Untitled
unknown
plain_text
a year ago
16 kB
8
Indexable
[ { "id": 79811, "description": "Log resets/error conditions/failures/threshold exceptions Detected\n", "magnitude": 3, "offense_type": 0, "offense_source": "23.34.240.197", "start_time": 1700218721522, "last_updated_time": 1700218721626, "event_count": 2 }, { "id": 79810, "description": "Log resets/error conditions/failures/threshold exceptions Detected\n", "magnitude": 3, "offense_type": 0, "offense_source": "23.34.240.230", "start_time": 1700218717679, "last_updated_time": 1700218717798, "event_count": 2 }, { "id": 79809, "description": "Log resets/error conditions/failures/threshold exceptions Detected\n", "magnitude": 4, "offense_type": 0, "offense_source": "169.254.3.5", "start_time": 1700218714910, "last_updated_time": 1700220747285, "event_count": 6 }, { "id": 79808, "description": "Log resets/error conditions/failures/threshold exceptions Detected\n", "magnitude": 3, "offense_type": 0, "offense_source": "23.34.240.223", "start_time": 1700218713477, "last_updated_time": 1700218719965, "event_count": 5 }, { "id": 79807, "description": "AWS instance launched with non-standard image ID\n", "magnitude": 4, "offense_type": 3, "offense_source": "max.wills@brill.com", "start_time": 1700216369106, "last_updated_time": 1700216369235, "event_count": 3 }, { "id": 79806, "description": "Web server activity observed from a high confidence Bots\n", "magnitude": 6, "offense_type": 0, "offense_source": "65.154.226.171", "start_time": 1700215574270, "last_updated_time": 1700215575223, "event_count": 8 }, { "id": 79805, "description": "RHEL:Multiple authentication failures to the same user account\n", "magnitude": 5, "offense_type": 3, "offense_source": "username@10.7.10.54", "start_time": 1700213762147, "last_updated_time": 1700215882632, "event_count": 16 }, { "id": 79804, "description": "AWS WAF - Denied traffic followed by Allow\n", "magnitude": 2, "offense_type": 0, "offense_source": "159.89.165.90", "start_time": 1700211397821, "last_updated_time": 1700211459294, "event_count": 7 }, { "id": 79803, "description": "Offense Monitoring Event\n", "magnitude": 2, "offense_type": 2, "offense_source": "Offense Monitoring Event", "start_time": 1700210039858, "last_updated_time": 1700210039858, "event_count": 1 }, { "id": 79802, "description": "Log resets/error conditions/failures/threshold exceptions Detected\n", "magnitude": 5, "offense_type": 0, "offense_source": "10.17.10.27", "start_time": 1700205548939, "last_updated_time": 1700206048162, "event_count": 5 }, { "id": 79801, "description": "User space user account added\n", "magnitude": 4, "offense_type": 3, "offense_source": "1000", "start_time": 1700205381941, "last_updated_time": 1700205709940, "event_count": 18 }, { "id": 79800, "description": "User Account Added\n", "magnitude": 4, "offense_type": 3, "offense_source": "frs-frontend-app", "start_time": 1700205186087, "last_updated_time": 1700205560964, "event_count": 4 }, { "id": 79799, "description": "Log resets/error conditions/failures/threshold exceptions Detected\n", "magnitude": 5, "offense_type": 0, "offense_source": "10.17.11.82", "start_time": 1700205185087, "last_updated_time": 1700205749109, "event_count": 5 }, { "id": 79798, "description": "Farring: Potential DoS Attack - Excess Resource Requests\n", "magnitude": 5, "offense_type": 0, "offense_source": "52.56.131.146", "start_time": 1700202942938, "last_updated_time": 1700203420773, "event_count": 618 }, { "id": 79797, "description": "Offense Monitoring Event\n", "magnitude": 2, "offense_type": 2, "offense_source": "Offense Monitoring Event", "start_time": 1700199371383, "last_updated_time": 1700199371383, "event_count": 1 }, { "id": 79796, "description": "LOG4SHELL Possible Detection - Read the Custom Rule Description for Guidance\n", "magnitude": 6, "offense_type": 0, "offense_source": "34.251.127.30", "start_time": 1700192374641, "last_updated_time": 1700192374764, "event_count": 2 }, { "id": 79795, "description": "LOG4SHELL Possible Detection - Read the Custom Rule Description for Guidance\n", "magnitude": 7, "offense_type": 0, "offense_source": "34.249.80.238", "start_time": 1700190206491, "last_updated_time": 1700211458421, "event_count": 120 }, { "id": 79794, "description": "Offense Monitoring Event\n", "magnitude": 2, "offense_type": 2, "offense_source": "Offense Monitoring Event", "start_time": 1700188605705, "last_updated_time": 1700188605705, "event_count": 1 }, { "id": 79793, "description": "Offense Monitoring Event\n", "magnitude": 2, "offense_type": 2, "offense_source": "Offense Monitoring Event", "start_time": 1700184958140, "last_updated_time": 1700184958140, "event_count": 1 }, { "id": 79792, "description": "Web server activity observed from a high confidence Bots\n", "magnitude": 4, "offense_type": 0, "offense_source": "195.123.241.30", "start_time": 1700180488153, "last_updated_time": 1700180488366, "event_count": 3 }, { "id": 79791, "description": "Log resets/error conditions/failures/threshold exceptions Detected\n", "magnitude": 3, "offense_type": 0, "offense_source": "184.30.41.180", "start_time": 1700177803138, "last_updated_time": 1700177812294, "event_count": 4 }, { "id": 79790, "description": "A user has successfully authentication from outside the UK\n", "magnitude": 4, "offense_type": 0, "offense_source": "149.34.150.140", "start_time": 1700175946376, "last_updated_time": 1700208351699, "event_count": 30 }, { "id": 79789, "description": "LOG4SHELL Possible Detection - Read the Custom Rule Description for Guidance\n", "magnitude": 6, "offense_type": 0, "offense_source": "34.249.80.238", "start_time": 1700175451069, "last_updated_time": 1700175549244, "event_count": 57 }, { "id": 79788, "description": "Log resets/error conditions/failures/threshold exceptions Detected\n", "magnitude": 4, "offense_type": 0, "offense_source": "169.254.3.12", "start_time": 1700172808869, "last_updated_time": 1700220549909, "event_count": 9 }, { "id": 79787, "description": "API request successful\n preceded by Audit Started\n preceded by Offense Closed\n", "magnitude": 2, "offense_type": 0, "offense_source": "184.26.90.85", "start_time": 1700172799988, "last_updated_time": 1700173260116, "event_count": 9 }, { "id": 79786, "description": "Log resets/error conditions/failures/threshold exceptions Detected\n", "magnitude": 3, "offense_type": 0, "offense_source": "184.26.90.84", "start_time": 1700172779879, "last_updated_time": 1700173273295, "event_count": 22 }, { "id": 79785, "description": "LOG4SHELL Possible Detection - Read the Custom Rule Description for Guidance\n", "magnitude": 7, "offense_type": 0, "offense_source": "34.251.127.30", "start_time": 1700136706848, "last_updated_time": 1700172805284, "event_count": 59 }, { "id": 79784, "description": "Offense Monitoring Event\n", "magnitude": 1, "offense_type": 2, "offense_source": "Offense Monitoring Event", "start_time": 1700170561466, "last_updated_time": 1700170561466, "event_count": 1 }, { "id": 79783, "description": "Offense Monitoring Event\n", "magnitude": 1, "offense_type": 2, "offense_source": "Offense Monitoring Event", "start_time": 1700166914952, "last_updated_time": 1700166914952, "event_count": 1 }, { "id": 79782, "description": "Offense Monitoring Event\n", "magnitude": 1, "offense_type": 2, "offense_source": "Offense Monitoring Event", "start_time": 1700163268497, "last_updated_time": 1700163268497, "event_count": 1 }, { "id": 79781, "description": "Offense Monitoring Event\n", "magnitude": 1, "offense_type": 2, "offense_source": "Offense Monitoring Event", "start_time": 1700159621435, "last_updated_time": 1700159621435, "event_count": 1 }, { "id": 79780, "description": "Log resets/error conditions/failures/threshold exceptions Detected\n", "magnitude": 3, "offense_type": 0, "offense_source": "184.26.90.84", "start_time": 1700155754618, "last_updated_time": 1700155760774, "event_count": 20 }, { "id": 79779, "description": "An unauthorized user has successfully accessed the QRadar console\n", "magnitude": 1, "offense_type": 3, "offense_source": "lucas.mendez@brill.com", "start_time": 1700155725662, "last_updated_time": 1700155726667, "event_count": 4 }, { "id": 79778, "description": "Web server activity observed from a high confidence Bots\n", "magnitude": 5, "offense_type": 0, "offense_source": "65.154.226.166", "start_time": 1700155714127, "last_updated_time": 1700155715086, "event_count": 7 }, { "id": 79777, "description": "Log resets/error conditions/failures/threshold exceptions Detected\n", "magnitude": 3, "offense_type": 0, "offense_source": "184.26.90.85", "start_time": 1700155690169, "last_updated_time": 1700172683744, "event_count": 12 }, { "id": 79776, "description": "A user has successfully authentication from outside the UK\n", "magnitude": 4, "offense_type": 0, "offense_source": "152.37.82.105", "start_time": 1700154183580, "last_updated_time": 1700157784477, "event_count": 8 }, { "id": 79775, "description": "Web server activity observed from a high confidence Bots\n", "magnitude": 5, "offense_type": 0, "offense_source": "65.154.226.168", "start_time": 1700154127170, "last_updated_time": 1700154127807, "event_count": 8 }, { "id": 79774, "description": "Farring: Potential DoS Attack - Excessive Requests\n", "magnitude": 5, "offense_type": 0, "offense_source": "95.149.144.42", "start_time": 1700152887662, "last_updated_time": 1700217267137, "event_count": 1937 }, { "id": 79773, "description": "A user has successfully authentication from outside the UK\n", "magnitude": 4, "offense_type": 0, "offense_source": "149.34.150.140", "start_time": 1700151175274, "last_updated_time": 1700169175501, "event_count": 18 }, { "id": 79772, "description": "Log resets/error conditions/failures/threshold exceptions Detected\n", "magnitude": 3, "offense_type": 0, "offense_source": "23.34.240.197", "start_time": 1700151061169, "last_updated_time": 1700155623904, "event_count": 5 }, { "id": 79771, "description": "Log resets/error conditions/failures/threshold exceptions Detected\n", "magnitude": 3, "offense_type": 0, "offense_source": "169.254.3.12", "start_time": 1700151039035, "last_updated_time": 1700162860572, "event_count": 5 }, { "id": 79770, "description": "Log resets/error conditions/failures/threshold exceptions Detected\n", "magnitude": 3, "offense_type": 0, "offense_source": "169.254.3.5", "start_time": 1700151025893, "last_updated_time": 1700162851631, "event_count": 11 }, { "id": 79769, "description": "Log resets/error conditions/failures/threshold exceptions Detected\n", "magnitude": 3, "offense_type": 0, "offense_source": "23.34.240.230", "start_time": 1700150688334, "last_updated_time": 1700150690260, "event_count": 3 }, { "id": 79768, "description": "Log resets/error conditions/failures/threshold exceptions Detected\n", "magnitude": 3, "offense_type": 0, "offense_source": "96.7.74.151", "start_time": 1700150663801, "last_updated_time": 1700150679666, "event_count": 4 }, { "id": 79767, "description": "Log resets/error conditions/failures/threshold exceptions Detected\n", "magnitude": 3, "offense_type": 0, "offense_source": "96.7.74.142", "start_time": 1700150605327, "last_updated_time": 1700150662144, "event_count": 6 }, { "id": 79766, "description": "Log resets/error conditions/failures/threshold exceptions Detected\n", "magnitude": 3, "offense_type": 0, "offense_source": "169.254.3.12", "start_time": 1700150598656, "last_updated_time": 1700150673871, "event_count": 5 }, { "id": 79765, "description": "Log resets/error conditions/failures/threshold exceptions Detected\n", "magnitude": 3, "offense_type": 0, "offense_source": "169.254.3.5", "start_time": 1700150391741, "last_updated_time": 1700150563179, "event_count": 3 }, { "id": 79764, "description": "Farring: Potential DoS Attack - Excessive Requests\n", "magnitude": 5, "offense_type": 0, "offense_source": "95.149.144.42", "start_time": 1700149229559, "last_updated_time": 1700150370797, "event_count": 1278 }, { "id": 79763, "description": "Log resets/error conditions/failures/threshold exceptions Detected\n", "magnitude": 3, "offense_type": 0, "offense_source": "23.34.240.197", "start_time": 1700149232440, "last_updated_time": 1700149232542, "event_count": 2 }, { "id": 79762, "description": "Log resets/error conditions/failures/threshold exceptions Detected\n", "magnitude": 3, "offense_type": 0, "offense_source": "23.34.240.223", "start_time": 1700148437768, "last_updated_time": 1700148468271, "event_count": 7 } ]
Editor is loading...
Leave a Comment