazuh: User abhijeet [1347796]: 2010 ls Oct 13 13:06:20 bastion LinuxCommandsWazuh: User anam [1376740]: 19 sudo su abhijeet Oct 13 13:06:30 bastion LinuxCommandsWazuh: User abhijeet [1376898]: 1998 kubectl logs prometheus-server-7767c5dcb6-kzs9g -n loki -f Oct 13 13:06:44 bastion LinuxCommandsWazuh: User abhijeet [1376898]: 1999 internal server Oct 13 13:06:57 bastion LinuxCommandsWazuh: User abhijeet [1376898]: 1999 internal server Oct 13 13:07:14 bastion LinuxCommandsWazuh: User ubuntu [1377597]: 1999 exit Oct 13 13:08:00 bastion LinuxCommandsWazuh: User ubuntu [1377597]: 2000 ssh nitro@10.8.0.5 Oct 13 13:09:36 bastion LinuxCommandsWazuh: User abhijeet [1379852]: 1998 kubectl logs prometheus-server-7767c5dcb6-kzs9g -n loki -f Oct 13 13:09:37 bastion LinuxCommandsWazuh: User abhijeet [1379852]: 1999 ls Oct 13 13:09:52 bastion LinuxCommandsWazuh: User abhijeet [1379852]: 1999 ls Oct 13 13:10:07 bastion LinuxCommandsWazuh: User abhijeet [1347796]: 2011 cd . Oct 13 13:10:11 bastion LinuxCommandsWazuh: User abhijeet [1347796]: 2012 sudo anam Oct 13 13:10:19 bastion LinuxCommandsWazuh: User anam [1380532]: 19 sudo su abhijeet Oct 13 13:10:20 bastion LinuxCommandsWazuh: User anam [1380532]: 20 cd Oct 13 13:10:22 bastion LinuxCommandsWazuh: User anam [1380532]: 21 ls Oct 13 13:10:26 bastion LinuxCommandsWazuh: User anam [1380532]: 22 cat .ssh/ Oct 13 13:10:26 bastion LinuxCommandsWazuh: User anam [1380532]: 23 ls Oct 13 13:10:28 bastion LinuxCommandsWazuh: User anam [1380532]: 24 cd .ssh/ Oct 13 13:10:28 bastion LinuxCommandsWazuh: User anam [1380532]: 25 ls Oct 13 13:10:45 bastion LinuxCommandsWazuh: User anam [1380532]: 26 ssh-keygen Oct 13 13:10:46 bastion LinuxCommandsWazuh: User anam [1380532]: 26 ssh-keygen Oct 13 13:10:47 bastion LinuxCommandsWazuh: User anam [1380532]: 27 ls Oct 13 13:10:49 bastion LinuxCommandsWazuh: User anam [1380532]: 27 ls Oct 13 13:10:53 bastion LinuxCommandsWazuh: User anam [1380532]: 28 cat id_rsa.pub Oct 13 13:10:54 bastion LinuxCommandsWazuh: User anam [1380532]: 29 ls Oct 13 13:12:43 bastion LinuxCommandsWazuh: User abhijeet [1379852]: 2000 internal-server Oct 13 13:12:44 bastion LinuxCommandsWazuh: User abhijeet [1379852]: 2001 ls Oct 13 13:12:51 bastion LinuxCommandsWazuh: User abhijeet [1379852]: 2002 cat .bashrc Oct 13 13:13:01 bastion LinuxCommandsWazuh: User anam [1380532]: 30 cdc Oct 13 13:13:02 bastion LinuxCommandsWazuh: User anam [1380532]: 31 cd . Oct 13 13:13:02 bastion LinuxCommandsWazuh: User anam [1380532]: 32 ls Oct 13 13:13:04 bastion LinuxCommandsWazuh: User anam [1380532]: 33 cd\ Oct 13 13:13:05 bastion LinuxCommandsWazuh: User anam [1380532]: 34 cd Oct 13 13:13:06 bastion LinuxCommandsWazuh: User anam [1380532]: 35 ls Oct 13 13:13:19 bastion LinuxCommandsWazuh: User anam [1380532]: 36 ssh anam@34.131.103.89 Oct 13 13:13:19 bastion LinuxCommandsWazuh: User anam [1380532]: 37 ls Oct 13 13:13:41 bastion LinuxCommandsWazuh: User anam [1380532]: 38 c Oct 13 13:13:42 bastion LinuxCommandsWazuh: User anam [1380532]: 39 cd Oct 13 13:13:42 bastion LinuxCommandsWazuh: User anam [1380532]: 40 ls Oct 13 13:14:02 bastion LinuxCommandsWazuh: User anam [1380532]: 41 vim .bashrc Oct 13 13:19:05 bastion LinuxCommandsWazuh: User anam [1380532]: 42 internal-tool Oct 13 13:19:07 bastion LinuxCommandsWazuh: User abhijeet [1347796]: 2013 sudo su anam Oct 13 13:19:08 bastion LinuxCommandsWazuh: User anam [1389472]: 43 exit Oct 13 13:19:11 bastion LinuxCommandsWazuh: User anam [1389472]: 44 cd Oct 13 13:19:13 bastion LinuxCommandsWazuh: User anam [1389472]: 45 ls Oct 13 13:19:33 bastion LinuxCommandsWazuh: User anam [1389472]: 46 internal-tool Oct 13 13:19:38 bastion LinuxCommandsWazuh: User abhijeet [1347796]: 2013 sudo su anam Oct 13 13:20:02 bastion LinuxCommandsWazuh: User abhijeet [1347796]: 2014 ls Oct 13 13:20:16 bastion LinuxCommandsWazuh: User ubuntu [1377597]: 2001 internal Oct 13 13:20:20 bastion LinuxCommandsWazuh: User abhijeet [1376898]: 2000 sudo su ubuntu Oct 13 13:20:26 bastion LinuxCommandsWazuh: User anam [1376740]: 19 sudo su abhijeet Oct 13 13:22:03 bastion LinuxCommandsWazuh: User ankur [1392339]: 620 byobu Oct 13 13:22:05 bastion LinuxCommandsWazuh: User ankur [1392339]: 621 ls Oct 13 13:26:23 bastion LinuxCommandsWazuh: User mohtashim [1397096]: 785 clickhouse-ssh Oct 13 13:26:25 bastion LinuxCommandsWazuh: User mohtashim [1397096]: 786 clear Oct 13 13:26:52 bastion LinuxCommandsWazuh: User mohtashim [1397096]: 786 clear Oct 13 13:26:53 bastion LinuxCommandsWazuh: User mohtashim [1397096]: 786 clear Oct 13 13:41:20 bastion abhijeet: root@ [1411477]: exit [0] Oct 13 13:41:22 bastion LinuxCommandsWazuh: User abhijeet [1347796]: 2015 sudo su Oct 13 13:42:08 bastion LinuxCommandsWazuh: User abhijeet [1347796]: 2016 cd /home/ak Oct 13 13:42:09 bastion LinuxCommandsWazuh: User abhijeet [1347796]: 2017 lsc Oct 13 13:42:12 bastion LinuxCommandsWazuh: User ak [1412325]: 299 sudo su venky Oct 13 13:42:12 bastion LinuxCommandsWazuh: User ak [1412325]: 300 lsc Oct 13 13:42:13 bastion LinuxCommandsWazuh: User ak [1412325]: 301 cd Oct 13 13:42:13 bastion LinuxCommandsWazuh: User ak [1412325]: 302 ls Oct 13 13:42:15 bastion LinuxCommandsWazuh: User ak [1412325]: 302 ls Oct 13 13:42:33 bastion LinuxCommandsWazuh: User ak [1412325]: 303 cd .ssh/ Oct 13 13:42:33 bastion LinuxCommandsWazuh: User ak [1412325]: 304 ls Oct 13 13:42:35 bastion LinuxCommandsWazuh: User ak [1412325]: 305 cd .. Oct 13 13:42:36 bastion LinuxCommandsWazuh: User ak [1412325]: 306 ls Oct 13 13:42:41 bastion LinuxCommandsWazuh: User ak [1412325]: 306 ls Oct 13 13:42:45 bastion LinuxCommandsWazuh: User ak [1412325]: 307 cat .bashrc Oct 13 13:42:49 bastion LinuxCommandsWazuh: User abhijeet [1347796]: 2018 sudo su ak Oct 13 13:43:03 bastion LinuxCommandsWazuh: User abhijeet [1413369]: 1998 exit Oct 13 13:43:25 bastion LinuxCommandsWazuh: User abhijeet [1413369]: 1999 ls Oct 13 13:44:00 bastion LinuxCommandsWazuh: User abhijeet [1413369]: 2000 tar -cvf k8s.tar k8s/ Oct 13 13:44:00 bastion LinuxCommandsWazuh: User abhijeet [1413369]: 2001 ls Oct 13 13:44:11 bastion LinuxCommandsWazuh: User abhijeet [1413369]: 2002 sudo cp k8s.tar /home/ubuntu/ Oct 13 13:44:15 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 1999 exit Oct 13 13:44:16 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2000 ls Oct 13 13:44:17 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2001 cd Oct 13 13:44:18 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2002 lks Oct 13 13:44:19 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2003 ls Oct 13 13:44:31 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2004 tar -xvf k8s.tar Oct 13 13:44:32 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2005 ls Oct 13 13:44:37 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2006 rm k8s.tar Oct 13 13:44:38 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2007 ls Oct 13 13:44:44 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2008 rm k8s.tar Oct 13 13:44:45 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2009 ls Oct 13 13:44:56 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2010 sudo rm k8s.tar Oct 13 13:44:56 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2011 ls Oct 13 13:44:58 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2012 cd k8s/ Oct 13 13:44:58 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2013 ls Oct 13 13:45:00 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2013 ls Oct 13 13:45:15 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2014 mkdir temp-backup Oct 13 13:45:16 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2015 ls Oct 13 13:45:17 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2015 ls Oct 13 13:48:07 bastion LinuxCommandsWazuh: User abhijeet [1418910]: 1998 exit Oct 13 13:48:09 bastion LinuxCommandsWazuh: User abhijeet [1418910]: 1999 ls Oct 13 13:49:12 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2016 ./kubexporter -n nitrox-production --target ./nitrox-production Oct 13 13:49:19 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2017 ls Oct 13 13:49:30 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2017 ls Oct 13 13:49:41 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2018 cd .. Oct 13 13:49:41 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2019 ls Oct 13 13:50:11 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2020 find / -name nitrox-production Oct 13 13:50:18 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2021 find ./ -name nitrox-production Oct 13 13:50:20 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2022 ls Oct 13 13:50:32 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2023 cd k8s/ Oct 13 13:50:33 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2024 ls Oct 13 13:50:50 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2025 mkdir nitrox-production Oct 13 13:50:51 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2026 ls Oct 13 13:51:28 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2027 ./kubexporter -n nitrox-production --target ./nitrox-production/ Oct 13 13:51:31 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2028 cd nitrox-production/ Oct 13 13:51:31 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2029 ls Oct 13 13:51:33 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2030 cd .. Oct 13 13:51:34 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2031 ls Oct 13 13:52:24 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2032 sudo find / -name nitrox-production Oct 13 13:52:30 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2033 ls Oct 13 13:52:36 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2034 kubectl get pods Oct 13 13:55:01 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2034 kubectl get pods Oct 13 13:55:38 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2035 ls Oct 13 14:05:23 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2036 whoami Oct 13 14:05:24 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2037 ls Oct 13 14:05:51 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2037 ls Oct 13 14:05:57 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2038 cp /home/service.json . Oct 13 14:05:57 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2039 ls Oct 13 14:05:59 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2039 ls Oct 13 14:06:02 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2040 cat service.json Oct 13 14:06:48 bastion LinuxCommandsWazuh: User ayush [1438085]: 489 mongo Oct 13 14:06:55 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2041 gcloud auth activate-service-account --key-file=./service.json Oct 13 14:06:57 bastion LinuxCommandsWazuh: User venky [1438266]: 2000 redis Oct 13 14:07:01 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2042 kubectl get pods Oct 13 14:07:55 bastion LinuxCommandsWazuh: User venky [1438266]: 2001 stern cookie-cutter Oct 13 14:07:57 bastion LinuxCommandsWazuh: message repeated 7 times: [ User venky [1438266]: 2001 stern cookie-cutter] Oct 13 14:08:10 bastion LinuxCommandsWazuh: User venky [1438266]: 2002 stern cookie-cutter | grep Error message Oct 13 14:08:11 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2043 vim service.json Oct 13 14:08:13 bastion LinuxCommandsWazuh: User ashish [1353468]: 698 redis Oct 13 14:08:15 bastion LinuxCommandsWazuh: message repeated 3 times: [ User ashish [1353468]: 698 redis] Oct 13 14:08:22 bastion LinuxCommandsWazuh: User ankur [1392339]: 622 zodiac-server Oct 13 14:08:23 bastion LinuxCommandsWazuh: User abhijeet [1418910]: 1999 ls Oct 13 14:08:28 bastion LinuxCommandsWazuh: User ankur [1439943]: 620 byobu Oct 13 14:08:29 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2044 kubectl get pods Oct 13 14:08:32 bastion LinuxCommandsWazuh: User abhijeet [1418910]: 1999 ls Oct 13 14:08:35 bastion LinuxCommandsWazuh: User ankur [863946]: 625 k get pods -o wide | grep big-o Oct 13 14:08:44 bastion LinuxCommandsWazuh: User abhijeet [1418910]: 1999 ls Oct 13 14:09:09 bastion LinuxCommandsWazuh: User venky [1438266]: 2003 stern cookie-cutter | grep "Error message" Oct 13 14:09:09 bastion LinuxCommandsWazuh: User venky [1438266]: 2003 stern cookie-cutter | grep "Error message" Oct 13 14:09:40 bastion LinuxCommandsWazuh: User venky [1438266]: 2004 stern cookie-cutter | grep ":version_x:app.py:" Oct 13 14:09:41 bastion LinuxCommandsWazuh: User venky [1438266]: 2004 stern cookie-cutter | grep ":version_x:app.py:" Oct 13 14:10:57 bastion LinuxCommandsWazuh: User ubuntu [1444757]: 1999 exit Oct 13 14:11:05 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2045 gcloud auth list Oct 13 14:11:21 bastion LinuxCommandsWazuh: User abhijeet [1418910]: 2000 gcloud auth list Oct 13 14:11:21 bastion LinuxCommandsWazuh: User abhijeet [1418910]: 2000 gcloud auth list Oct 13 14:11:39 bastion LinuxCommandsWazuh: User ubuntu [1444757]: 2000 gcloud container clusters get-credentials nitrox-production --zone asia-south2-b --project nitrox-436511 Oct 13 14:11:48 bastion LinuxCommandsWazuh: User ubuntu [1444757]: 2001 kubectl get pods Oct 13 14:11:53 bastion LinuxCommandsWazuh: User ubuntu [1444757]: 2002 kubectl get pods -n loki Oct 13 14:12:04 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2046 kubectl get pods Oct 13 14:12:08 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2047 kubectl get pods -n loki Oct 13 14:12:09 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2048 ls Oct 13 14:12:28 bastion LinuxCommandsWazuh: User venky [1438266]: 2005 redis Oct 13 14:12:32 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2048 ls Oct 13 14:12:42 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2049 rm -rf nitrox-production/ Oct 13 14:13:23 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2050 ./kubexporter -n nitrox-production --target ./nitrox-production Oct 13 14:13:24 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2051 ls Oct 13 14:13:28 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2052 cd nitrox-production/ Oct 13 14:13:28 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2053 ;s Oct 13 14:13:29 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2054 ls Oct 13 14:13:38 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2055 mkdir backup Oct 13 14:13:38 bastion LinuxCommandsWazuh: User ankur [863946]: 625 k get pods -o wide | grep big-o Oct 13 14:13:40 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2056 cd nitrox-production/ Oct 13 14:13:40 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2057 ls Oct 13 14:13:41 bastion LinuxCommandsWazuh: User ankur [863946]: 625 k get pods -o wide | grep big-o Oct 13 14:14:06 bastion LinuxCommandsWazuh: User ankur [863946]: 626 k logs -f big-o-cookie-cutter-6b58898689-v7x96 --previous Oct 13 14:14:16 bastion LinuxCommandsWazuh: User venky [1438266]: 2006 stern cookie-cutter | grep ":version_x:app.py:" Oct 13 14:14:17 bastion LinuxCommandsWazuh: message repeated 2 times: [ User venky [1438266]: 2006 stern cookie-cutter | grep ":version_x:app.py:"] Oct 13 14:14:18 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2058 kubectl get deployment -n nitrox-production Oct 13 14:14:22 bastion LinuxCommandsWazuh: User venky [1451312]: 2000 redis Oct 13 14:14:26 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2059 ls Oct 13 14:14:54 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2060 #vim apps.Deployment.link-ui.yaml Oct 13 14:14:56 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2061 ls Oct 13 14:15:00 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2062 lsc Oct 13 14:15:01 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2063 ls Oct 13 14:15:09 bastion LinuxCommandsWazuh: User venky [1453672]: 2000 redis Oct 13 14:15:14 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2064 kubectl get pods -o wide | grep link Oct 13 14:15:19 bastion LinuxCommandsWazuh: User venky [1438266]: 2007 byobu Oct 13 14:15:20 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2065 kubectl get pods -o wide -n all| grep link Oct 13 14:15:24 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2066 kubectl get pods -o wide -n A| grep link Oct 13 14:15:30 bastion LinuxCommandsWazuh: User ankur [863946]: 626 k logs -f big-o-cookie-cutter-6b58898689-v7x96 --previous Oct 13 14:15:33 bastion LinuxCommandsWazuh: User ankur [863946]: 627 k get pods -o wide | grep big-o Oct 13 14:15:34 bastion LinuxCommandsWazuh: User ankur [863946]: 628 kubectl logs -f big-o-cookie-cutter-6b58898689-v7x96 --previous > old_pod_logs.txt Oct 13 14:15:35 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2067 kubectl get pods -o wide -n nitrox-production| grep link Oct 13 14:15:38 bastion LinuxCommandsWazuh: User ankur [863946]: 629 ls Oct 13 14:15:46 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2068 ls Oct 13 14:16:16 bastion LinuxCommandsWazuh: User ankur [863946]: 630 less old_pod_logs.txt Oct 13 14:16:22 bastion LinuxCommandsWazuh: User ankur [863946]: 631 grep "Error" old_pod_logs.txt Oct 13 14:16:23 bastion LinuxCommandsWazuh: User mohtashim [1458256]: 787 clickhouse-ssh Oct 13 14:16:45 bastion LinuxCommandsWazuh: User ankur [863946]: 632 #kubectl logs -f big-o-cookie-cutter-6b58898689-v7x96 --previous | tee old_pod_logs.txt Oct 13 14:16:54 bastion LinuxCommandsWazuh: User ankur [863946]: 633 kubectl logs -f big-o-cookie-cutter-6b58898689-v7x96 --previous | tee old_pod_logs2.txt Oct 13 14:16:56 bastion LinuxCommandsWazuh: User ankur [863946]: 634 ls Oct 13 14:17:17 bastion LinuxCommandsWazuh: User ankur [863946]: 634 ls Oct 13 14:17:17 bastion LinuxCommandsWazuh: User ankur [863946]: 634 ls Oct 13 14:17:25 bastion LinuxCommandsWazuh: User venky [1453672]: 2001 stern cookie-cutter | grep ":version_x:app.py:" Oct 13 14:17:26 bastion LinuxCommandsWazuh: message repeated 2 times: [ User venky [1453672]: 2001 stern cookie-cutter | grep ":version_x:app.py:"] Oct 13 14:17:28 bastion LinuxCommandsWazuh: User ankur [863946]: 635 rm -rf old_pod_logs.txt old_pod_logs2.txt Oct 13 14:17:29 bastion LinuxCommandsWazuh: User ankur [863946]: 636 ls Oct 13 14:17:34 bastion LinuxCommandsWazuh: User ankur [863946]: 637 kubectl logs big-o-cookie-cutter-6b58898689-v7x96 --previous > old_pod_logs.txt Oct 13 14:17:35 bastion LinuxCommandsWazuh: User ankur [863946]: 638 ls Oct 13 14:17:50 bastion LinuxCommandsWazuh: User ankur [863946]: 639 head old_pod_logs.txt Oct 13 14:18:05 bastion LinuxCommandsWazuh: User ankur [863946]: 639 head old_pod_logs.txt Oct 13 14:18:05 bastion LinuxCommandsWazuh: User ankur [863946]: 639 head old_pod_logs.txt Oct 13 14:18:06 bastion LinuxCommandsWazuh: User ankur [863946]: 640 ls Oct 13 14:18:16 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2069 cp apps.Deployment.link-ui.yaml ../backup/apps.Deployment.link-ui-$(date +%Y-%m-%d).yaml Oct 13 14:18:18 bastion LinuxCommandsWazuh: User ankur [863946]: 641 cat .bashrc Oct 13 14:18:20 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2070 ls Oct 13 14:18:22 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2071 cd .. Oct 13 14:18:23 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2072 lsc Oct 13 14:18:25 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2072 lsc Oct 13 14:18:25 bastion LinuxCommandsWazuh: User ankur [863946]: 642 pwfd Oct 13 14:18:26 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2072 lsc Oct 13 14:18:27 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2073 ls Oct 13 14:18:27 bastion LinuxCommandsWazuh: User ankur [863946]: 643 pwd Oct 13 14:18:31 bastion LinuxCommandsWazuh: User ankur [1464316]: 620 byobu Oct 13 14:18:41 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2074 cd backup/ Oct 13 14:18:42 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2075 lsc Oct 13 14:18:43 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2076 ls Oct 13 14:18:44 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2076 ls Oct 13 14:18:48 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2077 cat apps.Deployment.link-ui-2025-10-13.yaml Oct 13 14:18:49 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2078 ls Oct 13 14:18:51 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2079 cd .. Oct 13 14:18:52 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2080 ls Oct 13 14:18:53 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2081 cd nitrox-production/ Oct 13 14:18:54 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2082 ls Oct 13 14:18:56 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2082 ls Oct 13 14:19:45 bastion LinuxCommandsWazuh: User venky [1453672]: 2001 stern cookie-cutter | grep ":version_x:app.py:" Oct 13 14:19:45 bastion LinuxCommandsWazuh: User venky [1453672]: 2001 stern cookie-cutter | grep ":version_x:app.py:" Oct 13 14:19:58 bastion LinuxCommandsWazuh: User abhijeet [1379852]: 2003 internal-server Oct 13 14:19:59 bastion LinuxCommandsWazuh: User abhijeet [1379852]: 2004 ls Oct 13 14:20:03 bastion LinuxCommandsWazuh: User abhijeet [1379852]: 2005 cd k8s/loki/ Oct 13 14:20:04 bastion LinuxCommandsWazuh: User abhijeet [1379852]: 2006 ls Oct 13 14:20:05 bastion LinuxCommandsWazuh: User abhijeet [1379852]: 2007 cd loki/ Oct 13 14:20:06 bastion LinuxCommandsWazuh: User abhijeet [1379852]: 2008 ls Oct 13 14:27:41 bastion LinuxCommandsWazuh: User nikhil [1486248]: 65 exit Oct 13 14:30:32 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2083 vim apps.Deployment.link-ui.yaml Oct 13 14:30:53 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2084 #kubectl apply -f apps.Deployment.link-ui.yaml -n nitrox-production Oct 13 14:31:10 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2085 kubectl get pods -o wide -n nitrox-production Oct 13 14:31:18 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2086 kubectl get pods -o wide -n nitrox-production | grep link Oct 13 14:31:24 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2087 kubectl apply -f apps.Deployment.link-ui.yaml -n nitrox-production Oct 13 14:31:28 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2088 kubectl get pods -o wide -n nitrox-production | grep link Oct 13 14:31:31 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2088 kubectl get pods -o wide -n nitrox-production | grep link Oct 13 14:32:20 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2089 watch 'kubectl get pods -o wide -n nitrox-production | grep link' Oct 13 14:32:24 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2090 kubectl get pods -o wide -n nitrox-production | grep link Oct 13 14:32:43 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2091 kubectl logs link-ui-7bc9468554-m5b8h -n nitrox-production Oct 13 14:32:53 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2091 kubectl logs link-ui-7bc9468554-m5b8h -n nitrox-production Oct 13 14:33:12 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2091 kubectl logs link-ui-7bc9468554-m5b8h -n nitrox-production Oct 13 14:33:24 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2092 kubectl logs link-ui-7bc9468554-m5b8h -n nitrox-production -f Oct 13 14:33:25 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2093 ls Oct 13 14:33:28 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2094 kubectl get pods -o wide -n nitrox-production | grep link Oct 13 14:33:32 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2094 kubectl get pods -o wide -n nitrox-production | grep link Oct 13 14:43:04 bastion LinuxCommandsWazuh: User venky [1453672]: 2001 stern cookie-cutter | grep ":version_x:app.py:" Oct 13 14:43:04 bastion LinuxCommandsWazuh: User venky [1453672]: 2001 stern cookie-cutter | grep ":version_x:app.py:" Oct 13 14:47:48 bastion LinuxCommandsWazuh: User nikhil [1529991]: 66 zodiac-server Oct 13 14:47:53 bastion LinuxCommandsWazuh: User venky [1451312]: 2000 redis Oct 13 14:47:59 bastion LinuxCommandsWazuh: User venky [1451312]: 2001 redi Oct 13 14:52:11 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2095 watch 'kubectl get pods -o wide -n nitrox-production | grep link' Oct 13 14:52:12 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2096 lsc Oct 13 14:52:34 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2097 cd .. Oct 13 14:52:35 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2097 cd .. Oct 13 14:52:35 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2098 ls Oct 13 14:52:44 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2099 vim README.md Oct 13 14:54:06 bastion LinuxCommandsWazuh: User ubuntu [1543300]: 1999 kubectl get pods -n loki Oct 13 14:54:07 bastion LinuxCommandsWazuh: User ubuntu [1543300]: 2000 ls Oct 13 14:54:18 bastion LinuxCommandsWazuh: User ankur [863946]: 643 pwd Oct 13 14:54:18 bastion LinuxCommandsWazuh: message repeated 2 times: [ User ankur [863946]: 643 pwd] Oct 13 14:54:19 bastion LinuxCommandsWazuh: User ubuntu [1543300]: 2001 cd .. Oct 13 14:54:27 bastion LinuxCommandsWazuh: User ubuntu [1543300]: 2002 sudo su nikhil-art Oct 13 14:54:29 bastion LinuxCommandsWazuh: User ubuntu [1543300]: 2003 ls Oct 13 14:54:35 bastion LinuxCommandsWazuh: User ankur [1544279]: 648 exit Oct 13 14:54:38 bastion LinuxCommandsWazuh: User ankur [1544279]: 649 ls Oct 13 14:54:39 bastion LinuxCommandsWazuh: User ubuntu [1543300]: 2004 sudo su nikhils-art/ Oct 13 14:54:42 bastion LinuxCommandsWazuh: User nikhils-art [1544493]: Oct 13 14:54:51 bastion LinuxCommandsWazuh: User ankur [1544279]: 650 k get pods -o wide | grep big-o Oct 13 14:55:01 bastion LinuxCommandsWazuh: message repeated 7 times: [ User ankur [1544279]: 650 k get pods -o wide | grep big-o] Oct 13 14:55:10 bastion LinuxCommandsWazuh: User ankur [1544279]: 651 k logs -f big-o-cookie-cutter-5cc959f4f9-g58cg Oct 13 14:57:10 bastion LinuxCommandsWazuh: User ankur [1544279]: 651 k logs -f big-o-cookie-cutter-5cc959f4f9-g58cg Oct 13 14:57:14 bastion LinuxCommandsWazuh: User ankur [1544279]: 651 k logs -f big-o-cookie-cutter-5cc959f4f9-g58cg Oct 13 14:57:41 bastion LinuxCommandsWazuh: User ankur [1544279]: 651 k logs -f big-o-cookie-cutter-5cc959f4f9-g58cg Oct 13 14:57:43 bastion LinuxCommandsWazuh: User ankur [1544279]: 652 k get pods -o wide | grep big-o Oct 13 14:57:43 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2100 vim WORKING.md Oct 13 14:57:44 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2101 ls Oct 13 14:57:47 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2102 cat WORKING.md Oct 13 14:57:48 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2103 ls Oct 13 14:57:50 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2104 cd nitrox-production/ Oct 13 14:57:51 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2105 ls Oct 13 14:57:53 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2106 cd nitrox-production/ Oct 13 14:57:53 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2107 lsc Oct 13 14:57:54 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2108 ls Oct 13 14:58:00 bastion LinuxCommandsWazuh: User ankur [1544279]: 653 k logs -f big-o-cookie-cutter-5cc959f4f9-g58cg --previous Oct 13 14:58:29 bastion LinuxCommandsWazuh: User ankur [1544279]: 653 k logs -f big-o-cookie-cutter-5cc959f4f9-g58cg --previous Oct 13 14:58:30 bastion LinuxCommandsWazuh: message repeated 3 times: [ User ankur [1544279]: 653 k logs -f big-o-cookie-cutter-5cc959f4f9-g58cg --previous] Oct 13 14:58:32 bastion LinuxCommandsWazuh: User ankur [1544279]: 653 k logs -f big-o-cookie-cutter-5cc959f4f9-g58cg --previous Oct 13 15:00:27 bastion LinuxCommandsWazuh: User rihan [1555981]: 1425 byobu Oct 13 15:00:48 bastion LinuxCommandsWazuh: User nikhils-art [1544493]: Oct 13 15:00:48 bastion LinuxCommandsWazuh: User nikhils-art [1544493]: 1 ls Oct 13 15:00:50 bastion LinuxCommandsWazuh: User nikhils-art [1544493]: 2 cd .ssh/ Oct 13 15:00:50 bastion LinuxCommandsWazuh: User nikhils-art [1544493]: 3 ;s Oct 13 15:00:51 bastion LinuxCommandsWazuh: User nikhils-art [1544493]: 4 cd Oct 13 15:00:51 bastion LinuxCommandsWazuh: User nikhils-art [1544493]: 5 ls Oct 13 15:01:02 bastion LinuxCommandsWazuh: User nikhils-art [1544493]: 6 ssh-keygen Oct 13 15:01:04 bastion LinuxCommandsWazuh: User nikhils-art [1544493]: 7 ls Oct 13 15:01:09 bastion LinuxCommandsWazuh: User nikhils-art [1544493]: 8 cat /home/nikhils-art/.ssh/id_rsa.pub Oct 13 15:01:41 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2109 kubectl get pods -o wide -n nitrox-production | grep link Oct 13 15:01:48 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2110 ls Oct 13 15:02:04 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2111 kubectl get pods -o wide -n nitrox-production Oct 13 15:02:07 bastion LinuxCommandsWazuh: User ubuntu [1543300]: 2005 sudo su nikhils-art Oct 13 15:02:10 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2112 kubectl get pods -o wide -n nitrox-production | grep ray Oct 13 15:02:12 bastion LinuxCommandsWazuh: User sandeep [1559271]: 19 exit Oct 13 15:02:16 bastion LinuxCommandsWazuh: User sandeep [1559271]: 20 history Oct 13 15:05:20 bastion LinuxCommandsWazuh: User ankur [1544279]: 653 k logs -f big-o-cookie-cutter-5cc959f4f9-g58cg --previous Oct 13 15:05:21 bastion LinuxCommandsWazuh: message repeated 2 times: [ User ankur [1544279]: 653 k logs -f big-o-cookie-cutter-5cc959f4f9-g58cg --previous] Oct 13 15:05:40 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2113 ls Oct 13 15:06:50 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2114 vim apps.Deployment.xlr8.yaml Oct 13 15:06:56 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2115 ls Oct 13 15:07:03 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2116 cat ../../WORKING.md Oct 13 15:07:29 bastion LinuxCommandsWazuh: User ubuntu [1414507]: 2117 cp apps.Deployment.xlr8.yaml apps.Deployment.xlr8-$(date +%Y-%m-%d).yaml Oct 13 15:08:20 bastion LinuxCommandsWazuh: User sandeep [1559271]: 21 cd Oct 13 15:08:20 bastion LinuxCommandsWazuh: User sandeep [1559271]: 22 ls Oct 13 15:08:35 bastion LinuxCommandsWazuh: User sandeep [1559271]: 23 vi .bashrc Oct 13 15:08:41 bastion LinuxCommandsWazuh: User ubuntu [1543300]: 2006 sudo su sandeep Oct 13 15:08:44 bastion LinuxCommandsWazuh: User nikhils-art [1572514]: exit Oct 13 15:08:45 bastion LinuxCommandsWazuh: User nikhils-art [1572514]: 10 cd Oct 13 15:08:47 bastion LinuxCommandsWazuh: User nikhils-art [1572514]: 11 alias zodiac-server="ssh ubuntu@13.232.83.204" Oct 13 15:08:48 bastion LinuxCommandsWazuh: User nikhils-art [1572514]: 11 alias zodiac-server="ssh ubuntu@13.232.83.204" Oct 13 15:09:12 bastion LinuxCommandsWazuh: User nikhils-art [1572514]: 12 vi .bashrc Oct 13 15:09:17 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 1999 cp apps.Deployment.xlr8.yaml apps.Deployment.xlr8-$(date +%Y-%m-%d).yaml Oct 13 15:09:18 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2000 cd Oct 13 15:09:18 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2001 ls Oct 13 15:09:20 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2002 lcd Oct 13 15:09:23 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2003 cd k8s/ Oct 13 15:09:23 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2004 ls Oct 13 15:09:26 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2005 cd nitrox-production/ Oct 13 15:09:26 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2006 ls Oct 13 15:09:28 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2007 cd nitrox-production/ Oct 13 15:09:29 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2008 ls Oct 13 15:09:41 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2009 mv apps.Deployment.xlr8-2025-10-13.yaml ../backup/ Oct 13 15:09:42 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2010 ls Oct 13 15:10:03 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2011 cat apps.Deployment.xlr8.yaml Oct 13 15:10:11 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2012 cat apps.Deployment.link-ui.yaml Oct 13 15:10:12 bastion LinuxCommandsWazuh: User nikhils-art [1572514]: 13 sudo deluser nikhil google-sudoers Oct 13 15:10:12 bastion LinuxCommandsWazuh: User nikhils-art [1572514]: 14 sudo deluser nikhil ubuntu Oct 13 15:10:12 bastion LinuxCommandsWazuh: User nikhils-art [1572514]: 14 sudo deluser nikhil ubuntu Oct 13 15:10:22 bastion LinuxCommandsWazuh: User nikhils-art [1572514]: 15 sudo deluser nikhil google-sudoers Oct 13 15:10:23 bastion LinuxCommandsWazuh: User nikhils-art [1572514]: 15 sudo deluser nikhil google-sudoers Oct 13 15:10:27 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2013 kubectl get pods -o wide -n nitrox-production | grep ray Oct 13 15:10:30 bastion LinuxCommandsWazuh: User nikhils-art [1572514]: 16 sudo deluser nikhils-art google-sudoers Oct 13 15:10:35 bastion LinuxCommandsWazuh: User nikhils-art [1572514]: 17 sudo deluser nikhils-art ubuntu Oct 13 15:10:37 bastion LinuxCommandsWazuh: User ubuntu [1543300]: 2007 sudo su nikhils-art Oct 13 15:10:39 bastion LinuxCommandsWazuh: User nikhils-art [1576225]: 18 exit Oct 13 15:10:42 bastion LinuxCommandsWazuh: User nikhils-art [1576225]: 19 sudo su Oct 13 15:10:44 bastion LinuxCommandsWazuh: User nikhils-art [1576225]: 20 cs Oct 13 15:10:45 bastion LinuxCommandsWazuh: User nikhils-art [1576225]: 21 cd Oct 13 15:10:46 bastion LinuxCommandsWazuh: User nikhils-art [1576225]: 22 ls Oct 13 15:10:47 bastion LinuxCommandsWazuh: User nikhils-art [1576225]: 22 ls Oct 13 15:11:17 bastion LinuxCommandsWazuh: User nikhils-art [1576225]: 23 sudo usermod -aG recordusers shubham Oct 13 15:11:19 bastion LinuxCommandsWazuh: User ubuntu [1543300]: 2007 sudo su nikhils-art Oct 13 15:11:26 bastion LinuxCommandsWazuh: User ubuntu [1543300]: 2008 sudo usermod -aG recordusers shubham Oct 13 15:11:34 bastion LinuxCommandsWazuh: User ubuntu [1543300]: 2009 sudo usermod -aG recordusers nikhils-art Oct 13 15:11:53 bastion LinuxCommandsWazuh: User abhijeet [1578661]: 1998 sudo su ubuntu Oct 13 15:11:53 bastion LinuxCommandsWazuh: User abhijeet [1578661]: 1999 ls Oct 13 15:11:57 bastion LinuxCommandsWazuh: User ubuntu [1578797]: 1999 cp apps.Deployment.xlr8.yaml apps.Deployment.xlr8-$(date +%Y-%m-%d).yaml Oct 13 15:12:00 bastion LinuxCommandsWazuh: User ubuntu [1578797]: 2000 cd Oct 13 15:12:00 bastion LinuxCommandsWazuh: User ubuntu [1578797]: 2001 ls Oct 13 15:12:04 bastion LinuxCommandsWazuh: User ubuntu [1578797]: 2002 cd k8s/ Oct 13 15:12:05 bastion LinuxCommandsWazuh: User ubuntu [1578797]: 2003 ls Oct 13 15:12:07 bastion LinuxCommandsWazuh: User ubuntu [1578797]: 2004 cd nitrox-production/ Oct 13 15:12:08 bastion LinuxCommandsWazuh: User ubuntu [1578797]: 2005 ls Oct 13 15:12:13 bastion LinuxCommandsWazuh: User ubuntu [1578797]: 2006 cat backup/apps.Deployment. Oct 13 15:12:16 bastion LinuxCommandsWazuh: User nikhils-art [1579465]: 24 exit Oct 13 15:12:17 bastion LinuxCommandsWazuh: User nikhils-art [1579465]: 25 cd Oct 13 15:12:19 bastion LinuxCommandsWazuh: User ubuntu [1578797]: 2007 cat backup/apps.Deployment.link-ui-2025-10-13.yaml Oct 13 15:12:22 bastion LinuxCommandsWazuh: User nikhils-art [1579465]: 26 zodiac-server Oct 13 15:12:24 bastion LinuxCommandsWazuh: User ubuntu [1543300]: 2010 sudo su nikhils-art Oct 13 15:12:34 bastion LinuxCommandsWazuh: User ubuntu [1578797]: 2008 cat nitrox-production/apps.Deployment.link-ui.yaml Oct 13 15:14:02 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2014 vim apps.Deployment.xlr8.yaml Oct 13 15:14:18 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2015 kubectl apply -f apps.Deployment.xlr8.yaml -n nitrox-production Oct 13 15:14:21 bastion LinuxCommandsWazuh: User ubuntu [1583519]: 1999 exit Oct 13 15:14:22 bastion LinuxCommandsWazuh: User ubuntu [1583519]: 2000 cd .. Oct 13 15:14:23 bastion LinuxCommandsWazuh: User ubuntu [1583519]: 2001 ls Oct 13 15:14:25 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2016 kubectl get pods -o wide -n nitrox-production | grep ray Oct 13 15:14:31 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2017 kubectl get pods -o wide -n nitrox-production | grep xl Oct 13 15:14:36 bastion LinuxCommandsWazuh: User saurav [1584057]: Oct 13 15:15:07 bastion LinuxCommandsWazuh: User saurav [1584057]: 1 sudo deluser saurav google-sudoers Oct 13 15:15:07 bastion LinuxCommandsWazuh: User saurav [1584057]: 1 sudo deluser saurav google-sudoers Oct 13 15:15:07 bastion LinuxCommandsWazuh: User saurav [1584057]: 2 sudo usermod -aG recordusers saurav Oct 13 15:15:22 bastion LinuxCommandsWazuh: User saurav [1584057]: 3 sudo deluser saurav ubuntu Oct 13 15:15:23 bastion LinuxCommandsWazuh: User ubuntu [1583519]: 2002 sudo su saurav Oct 13 15:15:24 bastion LinuxCommandsWazuh: User saurav [1586433]: 4 exit Oct 13 15:15:26 bastion LinuxCommandsWazuh: User saurav [1586433]: 5 sudos u Oct 13 15:15:29 bastion LinuxCommandsWazuh: User saurav [1586433]: 6 sudo su Oct 13 15:15:30 bastion LinuxCommandsWazuh: User saurav [1586433]: 7 cd Oct 13 15:15:38 bastion LinuxCommandsWazuh: User ubuntu [1583519]: 2002 sudo su saurav Oct 13 15:15:42 bastion LinuxCommandsWazuh: User ubuntu [1583519]: 2003 cd Oct 13 15:15:49 bastion LinuxCommandsWazuh: User ubuntu [1583519]: 2004 vi .bashrc Oct 13 15:15:50 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2018 watch 'kubectl get pods -o wide -n nitrox-production | grep xl' Oct 13 15:15:52 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2019 ls Oct 13 15:15:55 bastion LinuxCommandsWazuh: User sandeep [1587797]: 24 exit Oct 13 15:15:57 bastion LinuxCommandsWazuh: User sandeep [1587797]: 25 cd Oct 13 15:16:04 bastion LinuxCommandsWazuh: User sandeep [1587797]: 26 vi .bashrc Oct 13 15:16:06 bastion LinuxCommandsWazuh: User ubuntu [1583519]: 2005 sudo su sandeep Oct 13 15:16:09 bastion LinuxCommandsWazuh: User saurav [1588268]: 8 exit Oct 13 15:16:10 bastion LinuxCommandsWazuh: User saurav [1588268]: cd Oct 13 15:16:33 bastion LinuxCommandsWazuh: User saurav [1588268]: 10 vi .bashrc Oct 13 15:18:37 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2020 vim apps.Deployment.munshiji-green.yaml Oct 13 15:18:56 bastion LinuxCommandsWazuh: User saurav [1588268]: 11 ssh-keygen Oct 13 15:18:58 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2021 kubectl get deployment -n nitrox-production Oct 13 15:19:03 bastion LinuxCommandsWazuh: User saurav [1588268]: 12 cat /home/saurav/.ssh/id_rsa.pub Oct 13 15:19:30 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2022 cat apps.Deployment.munshiji-green.yaml Oct 13 15:19:32 bastion LinuxCommandsWazuh: User saurav [1588268]: 13 vi .bashrc Oct 13 15:19:34 bastion LinuxCommandsWazuh: User ubuntu [1583519]: 2006 sudo su saurav Oct 13 15:19:34 bastion LinuxCommandsWazuh: User saurav [1594562]: 14 exit Oct 13 15:19:35 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2023 cat apps.Deployment.munshiji-green.yaml | grep blue Oct 13 15:19:39 bastion LinuxCommandsWazuh: User saurav [1594562]: 15 zodiac-server Oct 13 15:19:51 bastion LinuxCommandsWazuh: User ubuntu [1583519]: 2006 sudo su saurav Oct 13 15:20:06 bastion LinuxCommandsWazuh: User ubuntu [1583519]: 2007 kubectl get deploy -n nitrox-production Oct 13 15:20:32 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2024 kubectl get pods -o wide | grep vor Oct 13 15:20:46 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2025 kubectl get pods -o wide -n nitrox-production| grep vor Oct 13 15:23:05 bastion LinuxCommandsWazuh: User ubuntu [1583519]: 2008 kubectl logs -f vortex -n nitrox-production Oct 13 15:23:14 bastion LinuxCommandsWazuh: User ubuntu [1583519]: 2008 kubectl logs -f vortex -n nitrox-production Oct 13 15:23:16 bastion LinuxCommandsWazuh: User ubuntu [1583519]: 2009 k get pods Oct 13 15:24:03 bastion LinuxCommandsWazuh: User ubuntu [1578797]: 2009 kubectl get pods -n loki -o wide | grep vor Oct 13 15:24:08 bastion LinuxCommandsWazuh: User ubuntu [1578797]: 2010 kubectl get pods -n loki -o wide | grep mis Oct 13 15:24:38 bastion LinuxCommandsWazuh: User ubuntu [1578797]: 2011 kubectl get pods -n nitrox-production -o wide | grep gke-nitrox-productio-miscellaneous-on-3abe177f-d0ps Oct 13 15:25:07 bastion LinuxCommandsWazuh: User ubuntu [1578797]: 2012 kubectl get pods -n loki -o wide | grep app Oct 13 15:25:20 bastion LinuxCommandsWazuh: User ubuntu [1578797]: 2013 ls Oct 13 15:25:22 bastion LinuxCommandsWazuh: User ubuntu [1578797]: 2014 kubectl get pods -n loki -o wide | grep app Oct 13 15:25:35 bastion LinuxCommandsWazuh: User ubuntu [1578797]: 2015 cd .. Oct 13 15:25:35 bastion LinuxCommandsWazuh: User ubuntu [1578797]: 2016 ls Oct 13 15:25:39 bastion LinuxCommandsWazuh: User ubuntu [1578797]: 2017 cd loki/ Oct 13 15:25:39 bastion LinuxCommandsWazuh: User ubuntu [1578797]: 2018 ls Oct 13 15:25:42 bastion LinuxCommandsWazuh: User ubuntu [1578797]: 2019 cd loki/ Oct 13 15:25:42 bastion LinuxCommandsWazuh: User ubuntu [1578797]: 2020 ls Oct 13 15:26:04 bastion LinuxCommandsWazuh: User ubuntu [1578797]: 2021 vim apps.DaemonSet.promtail.yaml Oct 13 15:26:20 bastion LinuxCommandsWazuh: User ubuntu [1578797]: 2022 kubectl apply apps.DaemonSet.promtail.yaml -n loki Oct 13 15:26:36 bastion LinuxCommandsWazuh: User ubuntu [1578797]: 2023 kubectl apply -f apps.DaemonSet.promtail.yaml -n loki Oct 13 15:26:45 bastion LinuxCommandsWazuh: User ubuntu [1578797]: 2024 kubectl get pods -n loki -o wide | grep ap Oct 13 15:26:51 bastion LinuxCommandsWazuh: User ubuntu [1578797]: 2025 kubectl get pods -n loki -o wide | grep prom Oct 13 15:26:54 bastion LinuxCommandsWazuh: User ubuntu [1578797]: 2025 kubectl get pods -n loki -o wide | grep prom Oct 13 15:26:57 bastion LinuxCommandsWazuh: message repeated 2 times: [ User ubuntu [1578797]: 2025 kubectl get pods -n loki -o wide | grep prom] Oct 13 15:29:23 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2026 ls Oct 13 15:31:04 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2026 ls Oct 13 15:31:10 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2027 ls | grep dae Oct 13 15:31:22 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2028 ls Oct 13 15:31:26 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2029 cd .. Oct 13 15:31:28 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2029 cd .. Oct 13 15:31:28 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2030 l Oct 13 15:31:31 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2031 cd loki/ Oct 13 15:31:32 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2032 ls Oct 13 15:31:34 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2033 cd loki/ Oct 13 15:31:34 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2034 ls Oct 13 15:31:45 bastion LinuxCommandsWazuh: User abhijeet [1379852]: 2009 vim apps.Deployment.grafana.yaml Oct 13 15:37:40 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2035 vim apps.DaemonSet.promtail.yaml Oct 13 15:37:41 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2036 ls Oct 13 15:37:55 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2037 cd .. Oct 13 15:37:55 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2038 ls Oct 13 15:38:00 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2039 rm distributor.yaml Oct 13 15:38:05 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2040 mkdir backup Oct 13 15:38:29 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2041 ls Oct 13 15:38:38 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2042 cd backup/ Oct 13 15:38:38 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2043 ls Oct 13 15:38:40 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2044 cd .. Oct 13 15:38:40 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2045 ls Oct 13 15:38:42 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2046 cd loki/ Oct 13 15:38:42 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2047 ls Oct 13 15:38:55 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2048 cat ../../WORKING.md Oct 13 15:39:32 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2049 cp apps.DaemonSet.promtail.yaml ../backup/apps.DaemonSet.promtail-$(date +%Y-%m-%d).yaml Oct 13 15:39:38 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2050 cat ../backup/apps.DaemonSet.promtail-2025-10-13.yaml Oct 13 15:39:40 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2051 ls Oct 13 15:41:47 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2052 vim apps.DaemonSet.promtail.yaml Oct 13 15:41:59 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2053 kubectl apply -f apps.DaemonSet.promtail.yaml -n loki Oct 13 15:42:03 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2054 kubectl get pods -n loki Oct 13 15:42:13 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2055 kubectl get pods -n loki -o wide Oct 13 15:42:18 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2056 kubectl get pods -n loki -o wide | grep prom Oct 13 15:42:24 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2057 kubectl get pods -n loki -o wide | grep promtail Oct 13 15:42:31 bastion LinuxCommandsWazuh: message repeated 2 times: [ User ubuntu [1573554]: 2057 kubectl get pods -n loki -o wide | grep promtail] Oct 13 15:42:32 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2057 kubectl get pods -n loki -o wide | grep promtail Oct 13 15:43:04 bastion LinuxCommandsWazuh: User venky [1451312]: 2002 redis Oct 13 15:43:05 bastion LinuxCommandsWazuh: User venky [1451312]: 2002 redis Oct 13 15:43:06 bastion LinuxCommandsWazuh: User venky [1453672]: 2001 stern cookie-cutter | grep ":version_x:app.py:" Oct 13 15:43:06 bastion LinuxCommandsWazuh: User venky [1438266]: 2007 byobu Oct 13 15:43:07 bastion LinuxCommandsWazuh: User venky [1438266]: 2007 byobu Oct 13 15:43:07 bastion LinuxCommandsWazuh: User ayush [1438085]: 490 sudo su - venky Oct 13 15:43:08 bastion LinuxCommandsWazuh: User ayush [1438085]: 490 sudo su - venky Oct 13 15:45:06 bastion LinuxCommandsWazuh: User abhijeet [1379852]: 2010 vim apps.DaemonSet.prometheus-prometheus-node-exporter.yaml Oct 13 15:45:14 bastion LinuxCommandsWazuh: User abhijeet [1379852]: 2011 cd .. Oct 13 15:45:22 bastion LinuxCommandsWazuh: User ubuntu [1643498]: 1999 exit Oct 13 15:45:23 bastion LinuxCommandsWazuh: User ubuntu [1643498]: 2000 cd Oct 13 15:45:24 bastion LinuxCommandsWazuh: User ubuntu [1643498]: 2001 ls Oct 13 15:45:27 bastion LinuxCommandsWazuh: User ubuntu [1643498]: 2002 cd k8s/' Oct 13 15:45:28 bastion LinuxCommandsWazuh: User ubuntu [1643498]: 2003 cd k8s/ Oct 13 15:45:29 bastion LinuxCommandsWazuh: User ubuntu [1643498]: 2004 l;sc Oct 13 15:45:30 bastion LinuxCommandsWazuh: User ubuntu [1643498]: 2005 ls Oct 13 15:45:34 bastion LinuxCommandsWazuh: User ubuntu [1643498]: 2006 cd nitrox-production/ Oct 13 15:45:34 bastion LinuxCommandsWazuh: User ubuntu [1643498]: 2007 ls Oct 13 15:45:37 bastion LinuxCommandsWazuh: User ubuntu [1643498]: 2008 cd nitrox-production/ Oct 13 15:45:37 bastion LinuxCommandsWazuh: User ubuntu [1643498]: 2009 ls Oct 13 15:45:39 bastion LinuxCommandsWazuh: User ubuntu [1643498]: 2010 lsc Oct 13 15:45:55 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2058 watch 'kubectl get pods -n loki -o wide | grep promtail' Oct 13 15:45:58 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2059 kubectl get pods -n loki -o wide | grep promtail Oct 13 15:46:16 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2060 cd .. Oct 13 15:46:16 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2061 l Oct 13 15:46:18 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2062 cd .. Oct 13 15:46:18 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2063 ls Oct 13 15:46:20 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2064 cd nitrox-production/ Oct 13 15:46:20 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2065 ls Oct 13 15:46:22 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2066 cd nitrox-production/ Oct 13 15:46:22 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2067 lsc Oct 13 15:46:26 bastion LinuxCommandsWazuh: User ankur [1544279]: 653 k logs -f big-o-cookie-cutter-5cc959f4f9-g58cg --previous Oct 13 15:46:30 bastion LinuxCommandsWazuh: User ankur [1544279]: 654 k get pods -o wide | grep big-o Oct 13 15:46:43 bastion LinuxCommandsWazuh: User ankur [1544279]: 655 k logs -f big-o-cookie-cutter-5cc959f4f9-xb6ml --previous Oct 13 15:46:46 bastion LinuxCommandsWazuh: User ubuntu [1573554]: 2068 vim apps.Deployment.munshiji-green.yaml Oct 13 15:46:47 bastion LinuxCommandsWazuh: User ankur [1544279]: 655 k logs -f big-o-cookie-cutter-5cc959f4f9-xb6ml --previous Oct 13 15:51:29 bastion LinuxCommandsWazuh: User ankur [1544279]: 655 k logs -f big-o-cookie-cutter-5cc959f4f9-xb6ml --previous Oct 13 15:51:29 bastion LinuxCommandsWazuh: message repeated 2 times: [ User ankur [1544279]: 655 k logs -f big-o-cookie-cutter-5cc959f4f9-xb6ml --previous] Oct 13 15:52:55 bastion LinuxCommandsWazuh: User saurav [1651189]: 16 exit Oct 13 16:02:06 bastion LinuxCommandsWazuh: User ankur [1544279]: 655 k logs -f big-o-cookie-cutter-5cc959f4f9-xb6ml --previous Oct 13 16:02:06 bastion LinuxCommandsWazuh: message repeated 2 times: [ User ankur [1544279]: 655 k logs -f big-o-cookie-cutter-5cc959f4f9-xb6ml --previous] Oct 13 16:02:57 bastion LinuxCommandsWazuh: User ankur [1544279]: 656 ls Oct 13 16:03:09 bastion LinuxCommandsWazuh: User ankur [1544279]: 656 ls Oct 13 16:03:58 bastion LinuxCommandsWazuh: message repeated 3 times: [ User ankur [1544279]: 656 ls] Oct 13 16:03:58 bastion LinuxCommandsWazuh: User ankur [1544279]: 657 l Oct 13 16:03:59 bastion LinuxCommandsWazuh: User ankur [1544279]: 658 sl Oct 13 16:04:00 bastion LinuxCommandsWazuh: User ankur [1544279]: 659 l Oct 13 16:04:01 bastion LinuxCommandsWazuh: User ankur [1544279]: 660 ls Oct 13 16:04:35 bastion LinuxCommandsWazuh: message repeated 4 times: [ User ankur [1544279]: 660 ls] Oct 13 16:07:10 bastion LinuxCommandsWazuh: User nikhils-art [1665617]: 27 exit Oct 13 16:25:17 bastion LinuxCommandsWazuh: User mohtashim [1683075]: 788 clickhouse-ssh Oct 13 16:25:38 bastion LinuxCommandsWazuh: User mohtashim [1684124]: 788 clickhouse-ssh Oct 13 16:29:29 bastion LinuxCommandsWazuh: User ayush [1687735]: 490 sudo su - venky Oct 13 16:29:33 bastion LinuxCommandsWazuh: User venky [1687837]: 2000 byobu Oct 13 16:32:27 bastion LinuxCommandsWazuh: User ankur [1544279]: 660 ls Oct 13 16:32:28 bastion LinuxCommandsWazuh: message repeated 2 times: [ User ankur [1544279]: 660 ls] Oct 13 16:32:53 bastion LinuxCommandsWazuh: User ankur [1544279]: 661 k get pods | grep big-o Oct 13 16:35:01 bastion LinuxCommandsWazuh: User mohtashim [1684124]: 789 psql -h 10.94.16.3 -U postgres -d vortex_v2 Oct 13 16:35:09 bastion LinuxCommandsWazuh: User mohtashim [1684124]: 790 stern vortex Oct 13 16:35:09 bastion LinuxCommandsWazuh: message repeated 2 times: [ User mohtashim [1684124]: 790 stern vortex] Oct 13 16:35:23 bastion LinuxCommandsWazuh: User mohtashim [1684124]: 791 stern vortex | grep "error" Oct 13 16:35:57 bastion LinuxCommandsWazuh: User mohtashim [1684124]: 792 clear Oct 13 16:42:32 bastion LinuxCommandsWazuh: User ankur [1544279]: 662 k exec -it big-o-cookie-cutter-5cc959f4f9-pw5zj bash Oct 13 16:48:40 bastion LinuxCommandsWazuh: User ankur [1544279]: 662 k exec -it big-o-cookie-cutter-5cc959f4f9-pw5zj bash Oct 13 16:48:40 bastion LinuxCommandsWazuh: User ankur [1544279]: 662 k exec -it big-o-cookie-cutter-5cc959f4f9-pw5zj bash Oct 13 16:49:57 bastion LinuxCommandsWazuh: User ankur [1544279]: 662 k exec -it big-o-cookie-cutter-5cc959f4f9-pw5zj bash Oct 13 16:53:29 bastion LinuxCommandsWazuh: User abhijeet [1711230]: 1998 sudo su ubuntu Oct 13 16:55:03 bastion LinuxCommandsWazuh: User abhijeet [1712761]: 1998 sudo su ubuntu Oct 13 16:55:55 bastion LinuxCommandsWazuh: User abhijeet [1712761]: 1999 internal-server Oct 13 16:55:59 bastion LinuxCommandsWazuh: User abhijeet [1712761]: 2000 ssh ubunut@vpn Oct 13 16:56:58 bastion LinuxCommandsWazuh: User abhijeet [1711230]: 1999 internal-server Oct 13 16:57:12 bastion LinuxCommandsWazuh: User abhijeet [1711230]: 2000 kubectl get ingress Oct 13 16:57:27 bastion LinuxCommandsWazuh: User abhijeet [1711230]: 2001 kubectl get ingress nitrox-production -o yaml Oct 13 17:02:44 bastion LinuxCommandsWazuh: User anam [1720712]: 48 internal-tool Oct 13 17:08:05 bastion LinuxCommandsWazuh: User ubuntu [1726311]: 1999 vim apps.Deployment.munshiji-green.yaml Oct 13 17:08:13 bastion LinuxCommandsWazuh: User ubuntu [1726311]: 2000 cool-server Oct 13 17:12:54 bastion LinuxCommandsWazuh: User venky [1687837]: 2001 redis Oct 13 17:12:54 bastion LinuxCommandsWazuh: User venky [1687837]: 2001 redis Oct 13 17:14:10 bastion LinuxCommandsWazuh: User venky [1687837]: 2002 kubectl edit configmap nitrox-ck-config Oct 13 17:16:16 bastion LinuxCommandsWazuh: User abhijeet [1711230]: 2002 kubectl get cm -n nitrox-production Oct 13 17:17:14 bastion LinuxCommandsWazuh: User abhijeet [1711230]: 2003 kubectl edit cm chatbot-config -n nitrox-production Oct 13 17:17:26 bastion LinuxCommandsWazuh: User abhijeet [1711230]: 2004 kubectl get deployment -n nitrox-production Oct 13 17:17:56 bastion LinuxCommandsWazuh: User abhijeet [1711230]: 2005 kubectl rollout restart deployment chatbot -n nitrox-production Oct 13 17:17:59 bastion LinuxCommandsWazuh: User abhijeet [1711230]: 2006 kubectl get deployment -n nitrox-production Oct 13 17:18:06 bastion LinuxCommandsWazuh: User abhijeet [1711230]: 2007 kubectl get pods | grep chat Oct 13 17:18:11 bastion LinuxCommandsWazuh: message repeated 4 times: [ User abhijeet [1711230]: 2007 kubectl get pods | grep chat] Oct 13 17:18:14 bastion LinuxCommandsWazuh: User abhijeet [1711230]: 2008 w Oct 13 17:18:16 bastion LinuxCommandsWazuh: User abhijeet [1711230]: 2009 kubectl get pods | grep chat Oct 13 17:18:18 bastion LinuxCommandsWazuh: User abhijeet [1711230]: 2009 kubectl get pods | grep chat Oct 13 17:18:45 bastion LinuxCommandsWazuh: User abhijeet [1711230]: 2010 kubectl logs chatbot-5f5dff9d9-9cbdk -f Oct 13 17:22:07 bastion LinuxCommandsWazuh: User venky [1687837]: 2002 kubectl edit configmap nitrox-ck-config Oct 13 17:22:07 bastion LinuxCommandsWazuh: User venky [1687837]: 2002 kubectl edit configmap nitrox-ck-config Oct 13 17:22:07 bastion LinuxCommandsWazuh: User venky [1687837]: 2002 kubectl edit configmap nitrox-ck-config Oct 13 17:22:08 bastion LinuxCommandsWazuh: User ayush [1687735]: 490 sudo su - venky Oct 13 17:22:08 bastion LinuxCommandsWazuh: User ayush [1687735]: 490 sudo su - venky Oct 13 17:27:01 bastion LinuxCommandsWazuh: User mohtashim [1745437]: 788 clickhouse-ssh Oct 13 17:29:11 bastion LinuxCommandsWazuh: User mohtashim [1745437]: 789 psql -h 10.94.16.3 -U postgres -d vortex_v2 Oct 13 17:29:42 bastion LinuxCommandsWazuh: User ayush [1748009]: 490 sudo su - venky Oct 13 17:57:31 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 1998 exit Oct 13 17:57:43 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 1999 kubectl get pods | grep big Oct 13 17:57:46 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 1999 kubectl get pods | grep big Oct 13 17:57:48 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 1999 kubectl get pods | grep big Oct 13 17:57:56 bastion LinuxCommandsWazuh: message repeated 3 times: [ User abhijeet [1775534]: 1999 kubectl get pods | grep big] Oct 13 17:58:13 bastion LinuxCommandsWazuh: User rihan [1776416]: 1425 byobu Oct 13 17:58:13 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 1999 kubectl get pods | grep big Oct 13 17:58:28 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2000 kubectl logs big-o-cookie-cutter-5cc959f4f9-w6jtl | grep MemoryLog Oct 13 17:58:32 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2000 kubectl logs big-o-cookie-cutter-5cc959f4f9-w6jtl | grep MemoryLog Oct 13 17:58:34 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2001 kubectl get pods | grep big Oct 13 17:59:01 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2001 kubectl get pods | grep big Oct 13 17:59:04 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2002 kubectl logs big-o-cookie-cutter-5cc959f4f9-w6jtl | grep MemoryLog Oct 13 17:59:06 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2002 kubectl logs big-o-cookie-cutter-5cc959f4f9-w6jtl | grep MemoryLog Oct 13 17:59:07 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2003 kubectl logs big-o-cookie-cutter-5cc959f4f9-w6jtl | grep MemoryLogw Oct 13 17:59:08 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2004 kubectl logs big-o-cookie-cutter-5cc959f4f9-w6jtl | grep MemoryLogww Oct 13 17:59:10 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2005 kubectl logs big-o-cookie-cutter-5cc959f4f9-w6jtl | grep MemoryLog Oct 13 17:59:11 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2006 kubectl logs big-o-cookie-cutter-5cc959f4f9-w6jtl | grep MemoryLogw Oct 13 17:59:15 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2007 kubectl logs big-o-cookie-cutter-5cc959f4f9-w6jtl | grep Memory Oct 13 17:59:18 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2008 kubectl logs big-o-cookie-cutter-5cc959f4f9-w6jtl 0f Oct 13 17:59:39 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2009 kubectl logs big-o-cookie-cutter-5cc959f4f9-w6jtl -f Oct 13 18:00:56 bastion LinuxCommandsWazuh: User nikhil [1779791]: 66 zodiac-server Oct 13 18:02:12 bastion LinuxCommandsWazuh: User aman [1781059]: 355 exit Oct 13 18:02:19 bastion LinuxCommandsWazuh: User aman [1781059]: 356 clear Oct 13 18:02:25 bastion LinuxCommandsWazuh: User aman [1781059]: 357 kubectl get configmap Oct 13 18:02:40 bastion LinuxCommandsWazuh: User aman [1781059]: 358 kubectl get configmap chatbot-config Oct 13 18:04:21 bastion LinuxCommandsWazuh: User aman [1781059]: 359 kubectl edit configmap chatbot-config Oct 13 18:05:31 bastion LinuxCommandsWazuh: User rihan [1555981]: 1426 mongo Oct 13 18:07:01 bastion LinuxCommandsWazuh: User ashish [1784541]: 699 byobu Oct 13 18:07:06 bastion LinuxCommandsWazuh: User aman [1781059]: 359 kubectl edit configmap chatbot-config Oct 13 18:07:58 bastion LinuxCommandsWazuh: User anam [1786472]: 48 internal-tool Oct 13 18:08:00 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2010 kubectl logs big-o-cookie-cutter-5cc959f4f9-w6jtl | grep Memory Oct 13 18:08:03 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2010 kubectl logs big-o-cookie-cutter-5cc959f4f9-w6jtl | grep Memory Oct 13 18:08:10 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2011 kubectl get pods | grep big Oct 13 18:08:25 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2012 docker logs big-o-cookie-cutter-5cc959f4f9-8msq4 -f Oct 13 18:08:25 bastion LinuxCommandsWazuh: User rihan [1787409]: 1425 byobu Oct 13 18:08:34 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2013 kubectl logs big-o-cookie-cutter-5cc959f4f9-8msq4 -f Oct 13 18:08:40 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2014 kubectl get pods | grep big Oct 13 18:08:48 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2015 kubectl logs big-o-cookie-cutter-5cc959f4f9-8msq4 --tail 100 -f Oct 13 18:08:59 bastion LinuxCommandsWazuh: User rihan [1788464]: 1425 byobu Oct 13 18:09:08 bastion LinuxCommandsWazuh: User rihan [1788464]: 1425 byobu Oct 13 18:09:53 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2016 kubectl logs big-o-cookie-cutter-5cc959f4f9-8msq4 --tail 100 -f | more Oct 13 18:10:02 bastion LinuxCommandsWazuh: User ashish [1790549]: 699 byobu Oct 13 18:10:07 bastion LinuxCommandsWazuh: User ashish [1353468]: 699 mongo pixel_v1; Oct 13 18:10:38 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2016 kubectl logs big-o-cookie-cutter-5cc959f4f9-8msq4 --tail 100 -f | more Oct 13 18:10:40 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2017 kubectl get pods | grep Oct 13 18:10:47 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2018 kubectl get pods | grep big Oct 13 18:10:50 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2018 kubectl get pods | grep big Oct 13 18:10:51 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2018 kubectl get pods | grep big Oct 13 18:10:52 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2018 kubectl get pods | grep big Oct 13 18:10:54 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2018 kubectl get pods | grep big Oct 13 18:10:55 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2018 kubectl get pods | grep big Oct 13 18:10:56 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2018 kubectl get pods | grep big Oct 13 18:11:08 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2019 watch'kubectl get pods | grep big' Oct 13 18:11:20 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2020 watch 'kubectl get pods | grep big' Oct 13 18:11:30 bastion LinuxCommandsWazuh: User ankur [1794578]: 651 byobu Oct 13 18:11:32 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2021 kubectl logs big-o-cookie-cutter-9d69978f4-sqpts -f Oct 13 18:12:17 bastion LinuxCommandsWazuh: User rihan [1776416]: 1426 make cookie-bash Oct 13 18:14:49 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2022 kubectl logs big-o-cookie-cutter-9d69978f4-sqpts -f | grep Memo Oct 13 18:14:58 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2023 watch 'kubectl get pods | grep big' Oct 13 18:15:44 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2024 kubectl logs big-o-cookie-cutter-9d69978f4-sqpts -f | grep Memo Oct 13 18:17:11 bastion LinuxCommandsWazuh: User aman [1781059]: 360 psql -h 10.94.16.3 -p 5432 -U postgres -d nitrox_v2 Oct 13 18:17:12 bastion LinuxCommandsWazuh: User aman [1781059]: 361 clear Oct 13 18:17:22 bastion LinuxCommandsWazuh: User aman [1781059]: 362 kubectl get pods | chat Oct 13 18:17:31 bastion LinuxCommandsWazuh: User aman [1781059]: 363 kubectl get pods | grep chat Oct 13 18:18:52 bastion LinuxCommandsWazuh: User aman [1781059]: 364 kubectl logs -f chatbot-747875bdd5-7fnkq Oct 13 18:18:52 bastion LinuxCommandsWazuh: User aman [1781059]: 364 kubectl logs -f chatbot-747875bdd5-7fnkq Oct 13 18:18:58 bastion LinuxCommandsWazuh: User aman [1781059]: 365 kubectl get configmap Oct 13 18:19:45 bastion LinuxCommandsWazuh: User rihan [1823864]: 1425 byobu Oct 13 18:20:36 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2025 kubectl get pods -n loki Oct 13 18:20:54 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2025 kubectl get pods -n loki Oct 13 18:21:14 bastion LinuxCommandsWazuh: message repeated 2 times: [ User abhijeet [1775534]: 2025 kubectl get pods -n loki] Oct 13 18:21:37 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2026 kubectl get logs prometheus-server-7767c5dcb6-wprk9 Oct 13 18:21:39 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2027 kubectl get logs prometheus-server-7767c5dcb6-wprk9 -f Oct 13 18:21:43 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2028 kubectl get logs prometheus-server-7767c5dcb6-wprk9 -n loki Oct 13 18:21:45 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2029 kubectl get pods -n loki Oct 13 18:21:50 bastion LinuxCommandsWazuh: User aman [1781059]: 366 kubectl edit configmap chatbot-config Oct 13 18:21:51 bastion LinuxCommandsWazuh: User aman [1781059]: 367 clear Oct 13 18:22:00 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2030 kubectl get logs prometheus-server-7767c5dcb6-wprk9 -n loki -o wiode Oct 13 18:22:04 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2031 kubectl get logs prometheus-server-7767c5dcb6-wprk9 -n loki -o wide Oct 13 18:23:50 bastion LinuxCommandsWazuh: User rihan [1835572]: 1425 byobu Oct 13 18:24:08 bastion LinuxCommandsWazuh: User rihan [1836434]: 1425 byobu Oct 13 18:24:22 bastion LinuxCommandsWazuh: User rihan [1837017]: 1425 byobu Oct 13 18:24:29 bastion LinuxCommandsWazuh: User rihan [1836434]: 1426 mongo Oct 13 18:24:57 bastion LinuxCommandsWazuh: User aman [1781059]: 368 kubectl get configmap Oct 13 18:25:03 bastion LinuxCommandsWazuh: User aman [1781059]: 369 kubectl get configmap chatbot-config Oct 13 18:25:08 bastion LinuxCommandsWazuh: User aman [1781059]: 370 kubectl view configmap chatbot-config Oct 13 18:26:20 bastion LinuxCommandsWazuh: User rihan [1842911]: 1426 mongo Oct 13 18:29:15 bastion LinuxCommandsWazuh: User aman [1781059]: 371 kubectl edit configmap chatbot-config Oct 13 18:29:16 bastion LinuxCommandsWazuh: User aman [1781059]: 372 clear Oct 13 18:29:22 bastion LinuxCommandsWazuh: User aman [1781059]: 373 kubectl get pods | grep chat Oct 13 18:30:12 bastion LinuxCommandsWazuh: User aman [1781059]: 374 kubectl delete pod chatbot-747875bdd5-7fnkq Oct 13 18:30:16 bastion LinuxCommandsWazuh: User aman [1781059]: 375 kubectl get pods | grep chat Oct 13 18:31:42 bastion LinuxCommandsWazuh: User aman [1781059]: 376 kubectl logs -f chatbot-6474f8875b-js4tk Oct 13 18:31:43 bastion LinuxCommandsWazuh: User aman [1781059]: 376 kubectl logs -f chatbot-6474f8875b-js4tk Oct 13 18:31:45 bastion LinuxCommandsWazuh: User aman [1781059]: 377 clear Oct 13 18:32:09 bastion LinuxCommandsWazuh: User ubuntu [1858436]: 1999 exit Oct 13 18:34:56 bastion LinuxCommandsWazuh: User ubuntu [1858436]: 2000 vi .bashrc Oct 13 18:40:50 bastion LinuxCommandsWazuh: User aman [1781059]: 378 psql -h 10.94.16.3 -p 5432 -U postgres -d nitrox_v2 Oct 13 18:40:51 bastion LinuxCommandsWazuh: User aman [1781059]: 379 clear Oct 13 18:41:03 bastion LinuxCommandsWazuh: User aman [1781059]: 380 sudo su -venky Oct 13 18:41:03 bastion LinuxCommandsWazuh: User aman [1781059]: 380 sudo su -venky Oct 13 18:41:13 bastion LinuxCommandsWazuh: User aman [1781059]: 381 sudo su - venky Oct 13 18:41:14 bastion LinuxCommandsWazuh: User aman [1781059]: 381 sudo su - venky Oct 13 18:41:30 bastion LinuxCommandsWazuh: User ayush [1883902]: 490 sudo su - venky Oct 13 18:41:41 bastion LinuxCommandsWazuh: User ayush [1883902]: 491 su - venky Oct 13 18:41:45 bastion LinuxCommandsWazuh: User venky [1884548]: 2000 kubectl edit configmap nitrox-ck-config Oct 13 18:41:50 bastion LinuxCommandsWazuh: User aman [1781059]: 382 su - venky Oct 13 18:41:50 bastion LinuxCommandsWazuh: User aman [1781059]: 382 su - venky Oct 13 18:41:59 bastion LinuxCommandsWazuh: User aman [1781059]: 383 sudo su - venky Oct 13 18:42:00 bastion LinuxCommandsWazuh: User aman [1781059]: 383 sudo su - venky Oct 13 18:42:06 bastion LinuxCommandsWazuh: User aman [1781059]: 384 sudo su - ayush Oct 13 18:42:06 bastion LinuxCommandsWazuh: message repeated 2 times: [ User aman [1781059]: 384 sudo su - ayush] Oct 13 18:42:19 bastion LinuxCommandsWazuh: User aman [1781059]: 385 sudo su Oct 13 18:42:19 bastion LinuxCommandsWazuh: User aman [1781059]: 385 sudo su Oct 13 18:42:20 bastion LinuxCommandsWazuh: User aman [1781059]: 386 clear Oct 13 18:42:41 bastion LinuxCommandsWazuh: User venky [1884548]: 2001 cool-server Oct 13 18:42:44 bastion LinuxCommandsWazuh: User venky [1884548]: 2002 coo Oct 13 18:42:50 bastion LinuxCommandsWazuh: User ayush [1883902]: 492 sudo su - venky Oct 13 18:42:53 bastion LinuxCommandsWazuh: User ayush [1883902]: 493 cool-server Oct 13 18:47:45 bastion LinuxCommandsWazuh: User ubuntu [1858436]: 2001 redis-ssh Oct 13 18:54:34 bastion LinuxCommandsWazuh: User rihan [1555981]: 1427 byobu Oct 13 18:55:03 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2032 kubectl get pods -n loki Oct 13 18:56:18 bastion LinuxCommandsWazuh: User ayush [1922949]: 494 exit Oct 13 18:58:32 bastion LinuxCommandsWazuh: User mohtashim [1926975]: 795 clickhouse-ssh Oct 13 18:58:50 bastion LinuxCommandsWazuh: User ubuntu [1858436]: 2002 mongo-ssh Oct 13 18:59:48 bastion LinuxCommandsWazuh: User ubuntu [1858436]: 2003 redis-url-ssh Oct 13 19:00:43 bastion LinuxCommandsWazuh: User ubuntu [1858436]: 2004 redis-secondary-ssh Oct 13 19:01:55 bastion LinuxCommandsWazuh: User ayush [1922949]: 495 mongo Oct 13 19:01:58 bastion LinuxCommandsWazuh: User ayush [1922949]: 496 redis Oct 13 19:02:08 bastion LinuxCommandsWazuh: User venky [1933379]: 2000 exit Oct 13 19:04:03 bastion LinuxCommandsWazuh: User nikhil [1936852]: 66 zodiac-server Oct 13 19:05:01 bastion LinuxCommandsWazuh: User ubuntu [1858436]: 2005 cool-server Oct 13 19:05:05 bastion LinuxCommandsWazuh: User ubuntu [1858436]: 2005 cool-server Oct 13 19:05:05 bastion LinuxCommandsWazuh: User ubuntu [1858436]: 2005 cool-server Oct 13 19:05:10 bastion LinuxCommandsWazuh: User ubuntu [1858436]: 2006 redis-secondary-ssh Oct 13 19:05:14 bastion LinuxCommandsWazuh: User ubuntu [1858436]: 2007 cool-server Oct 13 19:05:17 bastion LinuxCommandsWazuh: User ubuntu [1858436]: 2008 cd .ssh/ Oct 13 19:05:17 bastion LinuxCommandsWazuh: User ubuntu [1858436]: 2009 ls Oct 13 19:05:20 bastion LinuxCommandsWazuh: User ubuntu [1858436]: 2010 cat id_rsa.pub Oct 13 19:05:35 bastion LinuxCommandsWazuh: User ubuntu [1858436]: 2011 cd Oct 13 19:05:41 bastion LinuxCommandsWazuh: User ubuntu [1858436]: 2012 cool-server Oct 13 19:06:01 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2032 kubectl get pods -n loki Oct 13 19:06:18 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2033 kubectl delete pod prometheus-server-7767c5dcb6-2bvw2 prometheus-server-7767c5dcb6-2h8rk Oct 13 19:06:23 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2034 kubectl delete pod prometheus-server-7767c5dcb6-2bvw2 prometheus-server-7767c5dcb6-2h8rk -n loki Oct 13 19:06:25 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2035 kubectl get pods -n loki Oct 13 19:07:22 bastion LinuxCommandsWazuh: User ubuntu [1858436]: 2012 cool-server Oct 13 19:07:27 bastion LinuxCommandsWazuh: User adil [1943609]: 184 psql -U postgres Oct 13 19:07:28 bastion LinuxCommandsWazuh: User adil [1943609]: 185 cd Oct 13 19:07:28 bastion LinuxCommandsWazuh: User adil [1943609]: 186 ls Oct 13 19:07:44 bastion LinuxCommandsWazuh: User adil [1943609]: 187 crontab -e Oct 13 19:07:47 bastion LinuxCommandsWazuh: User adil [1943609]: 188 ls Oct 13 19:07:51 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2036 kubectl delete pod prometheus-server-7767c5dcb6-2t8pd prometheus-server-7767c5dcb6-47p6l prometheus-server-7767c5dcb6-4lccd prometheus-server-7767c5dcb6-4pf5g prometheus-server-7767c5dcb6-5fjvs prometheus-server-7767c5dcb6-5qddt prometheus-server-7767c5dcb6-5ssbt prometheus-server-7767c5dcb6-65xws prometheus-server-7767c5dcb6-76bl7 prometheus-server-7767c5dcb6-7btzw prometheus-server-7767c5dcb6-7crn8 prometheus-server-7767c5dcb6-8nrw9 prometheus-server-7767c5dcb6-8ptz8 prometheus-server-7767c5dcb6-8r5sb prometheus-server-7767c5dcb6-8vbpw prometheus-server-7767c5dcb6-98wx8 prometheus-server-7767c5dcb6-99z2t prometheus-server-7767c5dcb6-9m6vc prometheus-server-7767c5dcb6-9z6cm prometheus-server-7767c5dcb6-9zb5t prometheus-server-7767c5dcb6-b28xk prometheus-server-7767c5dcb6-b4tkq prometheus-server-7767c5dcb6-c2k89 prometheus-server-7767c5dcb6-c4rsr prometheus-server-7767c5dcb6-dd6r9 prometheus-server-7767c5dcb6-dg8sr prometheus-server-7767c5dcb6-f9rqk prometheus-server-7767c5dcb6 Oct 13 19:07:51 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2037 prometheus-server-7767c5dcb6-x5cll-n loki Oct 13 19:07:51 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2037 prometheus-server-7767c5dcb6-x5cll-n loki Oct 13 19:08:16 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2038 kubectl delete pod prometheus-server-7767c5dcb6-2t8pd prometheus-server-7767c5dcb6-47p6l prometheus-server-7767c5dcb6-4lccd prometheus-server-7767c5dcb6-4pf5g prometheus-server-7767c5dcb6-5fjvs prometheus-server-7767c5dcb6-5qddt prometheus-server-7767c5dcb6-5ssbt prometheus-server-7767c5dcb6-65xws prometheus-server-7767c5dcb6-76bl7 prometheus-server-7767c5dcb6-7btzw prometheus-server-7767c5dcb6-7crn8 prometheus-server-7767c5dcb6-8nrw9 prometheus-server-7767c5dcb6-8ptz8 prometheus-server-7767c5dcb6-8r5sb prometheus-server-7767c5dcb6-8vbpw prometheus-server-7767c5dcb6-98wx8 prometheus-server-7767c5dcb6-99z2t prometheus-server-7767c5dcb6-9m6vc prometheus-server-7767c5dcb6-9z6cm prometheus-server-7767c5dcb6-9zb5t prometheus-server-7767c5dcb6-b28xk prometheus-server-7767c5dcb6-b4tkq prometheus-server-7767c5dcb6-c2k89 prometheus-server-7767c5dcb6-c4rsr prometheus-server-7767c5dcb6-dd6r9 prometheus-server-7767c5dcb6-dg8sr prometheus-server-7767c5dcb6-f9rqk prometheus-server-7767c5dcb6 Oct 13 19:08:24 bastion LinuxCommandsWazuh: User mohtashim [1926975]: 796 psql Oct 13 19:08:31 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2039 kubectl get pods -n loki Oct 13 19:08:42 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2040 kubectl delete prometheus-server-7767c5dcb6-2t8pd prometheus-server-7767c5dcb6-47p6l prometheus-server-7767c5dcb6-4lccd prometheus-server-7767c5dcb6-4pf5g prometheus-server-7767c5dcb6-5fjvs prometheus-server-7767c5dcb6-5qddt prometheus-server-7767c5dcb6-5ssbt prometheus-server-7767c5dcb6-65xws prometheus-server-7767c5dcb6-76bl7 prometheus-server-7767c5dcb6-7btzw prometheus-server-7767c5dcb6-7crn8 prometheus-server-7767c5dcb6-8nrw9 prometheus-server-7767c5dcb6-8ptz8 prometheus-server-7767c5dcb6-8r5sb prometheus-server-7767c5dcb6-8vbpw prometheus-server-7767c5dcb6-98wx8 prometheus-server-7767c5dcb6-99z2t prometheus-server-7767c5dcb6-9m6vc prometheus-server-7767c5dcb6-9z6cm prometheus-server-7767c5dcb6-9zb5t prometheus-server-7767c5dcb6-b28xk prometheus-server-7767c5dcb6-b4tkq prometheus-server-7767c5dcb6-c2k89 prometheus-server-7767c5dcb6-c4rsr prometheus-server-7767c5dcb6-dd6r9 prometheus-server-7767c5dcb6-dg8sr prometheus-server-7767c5dcb6-f9rqk prometheus-server-7767c5dcb6-fg5 Oct 13 19:09:41 bastion LinuxCommandsWazuh: User adil [1943609]: 189 crontab -e Oct 13 19:10:13 bastion LinuxCommandsWazuh: User venky [1933379]: 2001 redis Oct 13 19:10:14 bastion LinuxCommandsWazuh: User ayush [1922949]: 497 sudo su - venky Oct 13 19:10:14 bastion LinuxCommandsWazuh: User ayush [1922949]: 497 sudo su - venky Oct 13 19:12:01 bastion LinuxCommandsWazuh: User adil [1943609]: 189 crontab -e Oct 13 19:12:17 bastion LinuxCommandsWazuh: User adil [1943609]: 189 crontab -e Oct 13 19:12:17 bastion LinuxCommandsWazuh: User adil [1943609]: 190 curl -s http://collab-svc.nitrocommerce.ai/external/snapchat/run/campaign-performance Oct 13 19:12:18 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2041 kubectl delete prometheus-server-7767c5dcb6-xn6hq prometheus-server-7767c5dcb6-x5cll -n loki Oct 13 19:12:23 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2041 kubectl delete prometheus-server-7767c5dcb6-xn6hq prometheus-server-7767c5dcb6-x5cll -n loki Oct 13 19:12:31 bastion LinuxCommandsWazuh: User adil [1943609]: 191 crontab -e Oct 13 19:12:33 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2042 kubectl delete pod prometheus-server-7767c5dcb6-xn6hq prometheus-server-7767c5dcb6-x5cll -n loki Oct 13 19:12:36 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2043 kubectl get pods -n loki Oct 13 19:12:41 bastion LinuxCommandsWazuh: User adil [1943609]: 191 crontab -e Oct 13 19:15:07 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2044 kubectl delete pod prometheus-server-7767c5dcb6-zvzxq -n loki Oct 13 19:15:08 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2045 kubectl get pods -n loki Oct 13 19:15:23 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2046 kubectl delete pod prometheus-server-7767c5dcb6-zprds -n loki Oct 13 19:15:27 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2047 kubectl get pods -n loki Oct 13 19:15:36 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2048 kubectl get pods -n loki -o wide Oct 13 19:16:35 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2049 kubectl get pods -n loki Oct 13 19:16:47 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2050 ls Oct 13 19:16:59 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2051 kubectl get pods -n loki Oct 13 19:17:10 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2052 kubectl logs loki-gateway-bf9bcdff9-srkrm -n loki Oct 13 19:17:49 bastion LinuxCommandsWazuh: User mohtashim [1962718]: 500 clickhouse-ssh Oct 13 19:18:10 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2053 kubectl logs loki-gateway-bf9bcdff9-srkrm -n loki | grep 13.232.83.204 Oct 13 19:18:35 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2054 kubectl logs loki-gateway-bf9bcdff9-srkrm -n loki -d| grep 13.232.83.204 Oct 13 19:31:16 bastion LinuxCommandsWazuh: User ankur [1986358]: 651 byobu Oct 13 19:31:23 bastion LinuxCommandsWazuh: User ankur [1544279]: 663 k get pods | grep big-o Oct 13 19:32:11 bastion LinuxCommandsWazuh: User ankur [1544279]: 664 k logs -f big-o-cookie-cutter-9d69978f4-6jdbl --previous | grep MemoryLog Oct 13 19:32:18 bastion LinuxCommandsWazuh: message repeated 3 times: [ User ankur [1544279]: 664 k logs -f big-o-cookie-cutter-9d69978f4-6jdbl --previous | grep MemoryLog] Oct 13 19:32:20 bastion LinuxCommandsWazuh: User ankur [1544279]: 665 k logs -f big-o-cookie-cutter-9d69978f4-6jdbl --previous | grep MemoryLog: Oct 13 19:32:41 bastion LinuxCommandsWazuh: User ankur [1544279]: 666 stern big-cookie-cuter | grep MemoryLog Oct 13 19:32:54 bastion LinuxCommandsWazuh: User ankur [1544279]: 667 stern big-o-cookie-cuter | grep MemoryLog Oct 13 19:33:03 bastion LinuxCommandsWazuh: User ankur [1544279]: 668 stern big-o-cookie-cuter | grep "MemoryLog" Oct 13 19:34:20 bastion LinuxCommandsWazuh: User ankur [1544279]: 668 stern big-o-cookie-cuter | grep "MemoryLog" Oct 13 19:34:21 bastion LinuxCommandsWazuh: message repeated 3 times: [ User ankur [1544279]: 668 stern big-o-cookie-cuter | grep "MemoryLog"] Oct 13 19:36:23 bastion LinuxCommandsWazuh: User abhijeet [2000828]: 1998 exit Oct 13 19:37:20 bastion LinuxCommandsWazuh: User abhijeet [2003444]: 1998 exit Oct 13 19:37:21 bastion LinuxCommandsWazuh: User abhijeet [2003444]: 1999 ls Oct 13 19:37:28 bastion LinuxCommandsWazuh: User abhijeet [2003444]: 2000 sudo su ubunut Oct 13 19:37:31 bastion LinuxCommandsWazuh: User ubuntu [2003942]: 1999 exit Oct 13 19:37:32 bastion LinuxCommandsWazuh: User ubuntu [2003942]: 2000 cd Oct 13 19:37:33 bastion LinuxCommandsWazuh: User ubuntu [2003942]: 2001 ls Oct 13 19:37:37 bastion LinuxCommandsWazuh: User ubuntu [2003942]: 2002 cd k8s/ Oct 13 19:37:37 bastion LinuxCommandsWazuh: User ubuntu [2003942]: 2003 ls Oct 13 19:37:39 bastion LinuxCommandsWazuh: User ubuntu [2003942]: 2004 cd nitrox-production/ Oct 13 19:37:39 bastion LinuxCommandsWazuh: User ubuntu [2003942]: 2005 ls Oct 13 19:37:42 bastion LinuxCommandsWazuh: User ubuntu [2003942]: 2005 ls Oct 13 19:37:44 bastion LinuxCommandsWazuh: User ubuntu [2003942]: 2006 lsc Oct 13 19:39:59 bastion LinuxCommandsWazuh: User ankur [1544279]: 669 ls Oct 13 19:40:06 bastion LinuxCommandsWazuh: User ankur [1544279]: 670 k get pods | grep big-o Oct 13 19:40:08 bastion LinuxCommandsWazuh: User ankur [1544279]: 670 k get pods | grep big-o Oct 13 19:40:51 bastion LinuxCommandsWazuh: User ankur [1544279]: 671 k logs big-o-cookie-cutter-9d69978f4-zwxvf --since=1h | grep MemoryLog | tail -n 50 Oct 13 19:41:51 bastion LinuxCommandsWazuh: User ankur [1544279]: 672 k logs big-o-cookie-cutter-9d69978f4-zwxvf -f | grep -i "MEMWATCH\|MemoryLog\|GC\|leak" Oct 13 19:42:06 bastion LinuxCommandsWazuh: User ankur [1544279]: 673 k logs big-o-cookie-cutter-9d69978f4-zwxvf -f | grep -i "leak" Oct 13 19:42:41 bastion LinuxCommandsWazuh: User ankur [1544279]: 674 k logs big-o-cookie-cutter-9d69978f4-zwxvf -f | grep -i "MEMWATCH\|MemoryLog\|leak" Oct 13 19:42:48 bastion LinuxCommandsWazuh: User ankur [1544279]: 675 stern big-o-cookie-cutter -f | grep -i "MEMWATCH\|MemoryLog\|leak" Oct 13 19:43:18 bastion LinuxCommandsWazuh: User ankur [1544279]: 676 stern big-o-cookie-cutter | grep -i "MEMWATCH\|MemoryLog\|leak" Oct 13 19:44:12 bastion LinuxCommandsWazuh: User ankur [1544279]: 676 stern big-o-cookie-cutter | grep -i "MEMWATCH\|MemoryLog\|leak" Oct 13 19:44:13 bastion LinuxCommandsWazuh: message repeated 3 times: [ User ankur [1544279]: 676 stern big-o-cookie-cutter | grep -i "MEMWATCH\|MemoryLog\|leak"] Oct 13 19:45:04 bastion LinuxCommandsWazuh: User abhijeet [2024097]: 1998 exit Oct 13 19:45:10 bastion LinuxCommandsWazuh: User ubuntu [2024421]: 1999 exit Oct 13 19:45:11 bastion LinuxCommandsWazuh: User ubuntu [2024421]: 2000 lsc Oct 13 19:45:12 bastion LinuxCommandsWazuh: User ubuntu [2024421]: 2001 cd Oct 13 19:45:12 bastion LinuxCommandsWazuh: User ubuntu [2024421]: 2002 ls Oct 13 19:45:14 bastion LinuxCommandsWazuh: User ubuntu [2024421]: 2002 ls Oct 13 19:45:16 bastion LinuxCommandsWazuh: User ubuntu [2024421]: 2003 cd k8s/ Oct 13 19:45:17 bastion LinuxCommandsWazuh: User ubuntu [2024421]: 2004 lscd Oct 13 19:45:18 bastion LinuxCommandsWazuh: User ubuntu [2024421]: 2005 ls Oct 13 19:45:20 bastion LinuxCommandsWazuh: User ubuntu [2024421]: 2006 cd nitrox-production/ Oct 13 19:45:20 bastion LinuxCommandsWazuh: User ubuntu [2024421]: 2007 ls Oct 13 19:45:23 bastion LinuxCommandsWazuh: User ubuntu [2024421]: 2008 cd nitrox-production/ Oct 13 19:45:23 bastion LinuxCommandsWazuh: User ubuntu [2024421]: 2009 ls Oct 13 19:45:30 bastion LinuxCommandsWazuh: User ubuntu [2024421]: 2010 cat apps.Deployment.link-ui.yaml Oct 13 19:46:53 bastion LinuxCommandsWazuh: User abhijeet [2024097]: 1999 sudo su ubuntu Oct 13 19:47:33 bastion LinuxCommandsWazuh: User abhijeet [2031566]: 1998 exit Oct 13 19:47:44 bastion LinuxCommandsWazuh: User abhijeet [2031566]: 1999 sudo su ubunut Oct 13 19:47:48 bastion LinuxCommandsWazuh: User abhijeet [2031566]: 2000 sudo su ubuntu' Oct 13 19:47:49 bastion LinuxCommandsWazuh: User ubuntu [2032292]: 1999 exit Oct 13 19:47:50 bastion LinuxCommandsWazuh: User ubuntu [2032292]: 2000 cd Oct 13 19:47:51 bastion LinuxCommandsWazuh: User ubuntu [2032292]: 2001 ls Oct 13 19:47:57 bastion LinuxCommandsWazuh: User ubuntu [2032292]: 2002 vim k8s/ Oct 13 19:48:05 bastion LinuxCommandsWazuh: User ubuntu [2032292]: 2003 cd k8s/nitrox-production/nitrox-production/ Oct 13 19:48:05 bastion LinuxCommandsWazuh: User ubuntu [2032292]: 2004 ls Oct 13 19:48:19 bastion LinuxCommandsWazuh: User ubuntu [2032292]: 2005 cat apps.Deployment.link-ui.yaml Oct 13 19:51:01 bastion LinuxCommandsWazuh: User ashish [2040824]: 699 byobu Oct 13 19:51:11 bastion LinuxCommandsWazuh: User ashish [1353468]: 700 clickhouse-ssh Oct 13 19:51:22 bastion LinuxCommandsWazuh: User ashish [1353468]: 701 kubectl get pods Oct 13 19:51:51 bastion LinuxCommandsWazuh: User ashish [1353468]: 702 kubectl logs -f cookie-cutter-newrelic-764f8d8bcd-fzrpd Oct 13 19:55:04 bastion LinuxCommandsWazuh: User ashish [1353468]: 703 kubectl get pods Oct 13 19:56:19 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2055 kubectl logs loki-gateway-bf9bcdff9-srkrm -n loki -f| grep 13.232.83.204 Oct 13 19:56:50 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2056 kubectl get pods -o wide -n loki Oct 13 19:57:01 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2057 kubectl get pods -n loki Oct 13 19:57:38 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2057 kubectl get pods -n loki Oct 13 19:57:43 bastion LinuxCommandsWazuh: message repeated 2 times: [ User abhijeet [1775534]: 2057 kubectl get pods -n loki] Oct 13 19:57:55 bastion LinuxCommandsWazuh: User ashish [1353468]: 703 kubectl get pods Oct 13 19:58:01 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2057 kubectl get pods -n loki Oct 13 19:58:08 bastion LinuxCommandsWazuh: message repeated 6 times: [ User abhijeet [1775534]: 2057 kubectl get pods -n loki] Oct 13 19:58:15 bastion LinuxCommandsWazuh: User ashish [1353468]: 704 kubectl get pods | grep cook Oct 13 19:58:29 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2058 kubectl top pods Oct 13 19:58:35 bastion LinuxCommandsWazuh: User abhijeet [1775534]: 2059 kubectl top node Oct 13 19:59:34 bastion LinuxCommandsWazuh: User abhijeet [2003444]: 2001 sudo su ubuntu Oct 13 20:00:29 bastion LinuxCommandsWazuh: User ashish [1353468]: 705 kubectl logs -f cookie-cutter-queues-7bbb5f958c-zfw7x Oct 13 20:03:30 bastion LinuxCommandsWazuh: User ubuntu [2032292]: 2006 kubectl get pods -n loki Oct 13 20:04:09 bastion LinuxCommandsWazuh: User ayush [2079264]: 497 sudo su - venky Oct 13 20:04:15 bastion LinuxCommandsWazuh: User venky [2079534]: 2000 redis Oct 13 20:05:37 bastion LinuxCommandsWazuh: User venky [2079534]: 2001 stern cookie-cutter | grep ":version_x:app.py:" Oct 13 20:05:37 bastion LinuxCommandsWazuh: User venky [2079534]: 2001 stern cookie-cutter | grep ":version_x:app.py:" Oct 13 20:06:35 bastion LinuxCommandsWazuh: User ashish [1353468]: 705 kubectl logs -f cookie-cutter-queues-7bbb5f958c-zfw7x Oct 13 20:06:35 bastion LinuxCommandsWazuh: User ashish [1353468]: 705 kubectl logs -f cookie-cutter-queues-7bbb5f958c-zfw7x Oct 13 20:06:40 bastion LinuxCommandsWazuh: User venky [2079534]: 2002 redis Oct 13 20:10:15 bastion LinuxCommandsWazuh: User venky [2079534]: 2003 stern cookie-cutter | grep ":version_x:app.py:" Oct 13 20:11:03 bastion LinuxCommandsWazuh: User ubuntu [2032292]: 2007 exity Oct 13 20:11:04 bastion LinuxCommandsWazuh: User abhijeet [2031566]: 2001 sudo su ubuntu Oct 13 20:11:14 bastion LinuxCommandsWazuh: User abhijeet [2031566]: 2002 kubectl get pods -o wide Oct 13 20:11:46 bastion LinuxCommandsWazuh: User venky [2079534]: 2004 stern cookie-cutter | grep "curl " Oct 13 20:13:53 bastion LinuxCommandsWazuh: User venky [2079534]: 2005 stern cookie-cutter | grep "N2pab2VaUVF1dHFhT29qUzN0T3VHaEdCUnNpWGl6OUZBUWNQMmdYZ2F2azo=" Oct 13 20:13:54 bastion LinuxCommandsWazuh: message repeated 2 times: [ User venky [2079534]: 2005 stern cookie-cutter | grep "N2pab2VaUVF1dHFhT29qUzN0T3VHaEdCUnNpWGl6OUZBUWNQMmdYZ2F2azo="] Oct 13 20:13:54 bastion LinuxCommandsWazuh: User ayush [2079264]: 497 sudo su - venky Oct 13 20:13:55 bastion LinuxCommandsWazuh: User ayush [2079264]: 497 sudo su - venky Oct 13 23:01:46 bastion LinuxCommandsWazuh: User ayush [2124129]: 497 sudo su - venky Oct 13 23:02:14 bastion LinuxCommandsWazuh: User ayush [2124129]: 498 mongo Oct 13 23:02:16 bastion LinuxCommandsWazuh: User ayush [2124129]: 499 redis Oct 13 23:02:24 bastion LinuxCommandsWazuh: User venky [2124191]: 2000 stern cookie-cutter | grep "N2pab2VaUVF1dHFhT29qUzN0T3VHaEdCUnNpWGl6OUZBUWNQMmdYZ2F2azo=" Oct 13 23:12:55 bastion LinuxCommandsWazuh: User venky [2124191]: 2001 redis Oct 13 23:13:04 bastion LinuxCommandsWazuh: User ayush [2125017]: 497 sudo su - venky