Untitled

mail@pastecode.io avatar
unknown
plain_text
2 months ago
16 kB
4
Indexable
Never
[
    {
        "id": 79811,
        "description": "Log resets/error conditions/failures/threshold exceptions Detected\n",
        "magnitude": 3,
        "offense_type": 0,
        "offense_source": "23.34.240.197",
        "start_time": 1700218721522,
        "last_updated_time": 1700218721626,
        "event_count": 2
    },
    {
        "id": 79810,
        "description": "Log resets/error conditions/failures/threshold exceptions Detected\n",
        "magnitude": 3,
        "offense_type": 0,
        "offense_source": "23.34.240.230",
        "start_time": 1700218717679,
        "last_updated_time": 1700218717798,
        "event_count": 2
    },
    {
        "id": 79809,
        "description": "Log resets/error conditions/failures/threshold exceptions Detected\n",
        "magnitude": 4,
        "offense_type": 0,
        "offense_source": "169.254.3.5",
        "start_time": 1700218714910,
        "last_updated_time": 1700220747285,
        "event_count": 6
    },
    {
        "id": 79808,
        "description": "Log resets/error conditions/failures/threshold exceptions Detected\n",
        "magnitude": 3,
        "offense_type": 0,
        "offense_source": "23.34.240.223",
        "start_time": 1700218713477,
        "last_updated_time": 1700218719965,
        "event_count": 5
    },
    {
        "id": 79807,
        "description": "AWS instance launched with non-standard image ID\n",
        "magnitude": 4,
        "offense_type": 3,
        "offense_source": "max.wills@brill.com",
        "start_time": 1700216369106,
        "last_updated_time": 1700216369235,
        "event_count": 3
    },
    {
        "id": 79806,
        "description": "Web server activity observed from a high confidence Bots\n",
        "magnitude": 6,
        "offense_type": 0,
        "offense_source": "65.154.226.171",
        "start_time": 1700215574270,
        "last_updated_time": 1700215575223,
        "event_count": 8
    },
    {
        "id": 79805,
        "description": "RHEL:Multiple authentication failures to the same user account\n",
        "magnitude": 5,
        "offense_type": 3,
        "offense_source": "username@10.7.10.54",
        "start_time": 1700213762147,
        "last_updated_time": 1700215882632,
        "event_count": 16
    },
    {
        "id": 79804,
        "description": "AWS WAF - Denied traffic followed by Allow\n",
        "magnitude": 2,
        "offense_type": 0,
        "offense_source": "159.89.165.90",
        "start_time": 1700211397821,
        "last_updated_time": 1700211459294,
        "event_count": 7
    },
    {
        "id": 79803,
        "description": "Offense Monitoring Event\n",
        "magnitude": 2,
        "offense_type": 2,
        "offense_source": "Offense Monitoring Event",
        "start_time": 1700210039858,
        "last_updated_time": 1700210039858,
        "event_count": 1
    },
    {
        "id": 79802,
        "description": "Log resets/error conditions/failures/threshold exceptions Detected\n",
        "magnitude": 5,
        "offense_type": 0,
        "offense_source": "10.17.10.27",
        "start_time": 1700205548939,
        "last_updated_time": 1700206048162,
        "event_count": 5
    },
    {
        "id": 79801,
        "description": "User space user account added\n",
        "magnitude": 4,
        "offense_type": 3,
        "offense_source": "1000",
        "start_time": 1700205381941,
        "last_updated_time": 1700205709940,
        "event_count": 18
    },
    {
        "id": 79800,
        "description": "User Account Added\n",
        "magnitude": 4,
        "offense_type": 3,
        "offense_source": "frs-frontend-app",
        "start_time": 1700205186087,
        "last_updated_time": 1700205560964,
        "event_count": 4
    },
    {
        "id": 79799,
        "description": "Log resets/error conditions/failures/threshold exceptions Detected\n",
        "magnitude": 5,
        "offense_type": 0,
        "offense_source": "10.17.11.82",
        "start_time": 1700205185087,
        "last_updated_time": 1700205749109,
        "event_count": 5
    },
    {
        "id": 79798,
        "description": "Farring: Potential DoS Attack - Excess Resource Requests\n",
        "magnitude": 5,
        "offense_type": 0,
        "offense_source": "52.56.131.146",
        "start_time": 1700202942938,
        "last_updated_time": 1700203420773,
        "event_count": 618
    },
    {
        "id": 79797,
        "description": "Offense Monitoring Event\n",
        "magnitude": 2,
        "offense_type": 2,
        "offense_source": "Offense Monitoring Event",
        "start_time": 1700199371383,
        "last_updated_time": 1700199371383,
        "event_count": 1
    },
    {
        "id": 79796,
        "description": "LOG4SHELL Possible Detection - Read the Custom Rule Description for Guidance\n",
        "magnitude": 6,
        "offense_type": 0,
        "offense_source": "34.251.127.30",
        "start_time": 1700192374641,
        "last_updated_time": 1700192374764,
        "event_count": 2
    },
    {
        "id": 79795,
        "description": "LOG4SHELL Possible Detection - Read the Custom Rule Description for Guidance\n",
        "magnitude": 7,
        "offense_type": 0,
        "offense_source": "34.249.80.238",
        "start_time": 1700190206491,
        "last_updated_time": 1700211458421,
        "event_count": 120
    },
    {
        "id": 79794,
        "description": "Offense Monitoring Event\n",
        "magnitude": 2,
        "offense_type": 2,
        "offense_source": "Offense Monitoring Event",
        "start_time": 1700188605705,
        "last_updated_time": 1700188605705,
        "event_count": 1
    },
    {
        "id": 79793,
        "description": "Offense Monitoring Event\n",
        "magnitude": 2,
        "offense_type": 2,
        "offense_source": "Offense Monitoring Event",
        "start_time": 1700184958140,
        "last_updated_time": 1700184958140,
        "event_count": 1
    },
    {
        "id": 79792,
        "description": "Web server activity observed from a high confidence Bots\n",
        "magnitude": 4,
        "offense_type": 0,
        "offense_source": "195.123.241.30",
        "start_time": 1700180488153,
        "last_updated_time": 1700180488366,
        "event_count": 3
    },
    {
        "id": 79791,
        "description": "Log resets/error conditions/failures/threshold exceptions Detected\n",
        "magnitude": 3,
        "offense_type": 0,
        "offense_source": "184.30.41.180",
        "start_time": 1700177803138,
        "last_updated_time": 1700177812294,
        "event_count": 4
    },
    {
        "id": 79790,
        "description": "A user has successfully authentication from outside the UK\n",
        "magnitude": 4,
        "offense_type": 0,
        "offense_source": "149.34.150.140",
        "start_time": 1700175946376,
        "last_updated_time": 1700208351699,
        "event_count": 30
    },
    {
        "id": 79789,
        "description": "LOG4SHELL Possible Detection - Read the Custom Rule Description for Guidance\n",
        "magnitude": 6,
        "offense_type": 0,
        "offense_source": "34.249.80.238",
        "start_time": 1700175451069,
        "last_updated_time": 1700175549244,
        "event_count": 57
    },
    {
        "id": 79788,
        "description": "Log resets/error conditions/failures/threshold exceptions Detected\n",
        "magnitude": 4,
        "offense_type": 0,
        "offense_source": "169.254.3.12",
        "start_time": 1700172808869,
        "last_updated_time": 1700220549909,
        "event_count": 9
    },
    {
        "id": 79787,
        "description": "API request successful\n preceded by Audit Started\n preceded by Offense Closed\n",
        "magnitude": 2,
        "offense_type": 0,
        "offense_source": "184.26.90.85",
        "start_time": 1700172799988,
        "last_updated_time": 1700173260116,
        "event_count": 9
    },
    {
        "id": 79786,
        "description": "Log resets/error conditions/failures/threshold exceptions Detected\n",
        "magnitude": 3,
        "offense_type": 0,
        "offense_source": "184.26.90.84",
        "start_time": 1700172779879,
        "last_updated_time": 1700173273295,
        "event_count": 22
    },
    {
        "id": 79785,
        "description": "LOG4SHELL Possible Detection - Read the Custom Rule Description for Guidance\n",
        "magnitude": 7,
        "offense_type": 0,
        "offense_source": "34.251.127.30",
        "start_time": 1700136706848,
        "last_updated_time": 1700172805284,
        "event_count": 59
    },
    {
        "id": 79784,
        "description": "Offense Monitoring Event\n",
        "magnitude": 1,
        "offense_type": 2,
        "offense_source": "Offense Monitoring Event",
        "start_time": 1700170561466,
        "last_updated_time": 1700170561466,
        "event_count": 1
    },
    {
        "id": 79783,
        "description": "Offense Monitoring Event\n",
        "magnitude": 1,
        "offense_type": 2,
        "offense_source": "Offense Monitoring Event",
        "start_time": 1700166914952,
        "last_updated_time": 1700166914952,
        "event_count": 1
    },
    {
        "id": 79782,
        "description": "Offense Monitoring Event\n",
        "magnitude": 1,
        "offense_type": 2,
        "offense_source": "Offense Monitoring Event",
        "start_time": 1700163268497,
        "last_updated_time": 1700163268497,
        "event_count": 1
    },
    {
        "id": 79781,
        "description": "Offense Monitoring Event\n",
        "magnitude": 1,
        "offense_type": 2,
        "offense_source": "Offense Monitoring Event",
        "start_time": 1700159621435,
        "last_updated_time": 1700159621435,
        "event_count": 1
    },
    {
        "id": 79780,
        "description": "Log resets/error conditions/failures/threshold exceptions Detected\n",
        "magnitude": 3,
        "offense_type": 0,
        "offense_source": "184.26.90.84",
        "start_time": 1700155754618,
        "last_updated_time": 1700155760774,
        "event_count": 20
    },
    {
        "id": 79779,
        "description": "An unauthorized user has successfully accessed the QRadar console\n",
        "magnitude": 1,
        "offense_type": 3,
        "offense_source": "lucas.mendez@brill.com",
        "start_time": 1700155725662,
        "last_updated_time": 1700155726667,
        "event_count": 4
    },
    {
        "id": 79778,
        "description": "Web server activity observed from a high confidence Bots\n",
        "magnitude": 5,
        "offense_type": 0,
        "offense_source": "65.154.226.166",
        "start_time": 1700155714127,
        "last_updated_time": 1700155715086,
        "event_count": 7
    },
    {
        "id": 79777,
        "description": "Log resets/error conditions/failures/threshold exceptions Detected\n",
        "magnitude": 3,
        "offense_type": 0,
        "offense_source": "184.26.90.85",
        "start_time": 1700155690169,
        "last_updated_time": 1700172683744,
        "event_count": 12
    },
    {
        "id": 79776,
        "description": "A user has successfully authentication from outside the UK\n",
        "magnitude": 4,
        "offense_type": 0,
        "offense_source": "152.37.82.105",
        "start_time": 1700154183580,
        "last_updated_time": 1700157784477,
        "event_count": 8
    },
    {
        "id": 79775,
        "description": "Web server activity observed from a high confidence Bots\n",
        "magnitude": 5,
        "offense_type": 0,
        "offense_source": "65.154.226.168",
        "start_time": 1700154127170,
        "last_updated_time": 1700154127807,
        "event_count": 8
    },
    {
        "id": 79774,
        "description": "Farring: Potential DoS Attack - Excessive Requests\n",
        "magnitude": 5,
        "offense_type": 0,
        "offense_source": "95.149.144.42",
        "start_time": 1700152887662,
        "last_updated_time": 1700217267137,
        "event_count": 1937
    },
    {
        "id": 79773,
        "description": "A user has successfully authentication from outside the UK\n",
        "magnitude": 4,
        "offense_type": 0,
        "offense_source": "149.34.150.140",
        "start_time": 1700151175274,
        "last_updated_time": 1700169175501,
        "event_count": 18
    },
    {
        "id": 79772,
        "description": "Log resets/error conditions/failures/threshold exceptions Detected\n",
        "magnitude": 3,
        "offense_type": 0,
        "offense_source": "23.34.240.197",
        "start_time": 1700151061169,
        "last_updated_time": 1700155623904,
        "event_count": 5
    },
    {
        "id": 79771,
        "description": "Log resets/error conditions/failures/threshold exceptions Detected\n",
        "magnitude": 3,
        "offense_type": 0,
        "offense_source": "169.254.3.12",
        "start_time": 1700151039035,
        "last_updated_time": 1700162860572,
        "event_count": 5
    },
    {
        "id": 79770,
        "description": "Log resets/error conditions/failures/threshold exceptions Detected\n",
        "magnitude": 3,
        "offense_type": 0,
        "offense_source": "169.254.3.5",
        "start_time": 1700151025893,
        "last_updated_time": 1700162851631,
        "event_count": 11
    },
    {
        "id": 79769,
        "description": "Log resets/error conditions/failures/threshold exceptions Detected\n",
        "magnitude": 3,
        "offense_type": 0,
        "offense_source": "23.34.240.230",
        "start_time": 1700150688334,
        "last_updated_time": 1700150690260,
        "event_count": 3
    },
    {
        "id": 79768,
        "description": "Log resets/error conditions/failures/threshold exceptions Detected\n",
        "magnitude": 3,
        "offense_type": 0,
        "offense_source": "96.7.74.151",
        "start_time": 1700150663801,
        "last_updated_time": 1700150679666,
        "event_count": 4
    },
    {
        "id": 79767,
        "description": "Log resets/error conditions/failures/threshold exceptions Detected\n",
        "magnitude": 3,
        "offense_type": 0,
        "offense_source": "96.7.74.142",
        "start_time": 1700150605327,
        "last_updated_time": 1700150662144,
        "event_count": 6
    },
    {
        "id": 79766,
        "description": "Log resets/error conditions/failures/threshold exceptions Detected\n",
        "magnitude": 3,
        "offense_type": 0,
        "offense_source": "169.254.3.12",
        "start_time": 1700150598656,
        "last_updated_time": 1700150673871,
        "event_count": 5
    },
    {
        "id": 79765,
        "description": "Log resets/error conditions/failures/threshold exceptions Detected\n",
        "magnitude": 3,
        "offense_type": 0,
        "offense_source": "169.254.3.5",
        "start_time": 1700150391741,
        "last_updated_time": 1700150563179,
        "event_count": 3
    },
    {
        "id": 79764,
        "description": "Farring: Potential DoS Attack - Excessive Requests\n",
        "magnitude": 5,
        "offense_type": 0,
        "offense_source": "95.149.144.42",
        "start_time": 1700149229559,
        "last_updated_time": 1700150370797,
        "event_count": 1278
    },
    {
        "id": 79763,
        "description": "Log resets/error conditions/failures/threshold exceptions Detected\n",
        "magnitude": 3,
        "offense_type": 0,
        "offense_source": "23.34.240.197",
        "start_time": 1700149232440,
        "last_updated_time": 1700149232542,
        "event_count": 2
    },
    {
        "id": 79762,
        "description": "Log resets/error conditions/failures/threshold exceptions Detected\n",
        "magnitude": 3,
        "offense_type": 0,
        "offense_source": "23.34.240.223",
        "start_time": 1700148437768,
        "last_updated_time": 1700148468271,
        "event_count": 7
    }
]
Leave a Comment