Oct 24 11:54:23 bastion LinuxCommandsWazuh: User rihan [1385813]: 1442 mongo Oct 24 11:54:31 bastion LinuxCommandsWazuh: User rihan [1020056]: 1440 mongo Oct 24 11:54:35 bastion LinuxCommandsWazuh: User rihan [931985]: 1440 redis Oct 24 11:55:22 bastion LinuxCommandsWazuh: User rihan [1387460]: 1443 redis Oct 24 11:56:48 bastion LinuxCommandsWazuh: User rihan [1385813]: 1443 byobu Oct 24 12:41:07 bastion LinuxCommandsWazuh: User rihan [1393036]: 1444 byobu Oct 24 12:41:14 bastion LinuxCommandsWazuh: User ubuntu [1393284]: 2000 sudo su venky Oct 24 12:42:02 bastion LinuxCommandsWazuh: User rihan [1393036]: 1444 byobu Oct 24 12:44:32 bastion LinuxCommandsWazuh: User abhijeet [1394159]: 1998 kubectl rollout status deployment chatbot -n nitrox-production Oct 24 12:44:33 bastion LinuxCommandsWazuh: User abhijeet [1394159]: 1999 ls Oct 24 12:48:27 bastion LinuxCommandsWazuh: User ubuntu [1393284]: 2001 mongo-ssh Oct 24 13:00:13 bastion LinuxCommandsWazuh: User sarthak.s [1395961]: 17 zodiac-ssh Oct 24 13:06:11 bastion LinuxCommandsWazuh: User abhijeet [1394159]: 1999 ls Oct 24 13:06:18 bastion LinuxCommandsWazuh: User abhijeet [1394159]: 2000 cd .. Oct 24 13:06:18 bastion LinuxCommandsWazuh: User abhijeet [1394159]: 2001 l Oct 24 13:06:33 bastion LinuxCommandsWazuh: User ak [1396682]: 308 exit Oct 24 13:06:36 bastion LinuxCommandsWazuh: User ak [1396682]: 309 ks Oct 24 13:06:36 bastion LinuxCommandsWazuh: User ak [1396682]: 310 cd Oct 24 13:06:56 bastion LinuxCommandsWazuh: User ak [1396682]: 311 ssh ubuntu@13.203.100.3 Oct 24 13:06:57 bastion LinuxCommandsWazuh: User ak [1396682]: 312 ls Oct 24 13:07:37 bastion LinuxCommandsWazuh: User nikhils-art [1396737]: 32 zodiac-server Oct 24 13:07:38 bastion LinuxCommandsWazuh: User nikhils-art [1396737]: 33 ls Oct 24 13:07:39 bastion LinuxCommandsWazuh: User nikhils-art [1396737]: 34 cd Oct 24 13:07:40 bastion LinuxCommandsWazuh: User nikhils-art [1396737]: 35 ls Oct 24 13:07:58 bastion LinuxCommandsWazuh: User nikhils-art [1396737]: 36 ssh ubuntu@13.203.100.3 Oct 24 13:07:59 bastion LinuxCommandsWazuh: User nikhils-art [1396737]: 37 ls Oct 24 13:08:12 bastion LinuxCommandsWazuh: User nikhils-art [1396737]: 37 ls Oct 24 13:08:41 bastion LinuxCommandsWazuh: User nikhils-art [1396737]: 38 vim .bashrc Oct 24 13:08:46 bastion LinuxCommandsWazuh: User nikhils-art [1396737]: 39 source .bashrc Oct 24 13:08:47 bastion LinuxCommandsWazuh: User nikhils-art [1396737]: 40 ls Oct 24 13:08:51 bastion LinuxCommandsWazuh: User nikhils-art [1396737]: 41 zodiac-server Oct 24 13:08:52 bastion LinuxCommandsWazuh: User nikhils-art [1396737]: 42 ls Oct 24 13:08:54 bastion LinuxCommandsWazuh: User nikhils-art [1396737]: 43 cd .. Oct 24 13:08:54 bastion LinuxCommandsWazuh: User nikhils-art [1396737]: 44 l Oct 24 13:09:10 bastion LinuxCommandsWazuh: User nikhils-art [1396737]: 45 sudo su nikhil Oct 24 13:09:18 bastion LinuxCommandsWazuh: User ak [1396682]: 313 sudo su nikhils-art Oct 24 13:09:25 bastion LinuxCommandsWazuh: User nikhil [1396872]: 70 zodiac-server Oct 24 13:09:27 bastion LinuxCommandsWazuh: User nikhil [1396872]: 71 cd Oct 24 13:09:27 bastion LinuxCommandsWazuh: User nikhil [1396872]: 72 ls Oct 24 13:09:43 bastion LinuxCommandsWazuh: User nikhil [1396872]: 73 vim .bashrc Oct 24 13:09:49 bastion LinuxCommandsWazuh: User nikhil [1396872]: 74 source .bashrc Oct 24 13:09:59 bastion LinuxCommandsWazuh: User mohtashim [1397044]: 566 psql -h 10.94.16.3 -U postgres -d vortex_v2 Oct 24 13:10:04 bastion LinuxCommandsWazuh: User nikhil [1396872]: 75 zodiac-server Oct 24 13:10:15 bastion LinuxCommandsWazuh: User mohtashim [1397044]: 567 stern cookie-cutter | grep "36f5a052-aa14-4f4f-8b67-f856f6a6ecf0 Oct 24 13:10:49 bastion LinuxCommandsWazuh: User ak [1396682]: 314 sudo su nikhil Oct 24 13:10:51 bastion LinuxCommandsWazuh: User ak [1396682]: 315 cd .. Oct 24 13:10:51 bastion LinuxCommandsWazuh: User ak [1396682]: 316 ls Oct 24 13:10:54 bastion LinuxCommandsWazuh: User mohtashim [1397044]: 568 stern cookie-cutter | grep "36f5a052-aa14-4f4f-8b67-f856f6a6ecf0" Oct 24 13:10:55 bastion LinuxCommandsWazuh: message repeated 2 times: [ User mohtashim [1397044]: 568 stern cookie-cutter | grep "36f5a052-aa14-4f4f-8b67-f856f6a6ecf0"] Oct 24 13:10:58 bastion LinuxCommandsWazuh: User ak [1396682]: 317 sudo su nitro sandeep service.json stage Oct 24 13:10:58 bastion LinuxCommandsWazuh: User ak [1396682]: 318 aarzoo ak aman ankur audit.sh devyanshu nikhil ping-pong sarthak.s shadab ubuntu Oct 24 13:11:08 bastion LinuxCommandsWazuh: User saurav [1397285]: 18 zodiac-server Oct 24 13:11:09 bastion LinuxCommandsWazuh: User saurav [1397285]: 19 cd Oct 24 13:11:26 bastion LinuxCommandsWazuh: User saurav [1397285]: 20 vim .bashrc Oct 24 13:11:33 bastion LinuxCommandsWazuh: User saurav [1397285]: 21 source .bashrc Oct 24 13:11:39 bastion LinuxCommandsWazuh: User saurav [1397285]: 22 zodiac-server Oct 24 13:11:40 bastion LinuxCommandsWazuh: User saurav [1397285]: 23 ls Oct 24 13:11:42 bastion LinuxCommandsWazuh: User ak [1396682]: 319 sudo su saurav Oct 24 13:11:45 bastion LinuxCommandsWazuh: User ak [1396682]: 320 ls Oct 24 13:12:23 bastion LinuxCommandsWazuh: User sarthak.s [1397373]: 17 zodiac-ssh Oct 24 13:12:28 bastion LinuxCommandsWazuh: User sarthak.s [1397373]: 18 zodiac-ssh Oct 24 13:12:29 bastion LinuxCommandsWazuh: User sarthak.s [1397373]: 19 ls Oct 24 13:12:33 bastion LinuxCommandsWazuh: User sarthak.s [1397373]: 20 cd Oct 24 13:12:34 bastion LinuxCommandsWazuh: User sarthak.s [1397373]: 21 ls Oct 24 13:12:50 bastion LinuxCommandsWazuh: User sarthak.s [1397373]: 22 vim .bashrc Oct 24 13:12:55 bastion LinuxCommandsWazuh: User sarthak.s [1397373]: 23 source .bashrc Oct 24 13:13:03 bastion LinuxCommandsWazuh: User sarthak.s [1397373]: 24 zodiac-ssh Oct 24 13:13:03 bastion LinuxCommandsWazuh: User sarthak.s [1397373]: 25 ls Oct 24 13:13:06 bastion LinuxCommandsWazuh: User ak [1396682]: 321 sudo su sarthak.s Oct 24 13:13:07 bastion LinuxCommandsWazuh: User ak [1396682]: 322 ls Oct 24 13:13:17 bastion LinuxCommandsWazuh: User venky [1397488]: 2000 stern chatbot-76d5c5496b-mfp28 Oct 24 13:13:21 bastion LinuxCommandsWazuh: User venky [1397488]: 2001 cd Oct 24 13:13:45 bastion LinuxCommandsWazuh: User venky [1397488]: 2002 vim .bashrc Oct 24 13:13:54 bastion LinuxCommandsWazuh: User venky [1397488]: 2003 source .bashrc Oct 24 13:14:00 bastion LinuxCommandsWazuh: User venky [1397488]: 2004 zodiac-server Oct 24 13:14:01 bastion LinuxCommandsWazuh: User venky [1397488]: 2005 ls Oct 24 13:14:03 bastion LinuxCommandsWazuh: User ak [1396682]: 323 sudo su venky Oct 24 13:14:06 bastion LinuxCommandsWazuh: User ankur [1397593]: 550 byobu Oct 24 13:14:16 bastion LinuxCommandsWazuh: User ankur [1397593]: 551 cd Oct 24 13:14:24 bastion LinuxCommandsWazuh: User ankur [1397593]: 552 vim .bashrc Oct 24 13:14:50 bastion LinuxCommandsWazuh: User ankur [1397593]: 552 vim .bashrc Oct 24 13:14:51 bastion LinuxCommandsWazuh: User ankur [1397593]: 553 ls Oct 24 13:14:55 bastion LinuxCommandsWazuh: User ankur [1397593]: 554 source .bashrc Oct 24 13:15:06 bastion LinuxCommandsWazuh: User ankur [1397593]: 555 zodiac-server Oct 24 13:15:08 bastion LinuxCommandsWazuh: User mohtashim [1397044]: 569 stern cookie-cutter | grep "zoho" Oct 24 13:15:10 bastion LinuxCommandsWazuh: User ak [1396682]: 324 sudo su ankur Oct 24 13:15:10 bastion LinuxCommandsWazuh: User ak [1396682]: 325 ls Oct 24 13:15:23 bastion LinuxCommandsWazuh: User mohtashim [1398394]: 570 exit Oct 24 13:15:25 bastion LinuxCommandsWazuh: User mohtashim [1398394]: 571 cd Oct 24 13:15:37 bastion LinuxCommandsWazuh: User mohtashim [1398394]: 572 vim .bashrc Oct 24 13:15:43 bastion LinuxCommandsWazuh: User mohtashim [1398394]: 573 source .bashrc Oct 24 13:15:48 bastion LinuxCommandsWazuh: User mohtashim [1398394]: 574 zodiac-server Oct 24 13:15:50 bastion LinuxCommandsWazuh: User ak [1396682]: 326 sudo su mohtashim Oct 24 13:15:51 bastion LinuxCommandsWazuh: User ak [1396682]: 327 ls Oct 24 13:15:57 bastion LinuxCommandsWazuh: User shamailtayyab [1398492]: 1997 zodiac-server Oct 24 13:16:02 bastion LinuxCommandsWazuh: User shamailtayyab [1398492]: 1998 cd Oct 24 13:16:13 bastion LinuxCommandsWazuh: User shamailtayyab [1398492]: 1999 vim .bashrc Oct 24 13:16:18 bastion LinuxCommandsWazuh: User shamailtayyab [1398492]: 2000 source .bashrc Oct 24 13:16:23 bastion LinuxCommandsWazuh: User shamailtayyab [1398492]: 2001 zodiac-server Oct 24 13:16:24 bastion LinuxCommandsWazuh: User shamailtayyab [1398492]: 2002 ls Oct 24 13:16:26 bastion LinuxCommandsWazuh: User ak [1396682]: 328 sudo su shamailtayyab Oct 24 13:16:26 bastion LinuxCommandsWazuh: User ak [1396682]: 329 l Oct 24 13:16:32 bastion LinuxCommandsWazuh: User rihan [1398578]: 1444 byobu Oct 24 13:16:34 bastion LinuxCommandsWazuh: User rihan [1398578]: 1445 cd Oct 24 13:16:44 bastion LinuxCommandsWazuh: User rihan [1398578]: 1446 zodiac-server Oct 24 13:16:44 bastion LinuxCommandsWazuh: User rihan [1398578]: 1447 ls Oct 24 13:16:56 bastion LinuxCommandsWazuh: User rihan [1398578]: 1448 vim .bashrc Oct 24 13:17:02 bastion LinuxCommandsWazuh: User rihan [1398578]: 1449 source .bashrc Oct 24 13:17:02 bastion LinuxCommandsWazuh: User rihan [1398578]: 1450 l Oct 24 13:17:10 bastion LinuxCommandsWazuh: User rihan [1398578]: 1451 zodiac-server Oct 24 13:17:10 bastion LinuxCommandsWazuh: User rihan [1398578]: 1452 ls Oct 24 13:17:13 bastion LinuxCommandsWazuh: User ak [1396682]: 330 sudo su rihan Oct 24 13:17:13 bastion LinuxCommandsWazuh: User ak [1396682]: 331 ls Oct 24 13:17:18 bastion LinuxCommandsWazuh: User ak [1396682]: 332 cd Oct 24 13:19:03 bastion LinuxCommandsWazuh: User mohtashim [1398806]: 575 exit Oct 24 13:24:15 bastion LinuxCommandsWazuh: User sarthak.s [1395961]: 17 zodiac-ssh Oct 24 13:28:56 bastion LinuxCommandsWazuh: User mohtashim [1398806]: 576 psql -h 10.94.16.3 -U postgres -d vortex_v2 Oct 24 13:29:51 bastion LinuxCommandsWazuh: message repeated 2 times: [ User mohtashim [1398806]: 576 psql -h 10.94.16.3 -U postgres -d vortex_v2] Oct 24 13:29:59 bastion LinuxCommandsWazuh: User sarthak.s [1399801]: 26 exit Oct 24 13:31:49 bastion LinuxCommandsWazuh: User anam [1400157]: 50 internal-tool Oct 24 13:37:50 bastion LinuxCommandsWazuh: User ak [1396682]: 333 cd Oct 24 13:37:51 bastion LinuxCommandsWazuh: User ak [1396682]: 334 ls Oct 24 13:38:02 bastion LinuxCommandsWazuh: User abhijeet [1394159]: 2002 sudo su ak Oct 24 13:38:03 bastion LinuxCommandsWazuh: User abhijeet [1394159]: 2003 ls Oct 24 13:38:04 bastion LinuxCommandsWazuh: User abhijeet [1394159]: 2004 cd Oct 24 13:38:04 bastion LinuxCommandsWazuh: User abhijeet [1394159]: 2005 l Oct 24 13:38:55 bastion LinuxCommandsWazuh: User abhijeet [1394159]: 2006 vim .ssh/authorized_keys Oct 24 13:40:05 bastion LinuxCommandsWazuh: User abhijeet [1401217]: 1998 exit Oct 24 13:40:38 bastion LinuxCommandsWazuh: User anam [1400157]: 51 echo "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILGQUpKh5PlznhnnfaLfITS3Uwxip5tyiydsTDbuM1lU anam@Anams-MacBook-Air.local" >> ~/.ssh/authorized_keys Oct 24 13:40:50 bastion LinuxCommandsWazuh: User anam [1400157]: 52 chmod 700 ~/.ssh Oct 24 13:40:50 bastion LinuxCommandsWazuh: User anam [1400157]: 53 chmod 600 ~/.ssh/authorized_keys Oct 24 13:40:51 bastion LinuxCommandsWazuh: User anam [1400157]: 53 chmod 600 ~/.ssh/authorized_keys Oct 24 13:42:01 bastion LinuxCommandsWazuh: User anam [1401430]: 50 internal-tool Oct 24 13:44:08 bastion LinuxCommandsWazuh: User anam [1401430]: 51 pr-server Oct 24 13:44:14 bastion LinuxCommandsWazuh: User venky [1401604]: 2000 exit Oct 24 13:44:18 bastion LinuxCommandsWazuh: User mohtashim [1401711]: 576 psql -h 10.94.16.3 -U postgres -d vortex_v2 Oct 24 13:44:21 bastion LinuxCommandsWazuh: User venky [1401604]: 2000 exit Oct 24 13:44:24 bastion LinuxCommandsWazuh: User venky [1401604]: 2001 curl 'https://cdn.bff.zeptonow.com/api/v3/search' -H 'sec-ch-ua-platform: "Linux"' -H 'x-xsrf-token: GdcTCgsEWbqLli3uqI_k4:o8NJsdYCB2QtHEVeB2c1Rxw2y-0.CE+Sg77pN+ANk5wQR0hf+lw/wtQMBeW0DVf9RZ53fvc' -H 'sec-ch-ua: "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141"' -H 'storeId: b4dc8d65-ed2e-4142-81b6-373982b13500' -H 'request_id: 987a69b7-d8d3-477d-b033-5164de2f56e3' -H 'store_id: b4dc8d65-ed2e-4142-81b6-373982b13500' -H 'sec-ch-ua-mobile: ?0' -H 'deviceId: 3874e4a7-bc94-4b87-b94d-2413b02f74cf' -H 'store_ids: b4dc8d65-ed2e-4142-81b6-373982b13500' -H 'appVersion: 13.28.2' -H 'session_id: 572f56bc-13ca-4670-96e4-d6bf547720fc' -H 'marketplace_type: ZEPTO_NOW' -H 'requestId: 987a69b7-d8d3-477d-b033-5164de2f56e3' -H 'Accept: application/json, text/plain, */*' -H 'device_id: 3874e4a7-bc94-4b87-b94d-2413b02f74cf' -H 'Content-Type: application/json' -H 'x-csrf-secret: tTspq0V5KQs' -H 'platform: WEB' -H 'sessionId: 572f56bc-13ca-4670-96e4-d Oct 24 13:45:24 bastion LinuxCommandsWazuh: User venky [1401604]: 2001 curl 'https://cdn.bff.zeptonow.com/api/v3/search' -H 'sec-ch-ua-platform: "Linux"' -H 'x-xsrf-token: GdcTCgsEWbqLli3uqI_k4:o8NJsdYCB2QtHEVeB2c1Rxw2y-0.CE+Sg77pN+ANk5wQR0hf+lw/wtQMBeW0DVf9RZ53fvc' -H 'sec-ch-ua: "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141"' -H 'storeId: b4dc8d65-ed2e-4142-81b6-373982b13500' -H 'request_id: 987a69b7-d8d3-477d-b033-5164de2f56e3' -H 'store_id: b4dc8d65-ed2e-4142-81b6-373982b13500' -H 'sec-ch-ua-mobile: ?0' -H 'deviceId: 3874e4a7-bc94-4b87-b94d-2413b02f74cf' -H 'store_ids: b4dc8d65-ed2e-4142-81b6-373982b13500' -H 'appVersion: 13.28.2' -H 'session_id: 572f56bc-13ca-4670-96e4-d6bf547720fc' -H 'marketplace_type: ZEPTO_NOW' -H 'requestId: 987a69b7-d8d3-477d-b033-5164de2f56e3' -H 'Accept: application/json, text/plain, */*' -H 'device_id: 3874e4a7-bc94-4b87-b94d-2413b02f74cf' -H 'Content-Type: application/json' -H 'x-csrf-secret: tTspq0V5KQs' -H 'platform: WEB' -H 'sessionId: 572f56bc-13ca-4670-96e4-d Oct 24 13:45:52 bastion LinuxCommandsWazuh: User mohtashim [1401711]: 576 psql -h 10.94.16.3 -U postgres -d vortex_v2 Oct 24 13:47:26 bastion LinuxCommandsWazuh: User abhijeet [1402573]: 1998 exit Oct 24 13:47:43 bastion LinuxCommandsWazuh: User abhijeet [1402573]: 1999 kubectl get pods Oct 24 13:53:40 bastion LinuxCommandsWazuh: User abhijeet [1403013]: 1998 exit Oct 24 13:53:45 bastion LinuxCommandsWazuh: User abhijeet [1403013]: 1999 kubectl get pods Oct 24 13:56:50 bastion LinuxCommandsWazuh: User abhijeet [1403013]: 2000 kubectl delete pods --field-selector status.phase=Failed --all-namespaces Oct 24 13:57:13 bastion LinuxCommandsWazuh: User abhijeet [1403013]: 2001 ls Oct 24 13:57:17 bastion LinuxCommandsWazuh: User abhijeet [1403013]: 2002 kubectl get pods Oct 24 13:57:38 bastion LinuxCommandsWazuh: User abhijeet [1403013]: 2003 kubectl logs big-o-cookie-cutter-9d69978f4-mzfvd Oct 24 13:57:38 bastion LinuxCommandsWazuh: User abhijeet [1403013]: 2003 kubectl logs big-o-cookie-cutter-9d69978f4-mzfvd Oct 24 13:57:43 bastion LinuxCommandsWazuh: User abhijeet [1403013]: 2004 kubectl logs big-o-cookie-cutter-9d69978f4-mzfvd --tail 100 -f Oct 24 13:57:56 bastion LinuxCommandsWazuh: User abhijeet [1403013]: 2005 kubectl delete pod big-o-cookie-cutter-9d69978f4-mzfvd Oct 24 13:57:59 bastion LinuxCommandsWazuh: User abhijeet [1403013]: 2006 kubectl get pods Oct 24 13:58:14 bastion LinuxCommandsWazuh: User abhijeet [1403013]: 2006 kubectl get pods Oct 24 13:58:55 bastion LinuxCommandsWazuh: User abhijeet [1403013]: 2007 kubectl get pods --watch Oct 24 13:59:01 bastion LinuxCommandsWazuh: User abhijeet [1403013]: 2008 kubectl get pods Oct 24 13:59:38 bastion LinuxCommandsWazuh: User abhijeet [1403013]: 2008 kubectl get pods Oct 24 15:06:55 bastion LinuxCommandsWazuh: User venky [1410347]: 2000 curl 'https://cdn.bff.zeptonow.com/api/v3/search' -H 'sec-ch-ua-platform: "Linux"' -H 'x-xsrf-token: GdcTCgsEWbqLli3uqI_k4:o8NJsdYCB2QtHEVeB2c1Rxw2y-0.CE+Sg77pN+ANk5wQR0hf+lw/wtQMBeW0DVf9RZ53fvc' -H 'sec-ch-ua: "Google Chrome";v="141", "Not?A_Brand";v="8", "Chromium";v="141"' -H 'storeId: b4dc8d65-ed2e-4142-81b6-373982b13500' -H 'request_id: 987a69b7-d8d3-477d-b033-5164de2f56e3' -H 'store_id: b4dc8d65-ed2e-4142-81b6-373982b13500' -H 'sec-ch-ua-mobile: ?0' -H 'deviceId: 3874e4a7-bc94-4b87-b94d-2413b02f74cf' -H 'store_ids: b4dc8d65-ed2e-4142-81b6-373982b13500' -H 'appVersion: 13.28.2' -H 'session_id: 572f56bc-13ca-4670-96e4-d6bf547720fc' -H 'marketplace_type: ZEPTO_NOW' -H 'requestId: 987a69b7-d8d3-477d-b033-5164de2f56e3' -H 'Accept: application/json, text/plain, */*' -H 'device_id: 3874e4a7-bc94-4b87-b94d-2413b02f74cf' -H 'Content-Type: application/json' -H 'x-csrf-secret: tTspq0V5KQs' -H 'platform: WEB' -H 'sessionId: 572f56bc-13ca-4670-96e4-d Oct 24 15:06:55 bastion LinuxCommandsWazuh: User venky [1410347]: 2001 curl 'https://cdn.bff.zeptonow.com/api/v3/search' -X 'OPTIONS' -H 'accept: */*' -H 'accept-language: en-GB,en-US;q=0.9,en;q=0.8' -H 'access-control-request-headers: app_sub_platform,app_version,appversion,auth_revamp_flow,compatible_components,content-type,device_id,deviceid,marketplace_type,platform,request-signature,request_id,requestid,session_id,sessionid,store_etas,store_id,store_ids,storeid,tenant,x-csrf-secret,x-timezone,x-without-bearer,x-xsrf-token' -H 'access-control-request-method: POST' -H 'origin: https://www.zeptonow.com' -H 'priority: u=1, i' -H 'referer: https://www.zeptonow.com/' -H 'sec-fetch-dest: empty' -H 'sec-fetch-mode: cors' -H 'sec-fetch-site: same-site' -H 'user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36' Oct 24 15:07:23 bastion LinuxCommandsWazuh: User venky [1410347]: 2001 curl 'https://cdn.bff.zeptonow.com/api/v3/search' -X 'OPTIONS' -H 'accept: */*' -H 'accept-language: en-GB,en-US;q=0.9,en;q=0.8' -H 'access-control-request-headers: app_sub_platform,app_version,appversion,auth_revamp_flow,compatible_components,content-type,device_id,deviceid,marketplace_type,platform,request-signature,request_id,requestid,session_id,sessionid,store_etas,store_id,store_ids,storeid,tenant,x-csrf-secret,x-timezone,x-without-bearer,x-xsrf-token' -H 'access-control-request-method: POST' -H 'origin: https://www.zeptonow.com' -H 'priority: u=1, i' -H 'referer: https://www.zeptonow.com/' -H 'sec-fetch-dest: empty' -H 'sec-fetch-mode: cors' -H 'sec-fetch-site: same-site' -H 'user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36' Oct 24 16:09:28 bastion LinuxCommandsWazuh: User mohtashim [1416213]: 576 psql -h 10.94.16.3 -U postgres -d vortex_v2 Oct 24 16:09:30 bastion LinuxCommandsWazuh: User mohtashim [1416213]: 577 clear Oct 24 16:15:48 bastion LinuxCommandsWazuh: User anam [1417144]: 55 internal-tool Oct 24 16:38:30 bastion LinuxCommandsWazuh: User rihan [1418960]: 1453 exit Oct 24 17:44:29 bastion LinuxCommandsWazuh: User rihan [1418960]: 1454 byobu Oct 24 17:53:51 bastion LinuxCommandsWazuh: User rihan [1484730]: 1454 byobu Oct 24 17:54:30 bastion LinuxCommandsWazuh: User mohtashim [1401711]: 576 psql -h 10.94.16.3 -U postgres -d vortex_v2 Oct 24 17:55:03 bastion LinuxCommandsWazuh: User mohtashim [1401711]: 577 stern vortex | grep "1f85df49-1e64-45a0-b1b4-30270f4f0117" Oct 24 17:55:03 bastion LinuxCommandsWazuh: User mohtashim [1401711]: 577 stern vortex | grep "1f85df49-1e64-45a0-b1b4-30270f4f0117"