API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 17th, 2019
110
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 54.02 KB | None | 0 0
raw download clone embed print report
  1. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3436483},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.411Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 27.757049] Bluetooth: Core ver 2.22","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  2. {"ecs":{"version":"1.0.1"},"log":{"file":{"path":"/var/log/kern.log"},"offset":3436816},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.411Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 27.757075] Bluetooth: HCI socket layer initialized","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"type":"beats"}
  3. {"ecs":{"version":"1.0.1"},"log":{"file":{"path":"/var/log/kern.log"},"offset":3437165},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.411Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 28.046237] usbcore: registered new interface driver btusb","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"type":"beats"}
  4. {"ecs":{"version":"1.0.1"},"log":{"file":{"path":"/var/log/kern.log"},"offset":3437529},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.411Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 28.272845] Bluetooth: hci0: RTL: rom_version status=0 version=1","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"type":"beats"}
  5. {"ecs":{"version":"1.0.1"},"log":{"file":{"path":"/var/log/kern.log"},"offset":3437822},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.411Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 28.760815] Bluetooth: hci0: RTL: rtl: loading rtl_bt/rtl8723b_config.bin","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"type":"beats"}
  6. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3438202},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.411Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 28.760838] ","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  7. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3438593},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.411Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 29.017480] uvcvideo 1-5:1.0: Entity type for entity Camera 1 was not initialized!","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  8. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3439031},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.411Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 36.499498] audit: type=1400 audit(1567750663.615:2): apparmor=\"STATUS\" operation=\"profile_load\" profile=\"unconfined\" name=\"/usr/bin/man\" pid=1060 comm=\"apparmor_parser\"","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  9. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3439846},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.411Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 36.729706] audit: type=1400 audit(1567750663.843:6): apparmor=\"STATUS\" operation=\"profile_load\" profile=\"unconfined\" name=\"libreoffice-senddoc\" pid=1062 comm=\"apparmor_parser\"","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  10. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3440726},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.411Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 36.754111] audit: type=1400 audit(1567750663.871:10): apparmor=\"STATUS\" operation=\"profile_load\" profile=\"unconfined\" name=\"/usr/lib/connman/scripts/dhclient-script\" pid=1056 comm=\"apparmor_parser\"","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  11. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3441351},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.411Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:49 squad kernel: [ 42.799560] Bluetooth: BNEP socket layer initialized","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  12. {"ecs":{"version":"1.0.1"},"log":{"file":{"path":"/var/log/kern.log"},"offset":3441758},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.411Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:48:02 squad kernel: [ 55.848462] wlo1: send auth to 34:fa:9f:36:d4:88 (try 1/3)","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"type":"beats"}
  13. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3442126},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.411Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:48:02 squad kernel: [ 55.874828] wlo1: associated","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  14. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3442521},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.411Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:48:06 squad kernel: [ 59.752489] NET: Registered protocol family 5","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  15. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3442962},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.411Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:48:55 squad kernel: [ 108.799303] bridge: filtering via arp/ip/ip6tables is no longer available by default. Update your scripts to load br_netfilter if you need this.","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  16. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3443377},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.411Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:49:06 squad kernel: [ 119.392057] Bluetooth: RFCOMM TTY layer initialized","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  17. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3443734},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.412Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:58:53 squad kernel: [ 706.644952] JFS: nTxBlock = 8192, nTxLock = 65536","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  18. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3417904},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.409Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 1.331290] mce: Using 8 MCE banks","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  19. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3418156},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.409Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 1.331387] microcode: Microcode Update Driver: v2.2.","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  20. {"ecs":{"version":"1.0.1"},"log":{"file":{"path":"/var/log/kern.log"},"offset":3418440},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.409Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 1.331584] Loading compiled-in X.509 certificates","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"type":"beats"}
  21. {"ecs":{"version":"1.0.1"},"log":{"file":{"path":"/var/log/kern.log"},"offset":3418846},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.409Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 1.335550] Loaded UEFI:db cert 'Microsoft Corporation UEFI CA 2011: 13adbf4309bd82709c8cd54f316ed522988a1bd4' linked to secondary sys keyring","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"type":"beats"}
  22. {"ecs":{"version":"1.0.1"},"log":{"file":{"path":"/var/log/kern.log"},"offset":3419303},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.409Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 1.335974] MODSIGN: Couldn't get UEFI MokListRT","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"type":"beats"}
  23. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3419537},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.409Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 1.345188] Key type trusted registered","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  24. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3419777},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.409Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 1.352812] ima: Allocated hash algorithm: sha1","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  25. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3420022},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.409Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 1.379102] evm: security.selinux","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  26. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3420227},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.409Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 1.379104] evm: security.SMACK64TRANSMUTE","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  27. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3420442},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.409Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 1.379105] evm: security.ima","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  28. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3420641},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.409Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 1.380213] Magic number: 3:821:265","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  29. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3420953},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.409Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 1.381813] Freeing unused decrypted memory: 2040K","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  30. {"ecs":{"version":"1.0.1"},"log":{"file":{"path":"/var/log/kern.log"},"offset":3421220},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.409Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 1.406775] Freeing unused kernel image memory: 2016K","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"type":"beats"}
  31. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3421582},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.409Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 1.430395] x86/mm: Checked W+X mappings: passed, no W+X pages found.","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  32. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3421954},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.409Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 1.557120] ahci 0000:00:17.0: flags: 64bit ncq pm led clo only pio slum part deso sadm sds apst ","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  33. {"ecs":{"version":"1.0.1"},"log":{"file":{"path":"/var/log/kern.log"},"offset":3422381},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.409Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 1.560038] scsi host1: ahci","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"type":"beats"}
  34. {"ecs":{"version":"1.0.1"},"log":{"file":{"path":"/var/log/kern.log"},"offset":3422740},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.409Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 1.561289] r8169 0000:01:00.0 eth0: RTL8106e, 40:b0:34:6c:1f:f0, XID 449, IRQ 124","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"type":"beats"}
  35. {"ecs":{"version":"1.0.1"},"log":{"file":{"path":"/var/log/kern.log"},"offset":3423173},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.409Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 1.733663] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=0","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"type":"beats"}
  36. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3423541},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.409Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 1.870203] ata2: SATA link up 1.5 Gbps (SStatus 113 SControl 300)","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  37. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3423921},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.409Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 1.882477] ata1.00: ATA-10: ST1000LM035-1RK172, RSM4, max UDMA/100","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  38. {"ecs":{"version":"1.0.1"},"log":{"file":{"path":"/var/log/kern.log"},"offset":3424331},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.409Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 1.929411] sd 0:0:0:0: Attached scsi generic sg0 type 0","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"type":"beats"}
  39. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3424711},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.409Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 1.929498] sd 0:0:0:0: [sda] Mode Sense: 00 3a 00 00","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  40. {"ecs":{"version":"1.0.1"},"log":{"file":{"path":"/var/log/kern.log"},"offset":3425181},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.409Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 2.007624] cdrom: Uniform CD-ROM driver Revision: 3.20","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"type":"beats"}
  41. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3425442},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.409Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 2.011593] usb 1-4: New USB device found, idVendor=0bda, idProduct=b008, bcdDevice= 2.00","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  42. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3425756},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.409Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 2.011598] usb 1-4: Manufacturer: Realtek ","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  43. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3425995},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.409Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 2.069866] sd 0:0:0:0: [sda] Attached SCSI disk","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  44. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3426301},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.409Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 2.311018] psmouse serio1: synaptics: queried min coordinates: x [1330..], y [1094..]","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  45. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3426628},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.409Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 2.332875] usb 1-5: New USB device found, idVendor=05c8, idProduct=038f, bcdDevice= 1.02","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  46. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3426942},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.409Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 2.332880] usb 1-5: Manufacturer: Generic","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  47. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3427190},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.410Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 2.347261] usbcore: registered new interface driver usbhid","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  48. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3427516},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.410Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 2.372210] psmouse serio1: synaptics: Touchpad model: 1, fw: 8.1, id: 0x1e2b1, caps: 0xf00123/0x840300/0x2e800/0x0, board id: 3127, fw id: 8526786","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  49. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3428032},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.410Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 2.407062] input: Logitech USB Receiver Consumer Control as /devices/pci0000:00/0000:00:14.0/usb1/1-1/1-1:1.1/0003:046D:C534.0002/input/input7","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  50. {"ecs":{"version":"1.0.1"},"log":{"file":{"path":"/var/log/kern.log"},"offset":3428510},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.410Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 2.466795] hid-generic 0003:046D:C534.0002: input,hiddev0,hidraw1: USB HID v1.11 Mouse [Logitech USB Receiver] on usb-0000:00:14.0-1/input1","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"type":"beats"}
  51. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3428840},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.410Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 2.985997] raid6: avx2x2 gen() 17566 MB/s","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  52. {"ecs":{"version":"1.0.1"},"log":{"file":{"path":"/var/log/kern.log"},"offset":3429074},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.410Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 3.129995] raid6: avx2x1 xor() 9894 MB/s","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"type":"beats"}
  53. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3429308},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.410Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 3.273996] raid6: sse2x2 gen() 8819 MB/s","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  54. {"ecs":{"version":"1.0.1"},"log":{"file":{"path":"/var/log/kern.log"},"offset":3429542},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.410Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 3.418001] raid6: sse2x1 xor() 5140 MB/s","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"type":"beats"}
  55. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3429799},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.410Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 3.418003] raid6: using avx2x2 recovery algorithm","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  56. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3430072},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.410Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 14.930999] EXT4-fs (sda6): mounted filesystem with ordered data mode. Opts: (null)","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  57. {"ecs":{"version":"1.0.1"},"log":{"file":{"path":"/var/log/kern.log"},"offset":3430422},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.410Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 21.913702] EXT4-fs (sda6): re-mounted. Opts: errors=remount-ro","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"type":"beats"}
  58. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3430809},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.410Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 25.297385] input: HP Wireless hotkeys as /devices/virtual/input/input11","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  59. {"ecs":{"version":"1.0.1"},"log":{"file":{"path":"/var/log/kern.log"},"offset":3431246},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.410Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 25.781370] RAPL PMU: hw unit of domain pp0-core 2^-14 Joules","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"type":"beats"}
  60. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3431620},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.410Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 25.781374] RAPL PMU: hw unit of domain psys 2^-14 Joules","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  61. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3432011},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.410Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 26.020899] AVX2 version of gcm_enc/dec engaged.","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  62. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3432347},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.410Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 26.298564] intel_rapl: Found RAPL domain core","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  63. {"ecs":{"version":"1.0.1"},"log":{"file":{"path":"/var/log/kern.log"},"offset":3432671},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.410Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 26.358495] input: HP WMI hotkeys as /devices/virtual/input/input12","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"type":"beats"}
  64. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3433057},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.410Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 26.745832] checking generic (a0000000 408000) vs hw (a0000000 10000000)","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  65. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3433423},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.410Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 26.747480] [drm] Supports vblank timestamp caching Rev 2 (21.10.2013).","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  66. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3433876},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.410Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 26.764320] ACPI: Video Device [GFX0] (multi-head: yes rom: no post: no)","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  67. {"ecs":{"version":"1.0.1"},"log":{"file":{"path":"/var/log/kern.log"},"offset":3434364},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.410Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 26.771994] fbcon: inteldrmfb (fb0) is primary device","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"type":"beats"}
  68. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3434766},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.410Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 27.294092] snd_hda_codec_realtek hdaudioC0D0: autoconfig for ALC3227: line_outs=1 (0x14/0x0/0x0/0x0/0x0) type:speaker","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  69. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3435256},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.411Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 27.294098] snd_hda_codec_realtek hdaudioC0D0: inputs:","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  70. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3435670},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.411Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 27.333528] input: HDA Intel PCH Headphone as /devices/pci0000:00/0000:00:1f.3/sound/card0/input15","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  71. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3436210},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.411Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 27.333813] input: HDA Intel PCH HDMI/DP,pcm=9 as /devices/pci0000:00/0000:00:1f.3/sound/card0/input19","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  72. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3436634},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.411Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 27.757070] NET: Registered protocol family 31","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  73. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3436988},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.411Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 27.757085] Bluetooth: SCO socket layer initialized","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  74. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3437350},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.411Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 28.271834] Bluetooth: hci0: RTL: rtl: examining hci_ver=06 hci_rev=000b lmp_ver=06 lmp_subver=8723","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  75. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3437673},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.411Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 28.272847] Bluetooth: hci0: RTL: rtl: loading rtl_bt/rtl8723b_fw.bin","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  76. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3437975},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.411Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 28.760832] bluetooth hci0: Direct firmware load for rtl_bt/rtl8723b_config.bin failed with error -2","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  77. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3438354},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.411Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 29.017477] uvcvideo 1-5:1.0: Entity type for entity Extension 4 was not initialized!","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  78. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3438860},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.411Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 29.017642] usbcore: registered new interface driver uvcvideo","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  79. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3439435},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.411Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 36.499506] audit: type=1400 audit(1567750663.615:4): apparmor=\"STATUS\" operation=\"profile_load\" profile=\"unconfined\" name=\"man_groff\" pid=1060 comm=\"apparmor_parser\"","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  80. {"ecs":{"version":"1.0.1"},"log":{"file":{"path":"/var/log/kern.log"},"offset":3440261},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.411Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:48 squad kernel: [ 36.754106] audit: type=1400 audit(1567750663.871:8): apparmor=\"STATUS\" operation=\"profile_load\" profile=\"unconfined\" name=\"/usr/lib/NetworkManager/nm-dhcp-client.action\" pid=1056 comm=\"apparmor_parser\"","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"type":"beats"}
  81. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3441172},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.411Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:49 squad kernel: [ 42.799555] Bluetooth: BNEP (Ethernet Emulation) ver 1.3","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  82. {"ecs":{"version":"1.0.1"},"log":{"file":{"path":"/var/log/kern.log"},"offset":3441586},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.411Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:47:58 squad kernel: [ 51.239227] r8169 0000:01:00.0 enp1s0: Link is Down","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"type":"beats"}
  83. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3441915},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.411Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:48:02 squad kernel: [ 55.854063] wlo1: associate with 34:fa:9f:36:d4:88 (try 1/3)","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  84. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3442289},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.411Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:48:03 squad kernel: [ 55.912068] wlo1: Limiting TX power to 36 (36 - 0) dBm as advertised by 34:fa:9f:36:d4:88","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  85. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3442667},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.411Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:48:40 squad kernel: [ 93.852696] kauditd_printk_skb: 35 callbacks suppressed","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  86. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3443215},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.411Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:48:58 squad kernel: [ 111.108793] bpfilter: Loaded bpfilter_umh pid 2950","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  87. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3443550},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.412Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:49:06 squad kernel: [ 119.392102] Bluetooth: RFCOMM ver 1.11","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  88. {"type":"beats","log":{"file":{"path":"/var/log/kern.log"},"offset":3443903},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:08.412Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 11:58:54 squad kernel: [ 707.364536] QNX4 filesystem 0.2.3 registered.","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  89. {"ecs":{"version":"1.0.1"},"log":{"file":{"path":"/var/log/auth.log"},"offset":286838},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:18.621Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 12:47:14 squad sudo: gopal : TTY=pts/3 ; PWD=/home/gopal/squadrun/requirements ; USER=root ; COMMAND=/usr/bin/fish","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"type":"beats"}
  90. {"type":"beats","log":{"file":{"path":"/var/log/auth.log"},"offset":286963},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:18.621Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 12:47:14 squad sudo: pam_unix(sudo:session): session opened for user root by (uid=0)","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  91. {"type":"beats","log":{"file":{"path":"/var/log/auth.log"},"offset":287155},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:53.624Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 12:47:45 squad sudo: pam_unix(sudo:session): session opened for user root by (uid=0)","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  92. {"type":"beats","log":{"file":{"path":"/var/log/auth.log"},"offset":287055},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:17:53.623Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 12:47:45 squad sudo: gopal : TTY=pts/2 ; PWD=/var/log ; USER=root ; COMMAND=/usr/bin/fish","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  93. {"type":"beats","log":{"file":{"path":"/var/log/auth.log"},"offset":287247},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:20:08.631Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 12:50:01 squad CRON[18809]: pam_unix(cron:session): session opened for user root by (uid=0)","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  94. {"type":"beats","log":{"file":{"path":"/var/log/auth.log"},"offset":287346},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:20:08.631Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 12:50:01 squad CRON[18809]: pam_unix(cron:session): session closed for user root","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  95. {"type":"beats","log":{"file":{"path":"/var/log/auth.log"},"offset":287434},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:25:03.804Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 12:55:02 squad CRON[19328]: pam_unix(cron:session): session opened for user root by (uid=0)","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  96. {"ecs":{"version":"1.0.1"},"log":{"file":{"path":"/var/log/auth.log"},"offset":287533},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:25:03.940Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 12:55:02 squad CRON[19328]: pam_unix(cron:session): session closed for user root","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"type":"beats"}
  97. {"type":"beats","log":{"file":{"path":"/var/log/auth.log"},"offset":287621},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:30:08.984Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 13:00:03 squad CRON[19761]: pam_unix(cron:session): session opened for user root by (uid=0)","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  98. {"type":"beats","log":{"file":{"path":"/var/log/auth.log"},"offset":287720},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:30:08.984Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 13:00:04 squad CRON[19761]: pam_unix(cron:session): session closed for user root","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"ecs":{"version":"1.0.1"}}
  99. {"ecs":{"version":"1.0.1"},"log":{"file":{"path":"/var/log/auth.log"},"offset":287808},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:35:03.998Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 13:05:03 squad CRON[20355]: pam_unix(cron:session): session opened for user root by (uid=0)","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"type":"beats"}
  100. {"ecs":{"version":"1.0.1"},"log":{"file":{"path":"/var/log/auth.log"},"offset":287907},"host":{"name":"squad"},"@version":"1","@timestamp":"2019-09-06T07:35:03.998Z","agent":{"hostname":"squad","id":"18aded70-5948-4fd7-b312-3c788d1c4fff","ephemeral_id":"ef68c38b-2b50-4269-af2c-ca9f1687c62a","version":"7.3.1","type":"filebeat"},"message":"Sep 6 13:05:03 squad CRON[20355]: pam_unix(cron:session): session closed for user root","input":{"type":"log"},"tags":["beats_input_codec_plain_applied"],"fields":{"env":"local"},"type":"beats"}
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!