Nov  5 00:06:36 bastion LinuxCommandsWazuh: User ankur [1507014]:   837  k logs -f big-o-cookie-cutter-b6d5779d6-n4rz5
Nov  5 00:09:18 bastion LinuxCommandsWazuh: User ankur [1509474]:   837  k logs -f big-o-cookie-cutter-b6d5779d6-n4rz5
Nov  5 00:32:22 bastion LinuxCommandsWazuh: User sarthak.s [1526203]:    40  zodiac-ssh
Nov  5 00:44:40 bastion LinuxCommandsWazuh: User sarthak.s [1527213]:    40  zodiac-ssh
Nov  5 11:01:19 bastion LinuxCommandsWazuh: User ankur [1584397]:   848  byobu
Nov  5 11:02:15 bastion LinuxCommandsWazuh: User ankur [1584397]:   848  byobu
Nov  5 11:26:21 bastion LinuxCommandsWazuh: User sarthak.s [1587959]:    40  zodiac-ssh
Nov  5 12:23:27 bastion LinuxCommandsWazuh: User saurav [1593550]:    28  zodiac-server
Nov  5 12:23:46 bastion LinuxCommandsWazuh: User sarthak.s [1593659]:    40  zodiac-ssh
Nov  5 12:25:44 bastion LinuxCommandsWazuh: User sarthak.s [1594431]:    40  zodiac-ssh
Nov  5 12:33:39 bastion LinuxCommandsWazuh: User ankur [1594887]:   849  exit
Nov  5 12:33:54 bastion LinuxCommandsWazuh: User ankur [1595215]:   849  exit
Nov  5 12:36:07 bastion LinuxCommandsWazuh: User ankur [1595215]:   850  zodiac-scraper-ssh 
Nov  5 12:56:05 bastion LinuxCommandsWazuh: User saurav [1607355]:    28  zodiac-server
Nov  5 13:20:32 bastion LinuxCommandsWazuh: User ubuntu [1609530]:  2000  sudo su rihan
Nov  5 13:24:52 bastion LinuxCommandsWazuh: User sarthak.s [1609686]:    40  zodiac-ssh
Nov  5 13:25:59 bastion LinuxCommandsWazuh: User ubuntu [1609530]:  2001  cool-server 
Nov  5 13:27:32 bastion LinuxCommandsWazuh: User ubuntu [1610487]:  2000  exit
Nov  5 13:27:41 bastion LinuxCommandsWazuh: User saurav [1610594]:    28  zodiac-server
Nov  5 13:28:52 bastion LinuxCommandsWazuh: User ubuntu [1610487]:  2001  cool-server 
Nov  5 13:31:52 bastion LinuxCommandsWazuh: User sarthak.s [1610994]:    40  zodiac-ssh
Nov  5 13:32:51 bastion LinuxCommandsWazuh: User ubuntu [1611027]:  2000  exit
Nov  5 13:39:47 bastion LinuxCommandsWazuh: User sarthak.s [1611883]:    40  zodiac-ssh
Nov  5 14:06:12 bastion LinuxCommandsWazuh: User sarthak.s [1614581]:    40  zodiac-ssh
Nov  5 14:41:51 bastion LinuxCommandsWazuh: User ubuntu [1611027]:  2001  zodiac-scraper-ssh 
Nov  5 15:55:28 bastion LinuxCommandsWazuh: User ankur [1625211]:   852  byobu
Nov  5 16:33:45 bastion LinuxCommandsWazuh: User ankur [1644168]:   852  byobu
Nov  5 16:37:29 bastion LinuxCommandsWazuh: User ankur [1507014]:   838  clickhouse-ssh 
Nov  5 16:37:34 bastion LinuxCommandsWazuh: User ankur [1509474]:   838  kafka-ssh 
Nov  5 16:37:38 bastion LinuxCommandsWazuh: User ankur [1644168]:   852  byobu
Nov  5 16:37:42 bastion LinuxCommandsWazuh: User ankur [1644168]:   853  ps aux | grep -i byobu | grep -v grep
Nov  5 16:37:44 bastion LinuxCommandsWazuh: User ankur [1644168]:   853  ps aux | grep -i byobu | grep -v grep
Nov  5 16:37:52 bastion LinuxCommandsWazuh: User ankur [1644168]:   854  kill -9 1488531
Nov  5 16:37:54 bastion LinuxCommandsWazuh: User ankur [1648435]:   866  clickhouse-ssh 
Nov  5 16:41:21 bastion LinuxCommandsWazuh: User ankur [1644168]:   855  byobu
Nov  5 16:41:43 bastion LinuxCommandsWazuh: User ankur [1644168]:   855  byobu
Nov  5 16:41:48 bastion LinuxCommandsWazuh: User ankur [1644168]:   855  byobu
Nov  5 16:41:50 bastion LinuxCommandsWazuh: User ankur [1644168]:   856  ps aux | grep -i byobu | grep -v grep
Nov  5 16:42:16 bastion LinuxCommandsWazuh: User ankur [1644168]:   857  kill -9 1648428
Nov  5 16:42:21 bastion LinuxCommandsWazuh: User ankur [1644168]:   858  ps aux | grep -i byobu | grep -v grep
Nov  5 16:42:27 bastion LinuxCommandsWazuh: User ankur [1652266]:   866  clickhouse-ssh 
Nov  5 16:42:39 bastion LinuxCommandsWazuh: User ankur [1652266]:   867  clear
Nov  5 16:56:47 bastion LinuxCommandsWazuh: User ankur [1666854]:   866  clickhouse-ssh 
Nov  5 17:00:43 bastion LinuxCommandsWazuh: User ankur [1670597]:   866  clickhouse-ssh 
Nov  5 17:08:06 bastion LinuxCommandsWazuh: User ankur [1677938]:   872  byobu
Nov  5 17:08:18 bastion LinuxCommandsWazuh: User ankur [1670597]:   866  clickhouse-ssh 
Nov  5 17:11:43 bastion LinuxCommandsWazuh: User ankur [1681440]:   873  exit
Nov  5 17:34:28 bastion LinuxCommandsWazuh: User ankur [1703758]:   873  exit
Nov  5 17:34:38 bastion LinuxCommandsWazuh: User ankur [1703758]:   874  kubectl get pods -o wide | egrep 'urlbird|urlbird-jobs'
Nov  5 17:34:58 bastion LinuxCommandsWazuh: User ankur [1703758]:   875  kubectl describe pod urlbird-57fc8c8597-5b8cb | egrep -i "Restart|OOM|Killed|Backoff"
Nov  5 17:35:12 bastion LinuxCommandsWazuh: User ankur [1703758]:   876  kubectl describe pod urlbird-jobs-78d9676875-t4g9n | egrep -i "Restart|OOM|Killed|Backoff"
Nov  5 17:35:22 bastion LinuxCommandsWazuh: User ankur [1703758]:   877  kubectl describe pod urlbird-jobs-78d9676875-d7z5k | egrep -i "Restart|OOM|Killed|Backoff"
Nov  5 17:36:04 bastion LinuxCommandsWazuh: User ankur [1703758]:   878  kubectl get events --sort-by='.lastTimestamp' | egrep -i 'oom|killed|failed'
Nov  5 17:36:11 bastion LinuxCommandsWazuh: User ankur [1703758]:   878  kubectl get events --sort-by='.lastTimestamp' | egrep -i 'oom|killed|failed'
Nov  5 17:36:11 bastion LinuxCommandsWazuh: message repeated 2 times: [ User ankur [1703758]:   878  kubectl get events --sort-by='.lastTimestamp' | egrep -i 'oom|killed|failed']
Nov  5 17:37:38 bastion LinuxCommandsWazuh: User ankur [1703758]:   879  kubectl logs urlbird-jobs-78d9676875-t4g9n --previous
Nov  5 17:42:15 bastion LinuxCommandsWazuh: User ankur [1711901]:   873  exit
Nov  5 17:42:20 bastion LinuxCommandsWazuh: User ankur [1712024]:   873  exit
Nov  5 17:42:24 bastion LinuxCommandsWazuh: User ankur [1712024]:   874  mongo --quiet --eval "rs.status()"
Nov  5 17:42:29 bastion LinuxCommandsWazuh: message repeated 3 times: [ User ankur [1712024]:   874  mongo --quiet --eval "rs.status()"]
Nov  5 17:42:30 bastion LinuxCommandsWazuh: User ankur [1712024]:   875  clear
Nov  5 17:42:32 bastion LinuxCommandsWazuh: User ankur [1712024]:   876  mongo --quiet --eval "rs.status()"
Nov  5 17:42:48 bastion LinuxCommandsWazuh: User ankur [1712024]:   877  ls
Nov  5 17:42:56 bastion LinuxCommandsWazuh: User ankur [1712024]:   878  mongo --quiet --eval "rs.conf()"
Nov  5 17:43:37 bastion LinuxCommandsWazuh: User ankur [1712024]:   879  mongo --quiet --eval "db.getMongo().getDB('pixel_v1').getCollection('oplog.rs').find().sort({$natural:-1}).limit(1).pretty()"
Nov  5 17:43:55 bastion LinuxCommandsWazuh: User ankur [1712024]:   880  mongo --quiet --eval "db.getMongo().getDB('pixel_v1').getCollection('oplog.rs').find().sort({$natural: -1}).limit(1).pretty()"
Nov  5 17:44:20 bastion LinuxCommandsWazuh: User ankur [1712024]:   881  mongo --quiet --eval "db.getMongo().getDB('pixel_v1').getCollection('oplog.rs').find().limit(1).pretty()"
Nov  5 18:21:49 bastion LinuxCommandsWazuh: User ankur [1737161]:   874  byobu
Nov  5 18:29:24 bastion LinuxCommandsWazuh: User ankur [1712024]:   882  # run on the primary mongo shell
Nov  5 18:29:25 bastion LinuxCommandsWazuh: User ankur [1712024]:   883  mongo --quiet --eval 'rs.printReplicationInfo()'
Nov  5 18:29:55 bastion LinuxCommandsWazuh: User ankur [1712024]:   884  mongo --quiet --eval 'var db= db.getSiblingDB("pixel_v1"); var o = db.oplog.rs.find().sort({$natural:1}).limit(1)[0]; var n = db.oplog.rs.find().sort({$natural:-1}).limit(1)[0]; printjson({oldest:o.ts, oldest_date:o.ts.getTime()}); printjson({newest:n.ts, newest_date:n.ts.getTime()})'
Nov  5 18:30:13 bastion LinuxCommandsWazuh: User ankur [1712024]:   885  mongo --quiet --eval 'db = db.getSiblingDB("pixel_v1"); o = db.oplog.rs.find().sort({$natural:1}).limit(1)[0]; print(new Date(o.ts.getTime()*1000)); n = db.oplog.rs.find().sort({$natural:-1}).limit(1)[0]; print(new Date(n.ts.getTime()*1000));'
Nov  5 18:30:48 bastion LinuxCommandsWazuh: User ankur [1712024]:   885  mongo --quiet --eval 'db = db.getSiblingDB("pixel_v1"); o = db.oplog.rs.find().sort({$natural:1}).limit(1)[0]; print(new Date(o.ts.getTime()*1000)); n = db.oplog.rs.find().sort({$natural:-1}).limit(1)[0]; print(new Date(n.ts.getTime()*1000));'
Nov  5 18:30:54 bastion LinuxCommandsWazuh: User ankur [1712024]:   886  cat /var/log/mongodb/mongod.log
Nov  5 18:31:08 bastion LinuxCommandsWazuh: User ankur [1712024]:   887  sudo su
Nov  5 18:31:10 bastion LinuxCommandsWazuh: message repeated 2 times: [ User ankur [1712024]:   887  sudo su]
Nov  5 18:31:26 bastion LinuxCommandsWazuh: User ankur [1712024]:   888  sudo su ubuntu
Nov  5 18:31:51 bastion LinuxCommandsWazuh: User ankur [1712024]:   889  grep -nE "stepDown|election|initial sync|rollback|starting replication|oplog" /var/log/mongodb/mongod.log | sed -n '1,200p'
Nov  5 18:32:20 bastion LinuxCommandsWazuh: User ankur [1712024]:   890  mongo --quiet --eval 'printjson(rs.status())'
Nov  5 18:32:32 bastion LinuxCommandsWazuh: User ankur [1712024]:   891  ls
Nov  5 18:32:49 bastion LinuxCommandsWazuh: User ankur [1712024]:   892  cat bash.sh 
Nov  5 18:32:53 bastion LinuxCommandsWazuh: User ankur [1712024]:   893  ls
Nov  5 18:32:59 bastion LinuxCommandsWazuh: User ankur [1712024]:   894  cat README.md 
Nov  5 18:33:38 bastion LinuxCommandsWazuh: User ankur [1712024]:   895  make cookie-log
Nov  5 18:33:46 bastion LinuxCommandsWazuh: User ankur [1712024]:   896  make cookie-logs
Nov  5 18:33:53 bastion LinuxCommandsWazuh: User ankur [1712024]:   896  make cookie-logs
Nov  5 18:34:07 bastion LinuxCommandsWazuh: User ankur [1712024]:   896  make cookie-logs
Nov  5 18:34:15 bastion LinuxCommandsWazuh: User ankur [1712024]:   896  make cookie-logs
Nov  5 18:34:24 bastion LinuxCommandsWazuh: message repeated 5 times: [ User ankur [1712024]:   896  make cookie-logs]
Nov  5 18:34:30 bastion LinuxCommandsWazuh: User ankur [1712024]:   896  make cookie-logs
Nov  5 18:34:32 bastion LinuxCommandsWazuh: User ankur [1712024]:   897  mongo --quiet --eval 'printjson(rs.status())'
Nov  5 18:35:51 bastion LinuxCommandsWazuh: User ankur [1712024]:   898  mongo --quiet --eval 'printjson(rs.status())' | cat > starus.json
Nov  5 18:35:52 bastion LinuxCommandsWazuh: User ankur [1712024]:   899  ls
Nov  5 18:35:59 bastion LinuxCommandsWazuh: User ankur [1712024]: cat starus.json 
Nov  5 18:36:08 bastion LinuxCommandsWazuh: User ankur [1712024]: 1  head starus.json 
Nov  5 18:36:13 bastion LinuxCommandsWazuh: User ankur [1712024]: 1  head starus.json 
Nov  5 18:36:27 bastion LinuxCommandsWazuh: User ankur [1712024]: 2  cat starus.json | head
Nov  5 18:36:31 bastion LinuxCommandsWazuh: User ankur [1712024]: 3  cat starus.json | tail
Nov  5 18:36:59 bastion LinuxCommandsWazuh: User ankur [1712024]: 4  cat starus.json | more
Nov  5 18:37:13 bastion LinuxCommandsWazuh: User ankur [1712024]: 5  ls
Nov  5 18:48:12 bastion LinuxCommandsWazuh: User ankur [1712024]: 5  ls
Nov  5 18:48:13 bastion LinuxCommandsWazuh: User ankur [1712024]: 6  mongo --quiet --eval 'rs.printReplicationInfo()'
Nov  5 18:48:41 bastion LinuxCommandsWazuh: User ankur [1712024]: 7  mongo --quiet --eval 'db = db.getSiblingDB("pixel_v1"); o=db.oplog.rs.find().sort({$natural:1}).limit(1)[0]; n=db.oplog.rs.find().sort({$natural:-1}).limit(1)[0]; print("oldest:", new Date(o.ts.getTime()*1000)); print("newest:", new Date(n.ts.getTime()*1000));'
Nov  5 18:49:33 bastion LinuxCommandsWazuh: User ankur [1712024]: 8  mongo --quiet --eval '#012db = db.getSiblingDB("pixel_v1");#012o = db.oplog.rs.find().sort({$natural:1}).limit(1)[0];#012n = db.oplog.rs.find().sort({$natural:-1}).limit(1)[0];#012if (!o || !n) { print("⚠️ No oplog entries found. Are you sure this is a replica set?"); }#012else {#012  print("Oldest oplog entry:", new Date(o.ts.getTime() * 1000));#012  print("Newest oplog entry:", new Date(n.ts.getTime() * 1000));#012  print("Oplog window (seconds):", n.ts.getTime() - o.ts.getTime());#012}
Nov  5 18:49:33 bastion LinuxCommandsWazuh: message repeated 2 times: [ User ankur [1712024]: 8  mongo --quiet --eval '#012db = db.getSiblingDB("pixel_v1");#012o = db.oplog.rs.find().sort({$natural:1}).limit(1)[0];#012n = db.oplog.rs.find().sort({$natural:-1}).limit(1)[0];#012if (!o || !n) { print("⚠️ No oplog entries found. Are you sure this is a replica set?"); }#012else {#012  print("Oldest oplog entry:", new Date(o.ts.getTime() * 1000));#012  print("Newest oplog entry:", new Date(n.ts.getTime() * 1000));#012  print("Oplog window (seconds):", n.ts.getTime() - o.ts.getTime());#012}]
Nov  5 18:49:35 bastion LinuxCommandsWazuh: User ankur [1712024]: mongo --quiet --eval '#012db = db.getSiblingDB("pixel_v1");#012o = db.oplog.rs.find().sort({$natural:1}).limit(1)[0];#012n = db.oplog.rs.find().sort({$natural:-1}).limit(1)[0];#012if (!o || !n) { print("⚠️ No oplog entries found. Are you sure this is a replica set?"); }#012else {#012  print("Oldest oplog entry:", new Date(o.ts.getTime() * 1000));#012  print("Newest oplog entry:", new Date(n.ts.getTime() * 1000));#012  print("Oplog window (seconds):", n.ts.getTime() - o.ts.getTime());#012}
Nov  5 18:49:36 bastion LinuxCommandsWazuh: User ankur [1712024]: mongo --quiet --eval '#012db = db.getSiblingDB("pixel_v1");#012o = db.oplog.rs.find().sort({$natural:1}).limit(1)[0];#012n = db.oplog.rs.find().sort({$natural:-1}).limit(1)[0];#012if (!o || !n) { print("⚠️ No oplog entries found. Are you sure this is a replica set?"); }#012else {#012  print("Oldest oplog entry:", new Date(o.ts.getTime() * 1000));#012  print("Newest oplog entry:", new Date(n.ts.getTime() * 1000));#012  print("Oplog window (seconds):", n.ts.getTime() - o.ts.getTime());#012}
Nov  5 18:49:42 bastion LinuxCommandsWazuh: User ankur [1712024]: 10  mongo --quiet --eval '#012db = db.getSiblingDB("pixel_v1");#012o = db.oplog.rs.find().sort({$natural:1}).limit(1)[0];#012n = db.oplog.rs.find().sort({$natural:-1}).limit(1)[0];#012if (!o || !n) { print("⚠️ No oplog entries found. Are you sure this is a replica set?"); }#012else {#012  print("Oldest oplog entry:", new Date(o.ts.getTime() * 1000));#012  print("Newest oplog entry:", new Date(n.ts.getTime() * 1000));#012  print("Oplog window (seconds):", n.ts.getTime() - o.ts.getTime());#012}#012'
Nov  5 18:50:25 bastion LinuxCommandsWazuh: User ankur [1712024]: 11  mongo --quiet --eval 's=db.serverStatus(); printjson({opcounters:s.opcounters, opcountersRepl:s.opcountersRepl, mem:s.mem, conex:s.connections})'
Nov  5 19:15:18 bastion LinuxCommandsWazuh: User ankur [1779838]:   874  byobu
Nov  5 19:30:51 bastion LinuxCommandsWazuh: User sarthak.s [1795654]:    41  sudo su ubuntu
Nov  5 19:30:52 bastion LinuxCommandsWazuh: User ubuntu [1795697]:  2000  zodiac-scraper-ssh 
Nov  5 19:30:59 bastion LinuxCommandsWazuh: User sarthak.s [1795908]:    41  sudo su ubuntu
Nov  5 19:45:56 bastion LinuxCommandsWazuh: User sarthak.s [1811246]:    41  sudo su ubuntu
Nov  5 20:03:10 bastion LinuxCommandsWazuh: User ankur [1703758]:   880  k get pods | grep house
Nov  5 20:03:17 bastion LinuxCommandsWazuh: User ankur [1703758]:   881  k rollout restart deployment/house-of-click
Nov  5 20:07:53 bastion LinuxCommandsWazuh: User ankur [1703758]:   882  k get pods | grep house
Nov  5 20:10:44 bastion LinuxCommandsWazuh: User saurav [1835457]:    28  zodiac-server
Nov  5 20:44:35 bastion LinuxCommandsWazuh: User ankur [1712024]: 12  mongo --quiet --eval 'db = db.getSiblingDB("pixel_v1"); o = db.oplog.rs.find().sort({$natural:1}).limit(1)[0]; print(new Date(o.ts.getTime()*1000)); n = db.oplog.rs.find().sort({$natural:-1}).limit(1)[0]; print(new Date(n.ts.getTime()*1000));'
Nov  5 20:44:49 bastion LinuxCommandsWazuh: User ankur [1712024]: 13  mongo --quiet --eval 'var db= db.getSiblingDB("pixel_v1"); var o = db.oplog.rs.find().sort({$natural:1}).limit(1)[0]; var n = db.oplog.rs.find().sort({$natural:-1}).limit(1)[0]; printjson({oldest:o.ts, oldest_date:o.ts.getTime()}); printjson({newest:n.ts, newest_date:n.ts.getTime()})'
Nov  5 20:45:23 bastion LinuxCommandsWazuh: User ankur [1712024]: 13  mongo --quiet --eval 'var db= db.getSiblingDB("pixel_v1"); var o = db.oplog.rs.find().sort({$natural:1}).limit(1)[0]; var n = db.oplog.rs.find().sort({$natural:-1}).limit(1)[0]; printjson({oldest:o.ts, oldest_date:o.ts.getTime()}); printjson({newest:n.ts, newest_date:n.ts.getTime()})'
Nov  5 20:46:44 bastion LinuxCommandsWazuh: User ankur [1871329]:   874  byobu
Nov  5 21:41:14 bastion LinuxCommandsWazuh: User ankur [1900772]:   874  byobu
Nov  5 21:41:18 bastion LinuxCommandsWazuh: User ankur [1712024]: 14  mongo
Nov  5 21:41:19 bastion LinuxCommandsWazuh: User ankur [1712024]: 15  mongo --quiet --eval 's=db.serverStatus(); printjson({opcounters:s.opcounters, opcountersRepl:s.opcountersRepl, mem:s.mem, conex:s.connections})'