Events

Filter Events

Event Type

Severity

Hosts

Showing 9601-9650 of 33400 events

Time	Hosts	Type	Server IP	User IP	User	Details	Severity
Dec 1, 23:36:27 3 months ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`export HISTFILESIZE=10000`	Info
Dec 1, 23:36:14 3 months ago	default-host	Ssh Logout	`140.82.46.49`	`N/A`	root	No details	Info
Dec 1, 23:36:14 3 months ago	default-host	Ssh Logout	`140.82.46.49`	`N/A`	session_705	No details	Info
Dec 1, 23:36:14 3 months ago	default-host	Ssh Logout	`140.82.46.49`	`N/A`	root	No details	Info
Dec 1, 23:36:12 3 months ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`export HISTFILE="${HOME}/.bash_history_$(date +%Y%...`	Critical
Dec 1, 23:36:12 3 months ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`echo '=== COMPROMISED: LISTENER TRACKING CODE ==='`	Info
Dec 1, 23:36:12 3 months ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`docker exec azuracast find /var/azuracast/www -nam...`	Critical
Dec 1, 23:36:12 3 months ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`head -20`	Info
Dec 1, 23:36:11 3 months ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`export HISTFILESIZE=50000`	Info
Dec 1, 23:36:11 3 months ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`export HISTCONTROL=""`	Info
Dec 1, 23:36:11 3 months ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`shopt -s histappend`	Critical
Dec 1, 23:36:10 3 months ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`shopt -s histappend`	Critical
Dec 1, 23:36:10 3 months ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`export HISTTIMEFORMAT="%Y-%m-%d %H:%M:%S "`	Critical
Dec 1, 23:36:10 3 months ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`export HISTSIZE=50000`	Info
Dec 1, 23:36:09 3 months ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`export HISTSIZE=10000`	Info
Dec 1, 23:36:09 3 months ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`export HISTFILESIZE=10000`	Info
Dec 1, 23:36:09 3 months ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`export HISTCONTROL=`	Info
Dec 1, 23:36:08 3 months ago	default-host	Ssh Login	`140.82.46.49`	`66.135.25.80`	root	No details	Warning
Dec 1, 23:36:08 3 months ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`export HISTTIMEFORMAT="%Y-%m-%d %H:%M:%S "`	Critical
Dec 1, 23:33:03 3 months ago	default-host	Azuracast Web User Login	`64.176.194.149`	`173.63.205.69`	N/A	No details	Info
Dec 1, 23:32:01 3 months ago	default-host	Azuracast Web User Login	`64.176.194.149`	`173.63.205.69`	N/A	No details	Info
Dec 1, 23:31:02 3 months ago	default-host	Azuracast Web User Login	`64.176.194.149`	`173.63.205.69`	N/A	No details	Info
Dec 1, 23:30:00 3 months ago	default-host	Azuracast Web User Login	`64.176.194.149`	`173.63.205.69`	N/A	No details	Info
Dec 1, 23:29:02 3 months ago	default-host	Azuracast Web User Login	`64.176.194.149`	`173.63.205.69`	N/A	No details	Info
Dec 1, 23:28:03 3 months ago	default-host	Azuracast Web User Login	`64.176.194.149`	`173.63.205.69`	N/A	No details	Info
Dec 1, 23:27:44 3 months ago	default-host	Ssh Logout	`140.82.46.49`	`N/A`	root	No details	Info
Dec 1, 23:27:44 3 months ago	default-host	Ssh Logout	`140.82.46.49`	`N/A`	session_703	No details	Info
Dec 1, 23:27:44 3 months ago	default-host	Ssh Logout	`140.82.46.49`	`N/A`	root	No details	Info
Dec 1, 23:27:43 3 months ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`grep ESTABLISHED`	Critical
Dec 1, 23:27:43 3 months ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`grep -v '127.0.0.1'`	Info
Dec 1, 23:27:42 3 months ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`echo`	Info
Dec 1, 23:27:42 3 months ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`echo '=== COMPROMISED: EXTERNAL CONNECTIONS ==='`	Info
Dec 1, 23:27:42 3 months ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`netstat -tnp 2> /dev/null`	Info
Dec 1, 23:27:41 3 months ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`grep -E 'audit\|grutu\|python'`	Info
Dec 1, 23:27:41 3 months ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`grep -v grep`	Info
Dec 1, 23:27:40 3 months ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`export HISTFILE="${HOME}/.bash_history_$(date +%Y%...`	Critical
Dec 1, 23:27:40 3 months ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`echo '=== COMPROMISED: AUDIT/GRUTU/PYTHON ==='`	Info
Dec 1, 23:27:40 3 months ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`ps aux`	Info
Dec 1, 23:27:39 3 months ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`export HISTFILESIZE=50000`	Info
Dec 1, 23:27:39 3 months ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`export HISTCONTROL=""`	Info
Dec 1, 23:27:39 3 months ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`shopt -s histappend`	Critical
Dec 1, 23:27:38 3 months ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`shopt -s histappend`	Critical
Dec 1, 23:27:38 3 months ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`export HISTTIMEFORMAT="%Y-%m-%d %H:%M:%S "`	Critical
Dec 1, 23:27:38 3 months ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`export HISTSIZE=50000`	Info
Dec 1, 23:27:37 3 months ago	default-host	Ssh Login	`140.82.46.49`	`66.135.25.80`	root	No details	Warning
Dec 1, 23:27:37 3 months ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`export HISTTIMEFORMAT="%Y-%m-%d %H:%M:%S "`	Critical
Dec 1, 23:27:37 3 months ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`export HISTSIZE=10000`	Info
Dec 1, 23:27:37 3 months ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`export HISTFILESIZE=10000`	Info
Dec 1, 23:27:37 3 months ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`export HISTCONTROL=`	Info
Dec 1, 23:27:01 3 months ago	default-host	Azuracast Web User Login	`64.176.194.149`	`173.63.205.69`	N/A	No details	Info