Events

Filter Events

Event Type

Severity

Hosts

Showing 9701-9750 of 32402 events

Time	Hosts	Type	Server IP	User IP	User	Details	Severity
Dec 1, 22:58:42 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`uptime`	Info
Dec 1, 22:58:42 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`echo`	Info
Dec 1, 22:58:42 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`echo '=== TOP 15 CPU CONSUMERS ==='`	Info
Dec 1, 22:58:42 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`ps aux --sort=-%cpu`	Info
Dec 1, 22:58:41 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`shopt -s histappend`	Critical
Dec 1, 22:58:41 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`export HISTFILE="${HOME}/.bash_history_$(date +%Y%...`	Critical
Dec 1, 22:58:41 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`echo '=== AZURA1 CPU STATUS ==='`	Info
Dec 1, 22:58:40 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`export HISTSIZE=50000`	Info
Dec 1, 22:58:40 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`export HISTFILESIZE=50000`	Info
Dec 1, 22:58:40 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`export HISTCONTROL=""`	Info
Dec 1, 22:58:39 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`export HISTFILESIZE=10000`	Info
Dec 1, 22:58:39 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`export HISTCONTROL=`	Info
Dec 1, 22:58:39 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`shopt -s histappend`	Critical
Dec 1, 22:58:39 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`export HISTTIMEFORMAT="%Y-%m-%d %H:%M:%S "`	Critical
Dec 1, 22:58:38 3 weeks ago	default-host	Ssh Login	`64.176.212.158`	`66.135.25.80`	root	No details	Warning
Dec 1, 22:58:38 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`export HISTTIMEFORMAT="%Y-%m-%d %H:%M:%S "`	Critical
Dec 1, 22:58:38 3 weeks ago	default-host	Command	`64.176.212.158`	`66.135.25.80`	root	`export HISTSIZE=10000`	Info
Dec 1, 22:58:02 3 weeks ago	default-host	Azuracast Web User Login	`64.176.194.149`	`173.63.205.69`	N/A	No details	Info
Dec 1, 22:57:04 3 weeks ago	default-host	Azuracast Web User Login	`64.176.194.149`	`173.63.205.69`	N/A	No details	Info
Dec 1, 22:56:02 3 weeks ago	default-host	Azuracast Web User Login	`64.176.194.149`	`173.63.205.69`	N/A	No details	Info
Dec 1, 22:55:05 3 weeks ago	default-host	Azuracast Web User Login	`64.176.194.149`	`173.63.205.69`	N/A	No details	Info
Dec 1, 22:54:01 3 weeks ago	default-host	Azuracast Web User Login	`64.176.194.149`	`173.63.205.69`	N/A	No details	Info
Dec 1, 22:53:03 3 weeks ago	default-host	Azuracast Web User Login	`64.176.194.149`	`173.63.205.69`	N/A	No details	Info
Dec 1, 22:45:55 3 weeks ago	default-host	Ssh Logout	`140.82.46.49`	`N/A`	root	No details	Info
Dec 1, 22:45:55 3 weeks ago	default-host	Ssh Logout	`140.82.46.49`	`N/A`	root	No details	Info
Dec 1, 22:45:55 3 weeks ago	default-host	Ssh Logout	`140.82.46.49`	`N/A`	session_694	No details	Info
Dec 1, 22:45:54 3 weeks ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`find /root/.claude -name "*.jsonl" 2> /dev/null`	Info
Dec 1, 22:45:54 3 weeks ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`head -10`	Info
Dec 1, 22:45:53 3 weeks ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`echo "--- Check for Claude Code sessions ---"`	Info
Dec 1, 22:45:53 3 weeks ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`ls -la /root/.claude 2> /dev/null`	Info
Dec 1, 22:45:52 3 weeks ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`echo ""`	Info
Dec 1, 22:45:52 3 weeks ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`echo "--- Unauthorized SSH keys ---"`	Critical
Dec 1, 22:45:52 3 weeks ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`find /root /home -name "authorized_keys" -exec ech...`	Info
Dec 1, 22:45:52 3 weeks ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`echo ""`	Info
Dec 1, 22:45:51 3 weeks ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`cat /etc/crontab 2> /dev/null`	Info
Dec 1, 22:45:51 3 weeks ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`ls -la /etc/cron.d/ 2> /dev/null`	Info
Dec 1, 22:45:51 3 weeks ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`crontab -l 2> /dev/null`	Info
Dec 1, 22:45:50 3 weeks ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`echo ""`	Info
Dec 1, 22:45:50 3 weeks ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`echo "--- Suspicious cron jobs ---"`	Info
Dec 1, 22:45:49 3 weeks ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`grep -v ".log"`	Info
Dec 1, 22:45:49 3 weeks ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`head -20`	Info
Dec 1, 22:45:48 3 weeks ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`echo "--- Files containing paramiko/ssh exploit pa...`	Critical
Dec 1, 22:45:48 3 weeks ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`grep -r "paramiko\\|fabric\\|pexpect\\|ssh.*connect\\|...`	Critical
Dec 1, 22:45:48 3 weeks ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`grep -v grutu`	Info
Dec 1, 22:45:47 3 weeks ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`echo ""`	Info
Dec 1, 22:45:37 3 weeks ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`grep -v "/usr/"`	Info
Dec 1, 22:45:37 3 weeks ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`head -20`	Info
Dec 1, 22:45:36 3 weeks ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`grep -v azuracast`	Info
Dec 1, 22:45:35 3 weeks ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`echo "--- Compiled Python (.pyc) without source --...`	Info
Dec 1, 22:45:35 3 weeks ago	default-host	Command	`140.82.46.49`	`66.135.25.80`	root	`find / -name "*.pyc" 2> /dev/null`	Info