Nov 17 23:50:45 bastion LinuxCommandsWazuh: User ashish [1878011]: 22  byobu
Nov 17 23:53:45 bastion LinuxCommandsWazuh: User ankur [1880860]:   649  mongo-ssh 
Nov 17 23:58:51 bastion LinuxCommandsWazuh: User ankur [1880860]:   649  mongo-ssh 
Nov 17 23:58:52 bastion LinuxCommandsWazuh: message repeated 4 times: [ User ankur [1880860]:   649  mongo-ssh ]
Nov 18 00:01:33 bastion LinuxCommandsWazuh: User ankur [1891536]:   649  mongo-ssh 
Nov 18 00:01:40 bastion LinuxCommandsWazuh: User ankur [1891536]:   650  mongo --eval "rs.status();"
Nov 18 00:01:43 bastion LinuxCommandsWazuh: User ankur [1891536]:   651  ls
Nov 18 00:03:47 bastion LinuxCommandsWazuh: User ankur [1891536]:   652  mongo --eval "rs.status();" | cat > mongo_status.json
Nov 18 00:03:49 bastion LinuxCommandsWazuh: User ankur [1891536]:   653  ls
Nov 18 00:03:52 bastion LinuxCommandsWazuh: User ankur [1891536]:   654  cat mongo_status.json 
Nov 18 00:04:01 bastion LinuxCommandsWazuh: User ankur [1891536]:   655  cat mongo_status.json | more
Nov 18 00:04:02 bastion LinuxCommandsWazuh: message repeated 9 times: [ User ankur [1891536]:   655  cat mongo_status.json | more]
Nov 18 00:08:45 bastion LinuxCommandsWazuh: User ashish [1905219]: 22  byobu
Nov 18 00:08:47 bastion LinuxCommandsWazuh: message repeated 3 times: [ User ashish [1905219]: 22  byobu]
Nov 18 00:12:20 bastion LinuxCommandsWazuh: User ankur [1891536]:   655  cat mongo_status.json | more
Nov 18 00:12:20 bastion LinuxCommandsWazuh: User ankur [1891536]:   655  cat mongo_status.json | more
Nov 18 00:13:43 bastion LinuxCommandsWazuh: User ankur [1891536]:   656  ls
Nov 18 00:14:04 bastion LinuxCommandsWazuh: User ankur [1891536]:   657  mongo --eval "rs.printReplicationInfo();" | cat > mongo_repl.json
Nov 18 00:14:09 bastion LinuxCommandsWazuh: User ankur [1891536]:   658  cat mongo_repl.json 
Nov 18 00:15:30 bastion LinuxCommandsWazuh: User ankur [1891536]:   658  cat mongo_repl.json 
Nov 18 00:15:37 bastion LinuxCommandsWazuh: User ankur [1891536]:   659  mongo --eval "db.getSiblingDB('local').oplog.rs.stats();"
Nov 18 00:16:06 bastion LinuxCommandsWazuh: User ankur [1891536]:   660  ls
Nov 18 00:16:15 bastion LinuxCommandsWazuh: User ankur [1891536]:   661  mkdir -p mongo_stats
Nov 18 00:16:16 bastion LinuxCommandsWazuh: User ankur [1891536]:   662  ls
Nov 18 00:16:38 bastion LinuxCommandsWazuh: User ankur [1891536]:   663  mv mongo_status.json mongo_stats/
Nov 18 00:16:38 bastion LinuxCommandsWazuh: User ankur [1891536]:   664  ls
Nov 18 00:16:49 bastion LinuxCommandsWazuh: User ankur [1891536]:   665  mv mongo_repl.json mongo_stats/
Nov 18 00:16:49 bastion LinuxCommandsWazuh: User ankur [1891536]:   666  ls
Nov 18 00:16:53 bastion LinuxCommandsWazuh: User ankur [1891536]:   667  cd mongo_stats/
Nov 18 00:16:53 bastion LinuxCommandsWazuh: User ankur [1891536]:   668  ls
Nov 18 00:16:56 bastion LinuxCommandsWazuh: User ankur [1891536]:   669  cd 
Nov 18 00:16:57 bastion LinuxCommandsWazuh: User ankur [1891536]:   670  ls
Nov 18 00:17:15 bastion LinuxCommandsWazuh: User ankur [1891536]:   671  mongo --eval "db.getSiblingDB('pixel_v1').oplog.rs.stats();"
Nov 18 00:17:56 bastion LinuxCommandsWazuh: User ankur [1891536]:   672  mongo --eval "db.getSiblingDB('local').oplog.rs.stats();" | cat > mongo_stats/mongo_op_stats.json
Nov 18 00:18:06 bastion LinuxCommandsWazuh: User ankur [1891536]:   673  mongo --eval "const o=db.getSiblingDB('local').oplog.rs.find().sort({$natural:1}).limit(1).next(); const n=db.getSiblingDB('local').oplog.rs.find().sort({$natural:-1}).limit(1).next(); print('earliest', o.ts.t, new Date(o.ts.getTime()*1000)); print('latest', n.ts.t, new Date(n.ts.getTime()*1000));"
Nov 18 00:18:11 bastion LinuxCommandsWazuh: User ankur [1891536]:   673  mongo --eval "const o=db.getSiblingDB('local').oplog.rs.find().sort({$natural:1}).limit(1).next(); const n=db.getSiblingDB('local').oplog.rs.find().sort({$natural:-1}).limit(1).next(); print('earliest', o.ts.t, new Date(o.ts.getTime()*1000)); print('latest', n.ts.t, new Date(n.ts.getTime()*1000));"
Nov 18 00:18:19 bastion LinuxCommandsWazuh: User ankur [1891536]:   673  mongo --eval "const o=db.getSiblingDB('local').oplog.rs.find().sort({$natural:1}).limit(1).next(); const n=db.getSiblingDB('local').oplog.rs.find().sort({$natural:-1}).limit(1).next(); print('earliest', o.ts.t, new Date(o.ts.getTime()*1000)); print('latest', n.ts.t, new Date(n.ts.getTime()*1000));"
Nov 18 00:19:07 bastion LinuxCommandsWazuh: User ankur [1891536]:   674  ls
Nov 18 00:19:08 bastion LinuxCommandsWazuh: User ankur [1891536]:   675  cd mongo_stats/
Nov 18 00:19:09 bastion LinuxCommandsWazuh: User ankur [1891536]:   676  s
Nov 18 00:19:10 bastion LinuxCommandsWazuh: User ankur [1891536]:   677  ls
Nov 18 00:19:14 bastion LinuxCommandsWazuh: User ankur [1891536]:   678  cat mongo_op_stats.json 
Nov 18 00:23:54 bastion LinuxCommandsWazuh: User ankur [1891536]:   679  ls
Nov 18 00:23:55 bastion LinuxCommandsWazuh: User ankur [1891536]:   680  cd 
Nov 18 00:24:02 bastion LinuxCommandsWazuh: User ankur [1891536]:   681  mongo --eval "rs.printSlaveReplicationInfo();"
Nov 18 00:24:15 bastion LinuxCommandsWazuh: User ankur [1891536]:   682  mongo --eval "rs.printSecondaryReplicationInfo();"
Nov 18 00:24:20 bastion LinuxCommandsWazuh: User ankur [1891536]:   683  mongo --host 10.190.0.29:27017 --eval "db.adminCommand({replSetGetStatus:1}).members.forEach(m=>printjson({name:m.name,stateStr:m.stateStr,health:m.health,optimeDate:m.optimeDate}))"
Nov 18 00:24:28 bastion LinuxCommandsWazuh: User ankur [1891536]:   684  mongo --eval "db.adminCommand({replSetGetStatus:1}).members.forEach(m=>printjson({name:m.name,stateStr:m.stateStr,health:m.health,optimeDate:m.optimeDate}))"
Nov 18 00:25:05 bastion LinuxCommandsWazuh: User ankur [1891536]:   685  mongo --eval "var before = db.serverStatus().opcounters; sleep(5000); var after = db.serverStatus().opcounters; printjson({writes:(after.insert+after.update+after.delete)-(before.insert+before.update+before.delete)});"
Nov 18 00:30:27 bastion LinuxCommandsWazuh: User ankur [1891536]:   686  mongo --eval "db.adminCommand({getParameter:1, 'oplogSize':1})"
Nov 18 00:34:41 bastion LinuxCommandsWazuh: User ankur [1891536]:   687  mongo --quiet --eval '#012var s=db.getSiblingDB("local").oplog.rs.stats();#012printjson(s);#012var first=db.getSiblingDB("local").oplog.rs.find().sort({$natural:1}).limit(1).next();#012var last=db.getSiblingDB("local").oplog.rs.find().sort({$natural:-1}).limit(1).next();#012print("earliest:", first.ts.t, new Date(first.ts.getTime()*1000));#012print("latest:  ", last.ts.t, new Date(last.ts.getTime()*1000));#012'
Nov 18 00:38:43 bastion LinuxCommandsWazuh: User ankur [1891536]:   688  mongo --quiet --eval '#012var first=db.getSiblingDB("local").oplog.rs.find().sort({$natural:1}).limit(1).next().ts;#012var last=db.getSiblingDB("local").oplog.rs.find().sort({$natural:-1}).limit(1).next().ts;#012var mins = Math.round((last.getTime() - first.getTime())/60000);#012print("oplog_window_minutes:"+mins);#012'
Nov 18 00:58:27 bastion LinuxCommandsWazuh: User ashish [1999411]: 22  byobu
Nov 18 01:01:07 bastion LinuxCommandsWazuh: User ankur [1891536]:   689  mongo --quiet --eval 'var b=db.serverStatus().opcounters; sleep(60000); var a=db.serverStatus().opcounters; printjson({writes_per_min:(a.insert+a.update+a.delete)-(b.insert+b.update+b.delete)});'
Nov 18 01:01:16 bastion LinuxCommandsWazuh: message repeated 7 times: [ User ankur [1891536]:   689  mongo --quiet --eval 'var b=db.serverStatus().opcounters; sleep(60000); var a=db.serverStatus().opcounters; printjson({writes_per_min:(a.insert+a.update+a.delete)-(b.insert+b.update+b.delete)});']
Nov 18 01:01:16 bastion LinuxCommandsWazuh: User ashish [2005693]: 22  byobu
Nov 18 01:01:17 bastion LinuxCommandsWazuh: message repeated 2 times: [ User ashish [2005693]: 22  byobu]
Nov 18 01:02:18 bastion LinuxCommandsWazuh: User ankur [1891536]:   689  mongo --quiet --eval 'var b=db.serverStatus().opcounters; sleep(60000); var a=db.serverStatus().opcounters; printjson({writes_per_min:(a.insert+a.update+a.delete)-(b.insert+b.update+b.delete)});'
Nov 18 01:03:04 bastion LinuxCommandsWazuh: User ankur [1891536]:   690  mongo --quiet --eval '#012var first=db.getSiblingDB("local").oplog.rs.find().sort({$natural:1}).limit(1).next().ts;#012var last=db.getSiblingDB("local").oplog.rs.find().sort({$natural:-1}).limit(1).next().ts;#012print("window_minutes:", Math.round((last.getTime()-first.getTime())/60000));#012'
Nov 18 01:04:15 bastion LinuxCommandsWazuh: User ankur [1891536]:   691  mongo --quiet --eval '#012var oplog = db.getSiblingDB("local").oplog.rs;#012var first = oplog.find().sort({$natural:1}).limit(1).next().ts.t;#012var last  = oplog.find().sort({$natural:-1}).limit(1).next().ts.t;#012print("oplog_window_minutes:", (last - first) / 60);#012print("oplog_window_hours:", (last - first) / 3600);#012print("oplog_window_days:", (last - first) / 86400);#012'
Nov 18 01:05:35 bastion LinuxCommandsWazuh: User ankur [1891536]:   692  mongo --quiet --eval '#012var oplog = db.getSiblingDB("local").oplog.rs;#012var first = oplog.find().sort({$natural:1}).limit(1).next().ts.t;#012var last  = oplog.find().sort({$natural:-1}).limit(1).next().ts.t;#012print("oplog_window_minutes:", (last - first) / 60);#012print("oplog_window_hours:", (last - first) / 3600);#012print("oplog_window_days:", (last - first) / 86400);#012'
Nov 18 01:08:32 bastion LinuxCommandsWazuh: User ankur [2019924]:   649  mongo-ssh 
Nov 18 01:08:46 bastion LinuxCommandsWazuh: User ankur [1891536]:   693  mongo --eval "rs.printSecondaryReplicationInfo();"
Nov 18 01:08:51 bastion LinuxCommandsWazuh: User ankur [1891536]:   694  mongo --eval "rs.printReplicationInfo()"
Nov 18 01:09:24 bastion LinuxCommandsWazuh: User ankur [1891536]:   695  mongo --quiet --eval '#012var oplog = db.getSiblingDB("local").oplog.rs;#012var firstDoc = oplog.find().sort({$natural:1}).limit(1).next();#012var lastDoc  = oplog.find().sort({$natural:-1}).limit(1).next();#012if (!firstDoc || !lastDoc) {#012  print("oplog empty or cannot read entries");#012} else {#012  var first_ts = firstDoc.ts.t;     // seconds#012  var last_ts  = lastDoc.ts.t;#012  print("first_ts_sec:", first_ts, " ->", new Date(first_ts*1000).toISOString());#012  print("last_ts_sec: ", last_ts,  " ->", new Date(last_ts*1000).toISOString());#012  var window_seconds = last_ts - first_ts;#012  print("oplog_window_seconds:", window_seconds);#012  print("oplog_window_minutes:", (window_seconds / 60).toFixed(2));#012  print("oplog_window_hours:",   (window_seconds / 3600).toFixed(2));#012}#012'
Nov 18 01:12:38 bastion LinuxCommandsWazuh: User ankur [1891536]:   696  mongo --quiet --eval 'var oplog=db.getSiblingDB("local").oplog.rs; var f=oplog.find().sort({$natural:1}).limit(1).next(); var l=oplog.find().sort({$natural:-1}).limit(1).next(); if(!f||!l) print("no entries"); else print("minutes:", (l.ts.t-f.ts.t)/60)'
Nov 18 01:14:48 bastion LinuxCommandsWazuh: User ankur [1891536]:   697  mongo --quiet --eval '#012var oplog = db.getSiblingDB("local").oplog.rs;#012var f = oplog.find().sort({$natural:1}).limit(1).next();#012var l = oplog.find().sort({$natural:-1}).limit(1).next();#012if (!f || !l) {#012  print("no entries or cannot read oplog");#012} else {#012  function secFromTs(ts){#012    // ts may be Timestamp({t:..., i:...}), or have numeric fields as NumberLong, or be a Date-like#012    if (!ts) throw "no ts";#012    // case: ts.t exists (Timestamp object)#012    if (ts.t !== undefined) {#012      try {#012        // NumberLong/Long has toNumber() in many shells#012        if (typeof ts.t === "number") return ts.t;#012        if (ts.t.toNumber) return ts.t.toNumber();#012        if (ts.t.valueOf) return ts.t.valueOf();#012      } catch(e){}#012    }#012    // case: some shells expose high_ field#012    if (ts.high_ !== undefined) {#012      return ts.high_;#012    }#012    // case: maybe ts is Date-like#012    if (ts.getTime) return Math.floor(ts.getTime()/1000);#012    throw "unrecognized ts format: " + tojson(ts);#012  }#012  try {#012    v
Nov 18 01:15:52 bastion LinuxCommandsWazuh: User ashish [2035799]: 22  byobu
Nov 18 01:20:18 bastion LinuxCommandsWazuh: User ankur [1891536]:   698  mongo --quiet --eval '#012  var oplog = db.getSiblingDB("local").oplog.rs;#012  var f = oplog.find().sort({$natural:1}).limit(1).next();#012  var l = oplog.find().sort({$natural:-1}).limit(1).next();#012  if (!f || !l) {#012    print("no entries or cannot read oplog");#012  } else {#012    var first_sec = (typeof f.ts.t === "number") ? f.ts.t : f.ts.t.toNumber ? f.ts.t.toNumber() : f.ts.t;#012    var last_sec  = (typeof l.ts.t === "number") ? l.ts.t : l.ts.t.toNumber ? l.ts.t.toNumber() : l.ts.t;#012    print("first_ts_sec:", first_sec, " ->", new Date(first_sec*1000).toISOString());#012    print("last_ts_sec: ", last_sec,  " ->", new Date(last_sec*1000).toISOString());#012    var window_seconds = last_sec - first_sec;#012    print("oplog_window_seconds:", window_seconds);#012    print("oplog_window_minutes:", (window_seconds / 60).toFixed(2));#012    print("oplog_window_hours:",   (window_seconds / 3600).toFixed(2));#012  }#012'
Nov 18 01:38:55 bastion LinuxCommandsWazuh: User ankur [1891536]:   699  mongo --quiet --eval 'var oplog=db.getSiblingDB("local").oplog.rs; var f=oplog.find().sort({$natural:1}).limit(1).next(); var l=oplog.find().sort({$natural:-1}).limit(1).next(); if(!f||!l) print(-1); else print((l.ts.t - f.ts.t)/60)' 
Nov 18 01:39:18 bastion LinuxCommandsWazuh: User ankur [1891536]:   700  mongo --quiet --eval 'rs.printReplicationInfo()'
Nov 18 01:47:20 bastion LinuxCommandsWazuh: User ubuntu [2074671]:  2000  sudo su ankur
Nov 18 01:47:38 bastion LinuxCommandsWazuh: User ankur [2075048]:   650  byobu
Nov 18 01:47:50 bastion LinuxCommandsWazuh: User ankur [1891536]:   701  mongo --quiet --eval "rs.printReplicationInfo();"
Nov 18 01:47:57 bastion LinuxCommandsWazuh: User ankur [1891536]:   702  mongo --quiet --eval "db.getSiblingDB('local').oplog.rs.stats();"
Nov 18 01:49:06 bastion LinuxCommandsWazuh: User ankur [1891536]:   703  mongo --quiet --eval 'var a=db.serverStatus().opcounters; sleep(60000); var b=db.serverStatus().opcounters; printjson({writes_per_min: (b.insert+b.update+b.delete)-(a.insert+a.update+a.delete)});'
Nov 18 01:49:06 bastion LinuxCommandsWazuh: User ankur [1891536]:   703  mongo --quiet --eval 'var a=db.serverStatus().opcounters; sleep(60000); var b=db.serverStatus().opcounters; printjson({writes_per_min: (b.insert+b.update+b.delete)-(a.insert+a.update+a.delete)});'
Nov 18 01:50:25 bastion LinuxCommandsWazuh: User ankur [1891536]:   703  mongo --quiet --eval 'var a=db.serverStatus().opcounters; sleep(60000); var b=db.serverStatus().opcounters; printjson({writes_per_min: (b.insert+b.update+b.delete)-(a.insert+a.update+a.delete)});'
Nov 18 01:50:26 bastion LinuxCommandsWazuh: User ankur [1891536]:   703  mongo --quiet --eval 'var a=db.serverStatus().opcounters; sleep(60000); var b=db.serverStatus().opcounters; printjson({writes_per_min: (b.insert+b.update+b.delete)-(a.insert+a.update+a.delete)});'
Nov 18 01:56:05 bastion LinuxCommandsWazuh: User ankur [1891536]:   704  mongo --eval "rs.printReplicationInfo();"
Nov 18 01:56:13 bastion LinuxCommandsWazuh: User ankur [1891536]:   705  mongo --quiet --eval "db.getSiblingDB('local').oplog.rs.stats()"
Nov 18 01:56:26 bastion LinuxCommandsWazuh: User ankur [1891536]:   706  mongo --eval "rs.printReplicationInfo();"
Nov 18 01:56:34 bastion LinuxCommandsWazuh: User ankur [1891536]:   707  mongo --eval 'db.adminCommand({ replSetResizeOplog:1, size:204800 })'
Nov 18 01:56:49 bastion LinuxCommandsWazuh: User ankur [1891536]:   708  mongo --eval "rs.printReplicationInfo();"
Nov 18 02:07:39 bastion LinuxCommandsWazuh: User ankur [1891536]:   708  mongo --eval "rs.printReplicationInfo();"
Nov 18 02:07:42 bastion LinuxCommandsWazuh: User ankur [1891536]:   708  mongo --eval "rs.printReplicationInfo();"
Nov 18 02:18:16 bastion LinuxCommandsWazuh: User ankur [1833902]:   649  mongo-ssh
Nov 18 02:24:53 bastion LinuxCommandsWazuh: User ankur [1164249]:   648  k rollout restart deployment/house-of-click
Nov 18 02:27:26 bastion LinuxCommandsWazuh: User ankur [1891536]:   708  mongo --eval "rs.printReplicationInfo();"
Nov 18 02:28:00 bastion LinuxCommandsWazuh: User ankur [2075048]:   650  byobu
Nov 18 02:34:51 bastion LinuxCommandsWazuh: User ankur [2119496]:   656  exit
Nov 18 02:35:03 bastion LinuxCommandsWazuh: User ankur [2119496]:   657  byobu
Nov 18 08:10:31 bastion LinuxCommandsWazuh: User ashish [2151350]: 22  byobu
Nov 18 09:16:04 bastion LinuxCommandsWazuh: User ankur [2184449]:   658  exit
Nov 18 09:16:24 bastion LinuxCommandsWazuh: User ankur [1891536]:   708  mongo --eval "rs.printReplicationInfo();"
Nov 18 09:16:27 bastion LinuxCommandsWazuh: User ankur [1891536]:   708  mongo --eval "rs.printReplicationInfo();"
Nov 18 09:20:14 bastion LinuxCommandsWazuh: User ankur [1891536]:   708  mongo --eval "rs.printReplicationInfo();"
Nov 18 09:38:51 bastion LinuxCommandsWazuh: User mohtashim [2198181]: 17  exit
Nov 18 09:38:55 bastion LinuxCommandsWazuh: User mohtashim [1622964]: 27  stern vortex | grep "e218c8b4-c0e2-4532-b264-b90a577703af"
Nov 18 09:38:56 bastion LinuxCommandsWazuh: message repeated 2 times: [ User mohtashim [1622964]: 27  stern vortex | grep "e218c8b4-c0e2-4532-b264-b90a577703af"]
Nov 18 10:11:59 bastion LinuxCommandsWazuh: User mohtashim [2231327]: 17  exit
Nov 18 10:25:57 bastion LinuxCommandsWazuh: User mohtashim [2233297]: 18  byobu
Nov 18 10:45:59 bastion LinuxCommandsWazuh: User mohtashim [2231327]: 18  make cookie-bash
Nov 18 10:46:07 bastion LinuxCommandsWazuh: User mohtashim [2233297]: 19  psql -h 10.94.16.3 -U postgres -d vortex_v2
Nov 18 11:52:38 bastion LinuxCommandsWazuh: User ashish [2241584]: 22  byobu
Nov 18 12:39:05 bastion LinuxCommandsWazuh: User ankur [2288304]:   659  byobu
Nov 18 12:54:59 bastion LinuxCommandsWazuh: User ankur [2316026]:   659  byobu
Nov 18 12:56:31 bastion LinuxCommandsWazuh: User abhijeet [2319513]:  1998  kubectl get pods 
Nov 18 12:56:39 bastion LinuxCommandsWazuh: User abhijeet [2319513]:  1998  kubectl get pods 
Nov 18 13:03:27 bastion LinuxCommandsWazuh: User ankur [2330400]:   659  byobu
Nov 18 13:04:21 bastion LinuxCommandsWazuh: User ankur [2330400]:   660  clickhouse-ssh 
Nov 18 13:06:03 bastion LinuxCommandsWazuh: User ashish [2333467]: 22  byobu
Nov 18 13:06:32 bastion LinuxCommandsWazuh: User ubuntu [2334490]:  2000  mongo-ssh 
Nov 18 13:06:37 bastion LinuxCommandsWazuh: User rihan [2334648]:  1604  k get pods | grep "dakiya"
Nov 18 13:06:51 bastion LinuxCommandsWazuh: User rihan [2334648]:  1605  alias k=kubectl
Nov 18 13:06:54 bastion LinuxCommandsWazuh: User rihan [2334648]:  1606  k get pods
Nov 18 13:07:07 bastion LinuxCommandsWazuh: User rihan [2334648]:  1607  k logs -f replication:
Nov 18 13:07:08 bastion LinuxCommandsWazuh: message repeated 2 times: [ User rihan [2334648]:  1607  k logs -f replication:]
Nov 18 13:07:08 bastion LinuxCommandsWazuh: User rihan [2334648]:  1608  #sharding:
Nov 18 13:07:08 bastion LinuxCommandsWazuh: User rihan [2334648]:  1609  ## Enterprise-Only Optio
Nov 18 13:07:08 bastion LinuxCommandsWazuh: User rihan [2334648]:  1610  operationProfiling:
Nov 18 13:07:09 bastion LinuxCommandsWazuh: message repeated 3 times: [ User rihan [2334648]:  1610  operationProfiling:]
Nov 18 13:07:09 bastion LinuxCommandsWazuh: User rihan [2334648]:  1611  ~                                                                                                                                                                                   
Nov 18 13:07:13 bastion LinuxCommandsWazuh: message repeated 3 times: [ User rihan [2334648]:  1611  ~                                                                                                                                                                                   ]
Nov 18 13:07:32 bastion LinuxCommandsWazuh: User rihan [2334648]:  1612  k logs -f urlbird-54fdc98976-nk24m 
Nov 18 13:07:32 bastion LinuxCommandsWazuh: message repeated 2 times: [ User rihan [2334648]:  1612  k logs -f urlbird-54fdc98976-nk24m ]
Nov 18 13:07:47 bastion LinuxCommandsWazuh: User rihan [2334648]:  1613  k get all -o wide | grep "urlbird"
Nov 18 13:08:05 bastion LinuxCommandsWazuh: User rihan [2334648]:  1614  k get pods | grep "urlbird:#012"
Nov 18 13:08:08 bastion LinuxCommandsWazuh: User rihan [2334648]:  1615  k get pods | grep "urlbird"
Nov 18 13:08:47 bastion LinuxCommandsWazuh: User rihan [2334648]:  1616  k get deploy 
Nov 18 13:09:26 bastion LinuxCommandsWazuh: User rihan [2334648]:  1617  k logs -f urlbird-54fdc98976-p96kf
Nov 18 13:09:26 bastion LinuxCommandsWazuh: message repeated 2 times: [ User rihan [2334648]:  1617  k logs -f urlbird-54fdc98976-p96kf]
Nov 18 13:10:27 bastion LinuxCommandsWazuh: User mohtashim [2342962]: 22  exit
Nov 18 13:10:36 bastion LinuxCommandsWazuh: User mohtashim [2342962]: 23  k get pods
Nov 18 13:10:43 bastion LinuxCommandsWazuh: User mohtashim [2342962]: 24  stern rewards-be
Nov 18 13:10:43 bastion LinuxCommandsWazuh: User mohtashim [2342962]: 24  stern rewards-be
Nov 18 13:11:09 bastion LinuxCommandsWazuh: User rihan [2334648]:  1617  k logs -f urlbird-54fdc98976-p96kf
Nov 18 13:11:22 bastion LinuxCommandsWazuh: User ankur [2344831]:   661  exit
Nov 18 13:13:39 bastion LinuxCommandsWazuh: User rihan [2334648]:  1617  k logs -f urlbird-54fdc98976-p96kf
Nov 18 13:13:41 bastion LinuxCommandsWazuh: User rihan [2334648]:  1618  k get deploy 
Nov 18 13:13:49 bastion LinuxCommandsWazuh: User rihan [2334648]:  1619  k get pods -o wide 
Nov 18 13:13:57 bastion LinuxCommandsWazuh: User rihan [2334648]:  1620  k get pods -o wide  | grep "urlbird"
Nov 18 13:14:10 bastion LinuxCommandsWazuh: User rihan [2334648]:  1621  k logs -f urlbird-jobs-6b7c5865f6-fmbnc 
Nov 18 13:15:24 bastion LinuxCommandsWazuh: User abhijeet [2319513]:  1999  kubectl get pods | grep url
Nov 18 13:15:25 bastion LinuxCommandsWazuh: User rihan [2334648]:  1622  k exec -it urlbird-jobs-6b7c5865f6-fmbnc bash
Nov 18 13:15:29 bastion LinuxCommandsWazuh: User rihan [2334648]:  1623  k get pods -o wide  | grep "urlbird"
Nov 18 13:15:33 bastion LinuxCommandsWazuh: User abhijeet [2319513]:  2000  kubectl get ingress
Nov 18 13:15:37 bastion LinuxCommandsWazuh: User rihan [2334648]:  1624  k logs -f urlbird-5d87969569-9vtg4 
Nov 18 13:15:45 bastion LinuxCommandsWazuh: User abhijeet [2319513]:  2001  kubectl get ingress -o yaml | grep urlbird
Nov 18 13:16:02 bastion LinuxCommandsWazuh: User abhijeet [2319513]:  2002  curl -v telnet://urlbird.nitrocommerce.ai
Nov 18 13:17:10 bastion LinuxCommandsWazuh: User abhijeet [2319513]:  2003  ping k8s1-abd1799b-nitrox-production-urlbird-16006-1fcd2078
Nov 18 13:18:19 bastion LinuxCommandsWazuh: User rihan [2334648]:  1625  k exec -it urlbird-5d87969569-9vtg4 -- bash
Nov 18 13:18:20 bastion LinuxCommandsWazuh: User rihan [2334648]:  1626  kubectl get svc urlbird -o yaml | grep -A5 ports
Nov 18 13:18:20 bastion LinuxCommandsWazuh: User rihan [2334648]:  1626  kubectl get svc urlbird -o yaml | grep -A5 ports
Nov 18 13:18:40 bastion LinuxCommandsWazuh: User rihan [2334648]:  1627  kubectl get ing -A
Nov 18 13:18:41 bastion LinuxCommandsWazuh: User rihan [2334648]:  1628  kubectl get svc -A | grep LoadBalancer
Nov 18 13:18:41 bastion LinuxCommandsWazuh: User rihan [2334648]:  1628  kubectl get svc -A | grep LoadBalancer
Nov 18 13:18:56 bastion LinuxCommandsWazuh: User rihan [2334648]:  1629  kubectl describe ing urlbird
Nov 18 13:18:57 bastion LinuxCommandsWazuh: User rihan [2334648]:  1629  kubectl describe ing urlbird
Nov 18 13:20:36 bastion LinuxCommandsWazuh: User rihan [2334648]:  1630  k describe ingress nitrox-production 
Nov 18 13:20:55 bastion LinuxCommandsWazuh: User rihan [2334648]:  1631  k get endpoint urlbird
Nov 18 13:21:12 bastion LinuxCommandsWazuh: User rihan [2334648]:  1632  k get svc
Nov 18 13:23:45 bastion LinuxCommandsWazuh: User ankur [2371985]:   661  exit
Nov 18 13:23:53 bastion LinuxCommandsWazuh: User ankur [2371985]:   662  k get pods | grep house
Nov 18 13:26:10 bastion LinuxCommandsWazuh: User rihan [2334648]:  1633  kubectl get endpoints urlbird -o wide
Nov 18 13:26:10 bastion LinuxCommandsWazuh: User rihan [2334648]:  1633  kubectl get endpoints urlbird -o wide
Nov 18 13:26:25 bastion LinuxCommandsWazuh: User rihan [2334648]:  1634  kubectl get nitrox-dj  urlbird -o wide
Nov 18 13:26:30 bastion LinuxCommandsWazuh: User rihan [2334648]:  1635  kubectl get nitrox-ui  urlbird -o wide
Nov 18 13:26:43 bastion LinuxCommandsWazuh: User rihan [2334648]:  1636  kubectl get endpoint nitrox-ui  -o wide
Nov 18 13:27:02 bastion LinuxCommandsWazuh: User rihan [2334648]:  1637  kubectl get endpoints urlbird -o wide
Nov 18 13:27:10 bastion LinuxCommandsWazuh: User rihan [2334648]:  1638  kubectl get endpoints nitrox-ui -o wide
Nov 18 13:27:34 bastion LinuxCommandsWazuh: User rihan [2334648]:  1639  kubectl get svc urlbird -o yaml
Nov 18 13:27:34 bastion LinuxCommandsWazuh: User rihan [2334648]:  1639  kubectl get svc urlbird -o yaml
Nov 18 13:32:20 bastion LinuxCommandsWazuh: User rihan [2334648]:  1640  k get svc
Nov 18 13:32:23 bastion LinuxCommandsWazuh: User rihan [2334648]:  1641  kubectl get endpoints urlbird -o wide
Nov 18 13:53:36 bastion LinuxCommandsWazuh: User ankur [2425520]:   662  byobu
Nov 18 13:56:21 bastion LinuxCommandsWazuh: User mohtashim [2431247]: 25  stern rewards-be | grep "ANALYTICS"
Nov 18 13:56:24 bastion LinuxCommandsWazuh: User mohtashim [2431247]: 26  stage-ss
Nov 18 14:16:55 bastion LinuxCommandsWazuh: User ankur [2469930]:   662  byobu
Nov 18 14:20:25 bastion LinuxCommandsWazuh: User ankur [1164249]:   648  k rollout restart deployment/house-of-click
Nov 18 14:30:23 bastion LinuxCommandsWazuh: User mohtashim [1639926]: 18  make cookie-bash
Nov 18 14:34:02 bastion LinuxCommandsWazuh: User aman [2501794]:   677  psql -h 10.94.16.3 -p 5432 -U dbuser -d assistant_pg
Nov 18 14:51:44 bastion LinuxCommandsWazuh: User abhijeet [2527740]:  1998  exit
Nov 18 14:51:51 bastion LinuxCommandsWazuh: User abhijeet [2527740]:  1999  ssh ubuntu@34.131.0.213
Nov 18 15:03:34 bastion LinuxCommandsWazuh: User abhijeet [2527740]:  2000  ssh abhijeet@34.131.0.213
Nov 18 15:03:45 bastion LinuxCommandsWazuh: User abhijeet [2527740]:  2000  ssh abhijeet@34.131.0.213
Nov 18 15:04:27 bastion LinuxCommandsWazuh: User abhijeet [2527740]:  2000  ssh abhijeet@34.131.0.213
Nov 18 15:04:32 bastion LinuxCommandsWazuh: message repeated 3 times: [ User abhijeet [2527740]:  2000  ssh abhijeet@34.131.0.213]
Nov 18 15:04:49 bastion LinuxCommandsWazuh: User abhijeet [2527740]:  2001  curl -v telnet://34.131.0.213:22
Nov 18 15:06:11 bastion LinuxCommandsWazuh: User ankur [1164249]:   649  k get pods | grep big
Nov 18 15:06:14 bastion LinuxCommandsWazuh: User ankur [1164249]:   650  k get pods | grep house
Nov 18 15:06:19 bastion LinuxCommandsWazuh: User ankur [1164249]:   650  k get pods | grep house
Nov 18 15:08:32 bastion LinuxCommandsWazuh: User ankur [1164249]:   651  k rollout restart deployment/house-of-click
Nov 18 15:27:39 bastion LinuxCommandsWazuh: User abhijeet [2527740]:  2002  ssh abhijeet@34.131.0.213
Nov 18 15:27:39 bastion LinuxCommandsWazuh: User abhijeet [2527740]:  2003  ls
Nov 18 15:39:59 bastion LinuxCommandsWazuh: User ashish [2556376]: 22  byobu
Nov 18 15:40:17 bastion LinuxCommandsWazuh: User ashish [2556376]: 22  byobu
Nov 18 15:40:18 bastion LinuxCommandsWazuh: message repeated 3 times: [ User ashish [2556376]: 22  byobu]
Nov 18 15:40:29 bastion LinuxCommandsWazuh: User ashish [2556376]: 22  byobu
Nov 18 15:40:51 bastion LinuxCommandsWazuh: message repeated 6 times: [ User ashish [2556376]: 22  byobu]
Nov 18 15:40:51 bastion LinuxCommandsWazuh: User ashish [2556376]: 22  byobu
Nov 18 15:40:51 bastion LinuxCommandsWazuh: User ashish [2556376]: 23  clear
Nov 18 15:41:11 bastion LinuxCommandsWazuh: User abhijeet [2527740]:  2004  ssh ubuntu@34.131.179.6
Nov 18 15:42:05 bastion LinuxCommandsWazuh: message repeated 2 times: [ User abhijeet [2527740]:  2004  ssh ubuntu@34.131.179.6]
Nov 18 15:47:15 bastion LinuxCommandsWazuh: User ankur [2557388]:   662  byobu
Nov 18 15:52:13 bastion LinuxCommandsWazuh: User ankur [2557388]:   662  byobu
Nov 18 15:52:49 bastion LinuxCommandsWazuh: User ankur [2562325]:   663  ex
Nov 18 15:52:53 bastion LinuxCommandsWazuh: User ankur [2562325]:   664  byobu
Nov 18 15:55:35 bastion LinuxCommandsWazuh: User ashish [2556376]: 23  clear
Nov 18 15:55:36 bastion LinuxCommandsWazuh: message repeated 3 times: [ User ashish [2556376]: 23  clear]
Nov 18 15:55:38 bastion LinuxCommandsWazuh: User aman [2501794]:   678  psql -h 10.94.16.3 -p 5432 -U postgres -d assistant_pg
Nov 18 15:55:39 bastion LinuxCommandsWazuh: User aman [2501794]:   679  clear
Nov 18 16:07:09 bastion LinuxCommandsWazuh: User aman [2574627]:   680  exit
Nov 18 16:07:10 bastion LinuxCommandsWazuh: User aman [2574627]:   681  clear
Nov 18 16:07:16 bastion LinuxCommandsWazuh: User aman [2574627]:   682  psql -h 10.94.16.3 -p 5432 -U postgres -d assistant_pg
Nov 18 16:14:39 bastion LinuxCommandsWazuh: User aman [2574627]:   682  psql -h 10.94.16.3 -p 5432 -U postgres -d assistant_pg
Nov 18 16:14:40 bastion LinuxCommandsWazuh: User aman [2574627]:   683  c;ear
Nov 18 16:14:41 bastion LinuxCommandsWazuh: User aman [2574627]:   684  clear
Nov 18 16:17:06 bastion LinuxCommandsWazuh: User ashish [1905219]: 23  clickhouse-ssh
Nov 18 16:21:52 bastion LinuxCommandsWazuh: User ashish [1905219]: 24  stern cookie-cutter | grep "nitro_id: 38ab2429-6523-490b-8e94-42642928caa5 for event: updatecart"
Nov 18 16:24:14 bastion LinuxCommandsWazuh: User ashish [1905219]: 25  stern cookie-cutter | grep "DEBUGXX0 | 4f4c60be-3e68-41c2-97d6-ec8fd1df4bf2 38ab2429-6523-490b-8e94-42642928caa5"
Nov 18 16:24:41 bastion LinuxCommandsWazuh: User ashish [1905219]: 26  stern cookie-cutter | grep "nitro_id: 38ab2429-6523-490b-8e94-42642928caa5 for event: updatecart"
Nov 18 16:26:17 bastion LinuxCommandsWazuh: User abhijeet [2593985]:  1998  exit
Nov 18 16:26:26 bastion LinuxCommandsWazuh: User abhijeet [2593985]:  1999  ping 10.148.0.7
Nov 18 16:26:29 bastion LinuxCommandsWazuh: User abhijeet [2593985]:  2000  ping 10.148.0.2
Nov 18 16:27:12 bastion LinuxCommandsWazuh: User ashish [1905219]: 27  stern cookie-cutter | grep "DEBUGXX0 | 4f4c60be-3e68-41c2-97d6-ec8fd1df4bf2 38ab2429-6523-490b-8e94-42642928caa5"
Nov 18 16:27:29 bastion LinuxCommandsWazuh: User abhijeet [2593985]:  2001  ping 10.148.0.7
Nov 18 16:30:09 bastion LinuxCommandsWazuh: User abhijeet [2597826]:  1998  exit
Nov 18 16:31:08 bastion LinuxCommandsWazuh: User ashish [1905219]: 28  stern cookie-cutter | grep "LUCIRA DEBUG FOR WEBENGAGE STEP_3: ORG_ID: 4f4c60be-3e68-41c2-97d6-ec8fd1df4bf2, event_name: updatecart"
Nov 18 16:31:36 bastion LinuxCommandsWazuh: User mohtashim [2599330]: 27  stage-ssh 
Nov 18 16:40:08 bastion LinuxCommandsWazuh: User ashish [1905219]: 29  stern cookie-cutter | grep "38ab2429-6523-490b-8e94-42642928caa5 Return after transform_payload_for_default_events failed"
Nov 18 16:41:21 bastion LinuxCommandsWazuh: User abhijeet [2593985]:  2002  ssh ubuntu@10.148.0.7
Nov 18 16:41:24 bastion LinuxCommandsWazuh: User abhijeet [2597826]:  1999  redis-ssh 
Nov 18 16:42:02 bastion LinuxCommandsWazuh: User ashish [1905219]: 30  stern cookie-cutter | grep ">HIGH-INTENT-CUSTOMERS-EVENT  4f4c60be-3e68-41c2-97d6-ec8fd1df4bf2"
Nov 18 16:43:12 bastion LinuxCommandsWazuh: User ashish [1905219]: 31  stern cookie-cutter | grep "🔥BG_HANDLE_EVENT_PERF_4f4c60be-3e68-41c2-97d6-ec8fd1df4bf2"
Nov 18 16:46:36 bastion LinuxCommandsWazuh: User ashish [1905219]: 32  stern cookie-cutter | grep "🔥BG_HANDLE_EVENT_PERF_4f4c60be-3e68-41c2-97d6-ec8fd1df4bf2_remove"
Nov 18 16:50:51 bastion LinuxCommandsWazuh: User aman [2618752]:   685  exit
Nov 18 16:50:52 bastion LinuxCommandsWazuh: User aman [2618752]:   686  clear
Nov 18 16:51:00 bastion LinuxCommandsWazuh: User aman [2618752]:   687  kubectl get configmap
Nov 18 16:54:12 bastion LinuxCommandsWazuh: User aman [2622001]:   688  kubectl edit configmap nitrox-dj-config
Nov 18 16:54:17 bastion LinuxCommandsWazuh: User aman [2622001]:   689  psql -h 10.94.16.3 -p 5432 -U postgres -d assistant_pg
Nov 18 16:54:17 bastion LinuxCommandsWazuh: User aman [2622001]:   689  psql -h 10.94.16.3 -p 5432 -U postgres -d assistant_pg
Nov 18 17:02:09 bastion LinuxCommandsWazuh: User ashish [1905219]: 32  stern cookie-cutter | grep "🔥BG_HANDLE_EVENT_PERF_4f4c60be-3e68-41c2-97d6-ec8fd1df4bf2_remove"
Nov 18 17:02:15 bastion LinuxCommandsWazuh: User ashish [1905219]: 32  stern cookie-cutter | grep "🔥BG_HANDLE_EVENT_PERF_4f4c60be-3e68-41c2-97d6-ec8fd1df4bf2_remove"
Nov 18 17:02:21 bastion LinuxCommandsWazuh: User ashish [1905219]: 33  kubectl get pods
Nov 18 17:02:30 bastion LinuxCommandsWazuh: User ashish [1905219]: 34  kubectl get pods | grep "nitro"
Nov 18 17:04:06 bastion LinuxCommandsWazuh: User ubuntu [2632164]:  2000  sudo su rihan
Nov 18 17:04:09 bastion LinuxCommandsWazuh: User rihan [2632203]:  1642  kubectl get endpoints urlbird -o wide
Nov 18 17:04:12 bastion LinuxCommandsWazuh: User rihan [2632203]:  1643  alias k=kubectl
Nov 18 17:04:16 bastion LinuxCommandsWazuh: User rihan [2632203]:  1644  k get pods
Nov 18 17:04:22 bastion LinuxCommandsWazuh: User rihan [2632203]:  1645  k get ingress
Nov 18 17:05:02 bastion LinuxCommandsWazuh: User rihan [2632203]:  1646  k describe ingress nitrox-production 
Nov 18 17:05:02 bastion LinuxCommandsWazuh: message repeated 5 times: [ User rihan [2632203]:  1646  k describe ingress nitrox-production ]
Nov 18 17:05:34 bastion LinuxCommandsWazuh: User abhijeet [2634343]:  1998  exit
Nov 18 17:05:38 bastion LinuxCommandsWazuh: User abhijeet [2634343]:  1999  ssh ubuntu@34.131.0.213
Nov 18 17:05:46 bastion LinuxCommandsWazuh: User abhijeet [2634343]:  1999  ssh ubuntu@34.131.0.213
Nov 18 17:05:48 bastion LinuxCommandsWazuh: User ubuntu [2634675]:  2000  sudo su rihan
Nov 18 17:05:52 bastion LinuxCommandsWazuh: User rihan [2634755]:  1642  kubectl get endpoints urlbird -o wide
Nov 18 17:05:56 bastion LinuxCommandsWazuh: User rihan [2634755]:  1642  kubectl get endpoints urlbird -o wide
Nov 18 17:06:04 bastion LinuxCommandsWazuh: User rihan [2634755]:  1643  k describe ingress
Nov 18 17:06:24 bastion LinuxCommandsWazuh: User abhijeet [2635377]:  1998  exit
Nov 18 17:06:25 bastion LinuxCommandsWazuh: User rihan [2634755]:  1644  kubectl describe ingress
Nov 18 17:06:47 bastion LinuxCommandsWazuh: User abhijeet [2635377]:  1999  kubectl get ingress
Nov 18 17:06:48 bastion LinuxCommandsWazuh: User rihan [2634755]:  1645  curl bknd.nitrocommerce.ai 
Nov 18 17:07:20 bastion LinuxCommandsWazuh: User abhijeet [2635377]:  2000  kubectl describe ingress nitrox-production
Nov 18 17:08:03 bastion LinuxCommandsWazuh: User rihan [2634755]:  1646  curl 
Nov 18 17:08:04 bastion LinuxCommandsWazuh: message repeated 9 times: [ User rihan [2634755]:  1646  curl ]
Nov 18 17:08:04 bastion LinuxCommandsWazuh: User rihan [2634755]:  1646  curl 
Nov 18 17:08:06 bastion LinuxCommandsWazuh: message repeated 11 times: [ User rihan [2634755]:  1646  curl ]
Nov 18 17:10:35 bastion LinuxCommandsWazuh: User rihan [2634755]:  1646  curl 
Nov 18 17:10:41 bastion LinuxCommandsWazuh: User rihan [2634755]:  1647  alias k=kubectl
Nov 18 17:10:42 bastion LinuxCommandsWazuh: User abhijeet [2635377]:  2000  kubectl describe ingress nitrox-production
Nov 18 17:10:45 bastion LinuxCommandsWazuh: User rihan [2634755]:  1648  k get pods 
Nov 18 17:10:52 bastion LinuxCommandsWazuh: User abhijeet [2635377]:  2001  kubectl get pods | grep mun
Nov 18 17:10:55 bastion LinuxCommandsWazuh: User rihan [2634755]:  1649  k get pods | grep "munshi"
Nov 18 17:11:37 bastion LinuxCommandsWazuh: User abhijeet [2635377]:  2001  kubectl get pods | grep mun
Nov 18 17:12:02 bastion LinuxCommandsWazuh: User rihan [2634755]:  1650  k logs -f munshiji-green-7c4986f4f8-8xtg6 
Nov 18 17:12:02 bastion LinuxCommandsWazuh: User rihan [2634755]:  1650  k logs -f munshiji-green-7c4986f4f8-8xtg6 
Nov 18 17:12:03 bastion LinuxCommandsWazuh: User rihan [2634755]:  1651  dig pay.nitrocommerce.ai
Nov 18 17:12:03 bastion LinuxCommandsWazuh: User rihan [2634755]:  1651  dig pay.nitrocommerce.ai
Nov 18 17:14:47 bastion LinuxCommandsWazuh: User rihan [2634755]:  1651  dig pay.nitrocommerce.ai
Nov 18 17:14:49 bastion LinuxCommandsWazuh: message repeated 9 times: [ User rihan [2634755]:  1651  dig pay.nitrocommerce.ai]
Nov 18 17:19:59 bastion LinuxCommandsWazuh: User abhijeet [2649034]:  1998  exit
Nov 18 17:20:02 bastion LinuxCommandsWazuh: User abhijeet [2649034]:  1999  k get ingress
Nov 18 17:20:35 bastion LinuxCommandsWazuh: User abhijeet [2649034]:  2000  k get ingress nitrox-production -o wide 
Nov 18 17:20:45 bastion LinuxCommandsWazuh: User abhijeet [2649034]:  2001  k get ingress nitrox-production -o yaml
Nov 18 17:24:06 bastion LinuxCommandsWazuh: User aman [2653046]:   690  psql -h 10.94.16.3 -p 5432 -U dbuser -d assistant_pg
Nov 18 17:24:11 bastion LinuxCommandsWazuh: User aman [2653046]:   691  kubectl get configmao
Nov 18 17:24:11 bastion LinuxCommandsWazuh: User aman [2653046]:   691  kubectl get configmao
Nov 18 17:24:13 bastion LinuxCommandsWazuh: User aman [2653046]:   692  kubectl get configmap
Nov 18 17:24:47 bastion LinuxCommandsWazuh: User aman [2653046]:   693  kubectl edit configmap nitrox-dj-config
Nov 18 17:24:54 bastion LinuxCommandsWazuh: User ashish [1905219]: 34  kubectl get pods | grep "nitro"
Nov 18 17:24:55 bastion LinuxCommandsWazuh: message repeated 3 times: [ User ashish [1905219]: 34  kubectl get pods | grep "nitro"]
Nov 18 17:24:58 bastion LinuxCommandsWazuh: User ashish [1905219]: 34  kubectl get pods | grep "nitro"
Nov 18 17:25:08 bastion LinuxCommandsWazuh: User ashish [1905219]: 35  kubectl get pods | grep "cookie"
Nov 18 17:28:31 bastion LinuxCommandsWazuh: User ashish [1905219]: 35  kubectl get pods | grep "cookie"
Nov 18 17:28:31 bastion LinuxCommandsWazuh: message repeated 2 times: [ User ashish [1905219]: 35  kubectl get pods | grep "cookie"]
Nov 18 17:29:48 bastion LinuxCommandsWazuh: User aman [2653046]:   693  kubectl edit configmap nitrox-dj-config
Nov 18 17:36:55 bastion LinuxCommandsWazuh: User ashish [1905219]: 35  kubectl get pods | grep "cookie"
Nov 18 17:36:56 bastion LinuxCommandsWazuh: message repeated 3 times: [ User ashish [1905219]: 35  kubectl get pods | grep "cookie"]
Nov 18 17:36:57 bastion LinuxCommandsWazuh: User ashish [1905219]: 35  kubectl get pods | grep "cookie"
Nov 18 17:36:57 bastion LinuxCommandsWazuh: User ashish [1905219]: 35  kubectl get pods | grep "cookie"
Nov 18 17:37:09 bastion LinuxCommandsWazuh: User ashish [2666608]: 24  byobu
Nov 18 17:37:13 bastion LinuxCommandsWazuh: User ashish [1905219]: 35  kubectl get pods | grep "cookie"
Nov 18 17:37:13 bastion LinuxCommandsWazuh: User ashish [1905219]: 35  kubectl get pods | grep "cookie"
Nov 18 17:45:08 bastion LinuxCommandsWazuh: User aman [2674219]:   694  exit
Nov 18 17:45:14 bastion LinuxCommandsWazuh: User aman [2674219]:   695  kubectl get configmap
Nov 18 17:45:43 bastion LinuxCommandsWazuh: User aman [2674219]:   696  kubectl edit configmap nitrox-dj-config
Nov 18 17:47:02 bastion LinuxCommandsWazuh: User venky [2676762]:  2000  sudo su - aman
Nov 18 17:47:04 bastion LinuxCommandsWazuh: User venky [2676762]:  2001  ls
Nov 18 17:50:28 bastion LinuxCommandsWazuh: User venky [2676762]:  2001  ls
Nov 18 17:50:30 bastion LinuxCommandsWazuh: message repeated 5 times: [ User venky [2676762]:  2001  ls]
Nov 18 17:50:39 bastion LinuxCommandsWazuh: User venky [2680430]:  2000  ls
Nov 18 17:50:45 bastion LinuxCommandsWazuh: message repeated 3 times: [ User venky [2680430]:  2000  ls]
Nov 18 17:54:08 bastion LinuxCommandsWazuh: User ashish [1905219]: 36  redis
Nov 18 17:57:20 bastion LinuxCommandsWazuh: User ashish [1905219]: 37  stern cookie-cutter | grep ">HIGH-INTENT Tracked event for id 38ab2429-6523-490b-8e94-42642928caa5"
Nov 18 18:15:33 bastion LinuxCommandsWazuh: User abhijeet [2706228]:  1998  ssh abhijeet@34.131.0.213
Nov 18 18:15:34 bastion LinuxCommandsWazuh: User abhijeet [2706228]:  1999  aws
Nov 18 18:15:43 bastion LinuxCommandsWazuh: User abhijeet [2706228]:  2000  gsutil 
Nov 18 18:19:29 bastion LinuxCommandsWazuh: User abhijeet [2706228]:  2001  #gsutil -m rsync -rd gs://nitrox-436511-daisy-bkt-asia-south2 s3://nitrox-436511-daisy-bkt-asia-south2 
Nov 18 18:19:37 bastion LinuxCommandsWazuh: User abhijeet [2706228]:  2002  gsutil -m rsync -rd gs://nitrox-436511-daisy-bkt-asia-south2 s3://nitrox-436511-daisy-bkt-asia-south2 
Nov 18 18:20:22 bastion LinuxCommandsWazuh: User abhijeet [2706228]:  2003  aws
Nov 18 18:20:28 bastion LinuxCommandsWazuh: User abhijeet [2706228]:  2003  aws
Nov 18 18:20:29 bastion LinuxCommandsWazuh: User abhijeet [2706228]:  2004  s3://nitrox-436511-daisy-bkt-asia-south2 
Nov 18 18:20:32 bastion LinuxCommandsWazuh: User abhijeet [2706228]:  2005  snap install aws-cli
Nov 18 18:20:36 bastion LinuxCommandsWazuh: User abhijeet [2706228]:  2006  sudo snap install aws-cli
Nov 18 18:20:56 bastion LinuxCommandsWazuh: User abhijeet [2706228]:  2007  sudo snap install aws-cli --classic
Nov 18 18:21:58 bastion LinuxCommandsWazuh: User abhijeet [2706228]:  2008  aws configure
Nov 18 18:37:10 bastion LinuxCommandsWazuh: User abhijeet [2706228]:  2009  gsutil -m rsync -rd gs://nitrox-436511-daisy-bkt-asia-south2 s3://nitrox-436511-daisy-bkt-asia-south2 
Nov 18 18:39:29 bastion LinuxCommandsWazuh: User mohtashim [2731816]: 28  stage-ssh
Nov 18 18:43:10 bastion LinuxCommandsWazuh: User mohtashim [2731816]: 29  mongo pixel_v1
Nov 18 18:44:14 bastion LinuxCommandsWazuh: User mohtashim [1622964]: 28  clear
Nov 18 18:44:19 bastion LinuxCommandsWazuh: User mohtashim [1495989]: psql -h 10.94.16.3 -U postgres -d vortex_v2
Nov 18 18:45:05 bastion LinuxCommandsWazuh: User mohtashim [2731816]: 30  byobu
Nov 18 18:45:10 bastion LinuxCommandsWazuh: User mohtashim [2731816]: 31  clear
Nov 18 18:53:30 bastion LinuxCommandsWazuh: User abhijeet [2706228]:  2010  gsutil -o "GSUtil:parallel_thread_count=5" -o "GSUtil:parallel_process_count=5" -m rsync -rd gs://nitrox-436511-daisy-bkt-asia-south2 s3://nitrox-436511-daisy-bkt-asia-south2
Nov 18 18:53:31 bastion LinuxCommandsWazuh: User abhijeet [2706228]:  2011  # No -m flag, no custom threads. Just simple and slow.
Nov 18 18:53:33 bastion LinuxCommandsWazuh: User abhijeet [2706228]:  2011  # No -m flag, no custom threads. Just simple and slow.
Nov 18 18:54:00 bastion LinuxCommandsWazuh: User abhijeet [2745767]:  1998  ssh abhijeet@34.131.0.213
Nov 18 18:54:11 bastion LinuxCommandsWazuh: User abhijeet [2745767]:  1999  ps -ef | grep gsutil
Nov 18 18:54:30 bastion LinuxCommandsWazuh: User abhijeet [2745767]:  2000  nload
Nov 18 18:54:57 bastion LinuxCommandsWazuh: User abhijeet [2745767]:  2001  sudo apt install nload
Nov 18 19:00:05 bastion LinuxCommandsWazuh: User abhijeet [2706228]:  2012  gsutil rsync -r gs://nitrox-436511-daisy-bkt-asia-south2 s3://nitrox-436511-daisy-bkt-asia-south2
Nov 18 19:00:30 bastion LinuxCommandsWazuh: User abhijeet [2706228]:  2013  ls
Nov 18 19:00:31 bastion LinuxCommandsWazuh: User abhijeet [2706228]:  2014  df -g
Nov 18 19:00:34 bastion LinuxCommandsWazuh: User abhijeet [2706228]:  2015  df -h
Nov 18 19:00:51 bastion LinuxCommandsWazuh: User abhijeet [2706228]:  2016  df -h ./
Nov 18 19:01:01 bastion LinuxCommandsWazuh: User abhijeet [2706228]:  2017  ls
Nov 18 19:01:08 bastion LinuxCommandsWazuh: User abhijeet [2706228]:  2018  mkdir bucket
Nov 18 19:01:10 bastion LinuxCommandsWazuh: User abhijeet [2706228]:  2019  cd bucket/
Nov 18 19:01:11 bastion LinuxCommandsWazuh: User abhijeet [2706228]:  2020  l
Nov 18 19:02:39 bastion LinuxCommandsWazuh: User abhijeet [2706228]:  2021  gsutil cp gs://nitrox-436511-daisy-bkt-asia-south2/daisy-image-export-ext-20250212-08:02:12-j86l5/outs/export-disk ./export-disk-temp
Nov 18 19:04:18 bastion LinuxCommandsWazuh: User abhijeet [2706228]:  2022  gsutil cp ./export-disk-temp s3://nitrox-436511-daisy-bkt-asia-south2/daisy-image-export-ext-20250212-08:02:12-j86l5/outs/export-disk
Nov 18 19:04:19 bastion LinuxCommandsWazuh: User abhijeet [2706228]:  2023  ls
Nov 18 19:04:51 bastion LinuxCommandsWazuh: User abhijeet [2706228]:  2024  aws s3 cp ./export-disk-temp s3://nitrox-436511-daisy-bkt-asia-south2/daisy-image-export-ext-20250212-08:02:12-j86l5/outs/export-disk
Nov 18 19:12:31 bastion LinuxCommandsWazuh: User rihan [2748765]:  1655  k describe ingress nitrox-production 
Nov 18 19:12:40 bastion LinuxCommandsWazuh: User rihan [2748765]:  1656  make cookie-bash 
Nov 18 19:12:51 bastion LinuxCommandsWazuh: User abhijeet [2706228]:  2025  gcloud transfer jobs create nitrologsbucket-bucket-migration \
Nov 18 19:13:01 bastion LinuxCommandsWazuh: message repeated 2 times: [ User abhijeet [2706228]:  2025  gcloud transfer jobs create nitrologsbucket-bucket-migration \]
Nov 18 19:13:02 bastion LinuxCommandsWazuh: User abhijeet [2706228]:  2026  --aws-s3-access-key-id=AKIA5BLPP2FDSPS6U447 \
Nov 18 19:13:48 bastion LinuxCommandsWazuh: User abhijeet [2706228]:  2027  gcloud transfer jobs create nitrologsbucket-bucket-migration --source-gcs-bucket=gs://nitrologsbucket --aws-s3-access-key-id=AKIA5BLPP2FDSPS6U447 --aws-s3-secret-access-key=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
Nov 18 19:14:08 bastion LinuxCommandsWazuh: User rihan [2749038]:  1655  k describe ingress nitrox-production 
Nov 18 19:14:10 bastion LinuxCommandsWazuh: User rihan [2749038]:  1656  psq;
Nov 18 19:14:11 bastion LinuxCommandsWazuh: User rihan [2749038]:  1656  psq;
Nov 18 19:16:03 bastion LinuxCommandsWazuh: User abhijeet [2706228]:  2028  gcloud transfer authorize
Nov 18 19:16:42 bastion LinuxCommandsWazuh: User abhijeet [2706228]:  2029  gcloud transfer jobs create nitrologsbucket-bucket-migration --source-gcs-bucket=gs://nitrologsbucket --aws-s3-access-key-id=AKIA5BLPP2FDSPS6U447 --aws-s3-secret-access-key=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 --name="transfer-gcs-to-aws-final"
Nov 18 19:17:10 bastion LinuxCommandsWazuh: User rihan [2749038]:  1657  psql
Nov 18 19:17:15 bastion LinuxCommandsWazuh: User abhijeet [2706228]:  2030  ls
Nov 18 19:17:23 bastion LinuxCommandsWazuh: User ashish [2750149]: 24  byobu
Nov 18 19:17:27 bastion LinuxCommandsWazuh: User ashish [1905219]: 38  stern cookie-cutter | grep "LUCIRA DEBUG FOR WEBENGAGE STEP_5: ORG_ID: 4f4c60be-3e68-41c2-97d6-ec8fd1df4bf2, event_name: add"
Nov 18 19:17:28 bastion LinuxCommandsWazuh: message repeated 3 times: [ User ashish [1905219]: 38  stern cookie-cutter | grep "LUCIRA DEBUG FOR WEBENGAGE STEP_5: ORG_ID: 4f4c60be-3e68-41c2-97d6-ec8fd1df4bf2, event_name: add"]
Nov 18 19:21:09 bastion LinuxCommandsWazuh: User abhijeet [2706228]:  2031  gcloud transfer jobs create s3://nitrologsbucket --source-bucket=gs://nitrologsbucket --name="transfer-gcs-to-aws-final"
Nov 18 19:21:28 bastion LinuxCommandsWazuh: User abhijeet [2706228]:  2032  ls
Nov 18 19:21:58 bastion LinuxCommandsWazuh: User abhijeet [2706228]:  2033  gcloud transfer jobs create s3://nitrologsbucket --source-endpoint=gs://nitrologsbucket --name="transfer-gcs-to-aws-final"
Nov 18 19:24:08 bastion LinuxCommandsWazuh: User abhijeet [2706228]:  2034  sudo -v ; curl https://rclone.org/install.sh | sudo bash
Nov 18 19:25:54 bastion LinuxCommandsWazuh: User abhijeet [2706228]:  2035  rclone sync gs://nitrologsbucket s3://nitrologsbucket 
Nov 18 19:26:04 bastion LinuxCommandsWazuh: User abhijeet [2706228]:  2036  rclone sync gs://nitrologsbucket s3://nitrologsbucket
Nov 18 19:27:56 bastion LinuxCommandsWazuh: User abhijeet [2745767]:  2002  nload 
Nov 18 19:27:58 bastion LinuxCommandsWazuh: User abhijeet [2745767]:  2003  exut
Nov 18 19:30:26 bastion LinuxCommandsWazuh: User abhijeet [2706228]:  2037  ls
Nov 18 19:30:35 bastion LinuxCommandsWazuh: User abhijeet [2706228]:  2038  lsblk ./
Nov 18 19:30:43 bastion LinuxCommandsWazuh: User abhijeet [2706228]:  2039  ls -lrth
Nov 18 19:30:49 bastion LinuxCommandsWazuh: User abhijeet [2706228]:  2040  rm export-disk-temp 
Nov 18 19:30:49 bastion LinuxCommandsWazuh: User abhijeet [2706228]:  2041  ls
Nov 18 19:30:51 bastion LinuxCommandsWazuh: User abhijeet [2706228]:  2041  ls
Nov 18 19:34:37 bastion LinuxCommandsWazuh: User rihan [2767163]:  1657  psql