API tools faq
paste
Advertisement
Guest User

Untitled

a guest
May 15th, 2017
611
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 12.73 KB | None | 0 0
raw download clone embed print report
  1. type=USER_AUTH msg=audit(1494868813.971:543982): pid=18329 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:authentication grantors=pam_succeed_if,pam_sss acct="sbuehler" exe="/usr/sbin/sshd" hostname=66-87-124-196.pools.spcsdns.net addr=66.87.124.196 terminal=ssh res=success'
  2. type=USER_ACCT msg=audit(1494868813.987:543983): pid=18329 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:accounting grantors=pam_unix,pam_sss,pam_permit acct="sbuehler" exe="/usr/sbin/sshd" hostname=66-87-124-196.pools.spcsdns.net addr=66.87.124.196 terminal=ssh res=success'
  3. type=CRYPTO_KEY_USER msg=audit(1494868813.987:543984): pid=18329 uid=0 auid=4294967295 ses=4294967295 msg='op=destroy kind=session fp=? direction=both spid=18330 suid=74 rport=8417 laddr=155.37.254.147 lport=22 exe="/usr/sbin/sshd" hostname=? addr=66.87.124.196 terminal=? res=success'
  4. type=USER_AUTH msg=audit(1494868813.989:543985): pid=18329 uid=0 auid=4294967295 ses=4294967295 msg='op=success acct="sbuehler" exe="/usr/sbin/sshd" hostname=? addr=66.87.124.196 terminal=ssh res=success'
  5. type=CRED_ACQ msg=audit(1494868813.992:543986): pid=18329 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:setcred grantors=pam_localuser,pam_sss acct="sbuehler" exe="/usr/sbin/sshd" hostname=66-87-124-196.pools.spcsdns.net addr=66.87.124.196 terminal=ssh res=success'
  6. type=LOGIN msg=audit(1494868813.993:543987): pid=18329 uid=0 old-auid=4294967295 auid=16608 old-ses=4294967295 ses=29780 res=1
  7. type=CRYPTO_KEY_USER msg=audit(1494868919.505:543988): pid=18347 uid=0 auid=4294967295 ses=4294967295 msg='op=destroy kind=server fp=23:a9:0a:9a:8d:9d:27:ea:d2:b2:3f:cd:26:1b:a1:95 direction=? spid=18347 suid=0 exe="/usr/sbin/sshd" hostname=? addr=71.234.4.122 terminal=? res=success'
  8. type=CRYPTO_KEY_USER msg=audit(1494868919.505:543989): pid=18347 uid=0 auid=4294967295 ses=4294967295 msg='op=destroy kind=server fp=7a:20:9c:82:31:e6:46:95:3a:44:20:fe:0f:0e:e4:44 direction=? spid=18347 suid=0 exe="/usr/sbin/sshd" hostname=? addr=71.234.4.122 terminal=? res=success'
  9. type=CRYPTO_KEY_USER msg=audit(1494868919.506:543990): pid=18347 uid=0 auid=4294967295 ses=4294967295 msg='op=destroy kind=server fp=69:6e:ea:d8:6e:1d:bb:21:f5:91:68:be:d8:df:64:2e direction=? spid=18347 suid=0 exe="/usr/sbin/sshd" hostname=? addr=71.234.4.122 terminal=? res=success'
  10. type=CRYPTO_SESSION msg=audit(1494868919.534:543991): pid=18346 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256@libssh.org spid=18347 suid=74 rport=58846 laddr=155.37.254.147 lport=22 exe="/usr/sbin/sshd" hostname=? addr=71.234.4.122 terminal=? res=success'
  11. type=CRYPTO_SESSION msg=audit(1494868919.534:543992): pid=18346 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256@libssh.org spid=18347 suid=74 rport=58846 laddr=155.37.254.147 lport=22 exe="/usr/sbin/sshd" hostname=? addr=71.234.4.122 terminal=? res=success'
  12.  
  13.  
  14. //////
  15.  
  16. type=USER_AUTH msg=audit(1494868813.971:543982): pid=18329 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:authentication grantors=pam_succeed_if,pam_sss acct="sbuehler" exe="/usr/sbin/sshd" hostname=66-87-124-196.pools.spcsdns.net addr=66.87.124.196 terminal=ssh res=success'
  17. type=USER_ACCT msg=audit(1494868813.987:543983): pid=18329 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:accounting grantors=pam_unix,pam_sss,pam_permit acct="sbuehler" exe="/usr/sbin/sshd" hostname=66-87-124-196.pools.spcsdns.net addr=66.87.124.196 terminal=ssh res=success'
  18. type=CRYPTO_KEY_USER msg=audit(1494868813.987:543984): pid=18329 uid=0 auid=4294967295 ses=4294967295 msg='op=destroy kind=session fp=? direction=both spid=18330 suid=74 rport=8417 laddr=155.37.254.147 lport=22 exe="/usr/sbin/sshd" hostname=? addr=66.87.124.196 terminal=? res=success'
  19. type=USER_AUTH msg=audit(1494868813.989:543985): pid=18329 uid=0 auid=4294967295 ses=4294967295 msg='op=success acct="sbuehler" exe="/usr/sbin/sshd" hostname=? addr=66.87.124.196 terminal=ssh res=success'
  20. type=CRED_ACQ msg=audit(1494868813.992:543986): pid=18329 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:setcred grantors=pam_localuser,pam_sss acct="sbuehler" exe="/usr/sbin/sshd" hostname=66-87-124-196.pools.spcsdns.net addr=66.87.124.196 terminal=ssh res=success'
  21. type=LOGIN msg=audit(1494868813.993:543987): pid=18329 uid=0 old-auid=4294967295 auid=16608 old-ses=4294967295 ses=29780 res=1
  22. type=CRYPTO_KEY_USER msg=audit(1494868919.505:543988): pid=18347 uid=0 auid=4294967295 ses=4294967295 msg='op=destroy kind=server fp=23:a9:0a:9a:8d:9d:27:ea:d2:b2:3f:cd:26:1b:a1:95 direction=? spid=18347 suid=0 exe="/usr/sbin/sshd" hostname=? addr=71.234.4.122 terminal=? res=success'
  23. type=CRYPTO_KEY_USER msg=audit(1494868919.505:543989): pid=18347 uid=0 auid=4294967295 ses=4294967295 msg='op=destroy kind=server fp=7a:20:9c:82:31:e6:46:95:3a:44:20:fe:0f:0e:e4:44 direction=? spid=18347 suid=0 exe="/usr/sbin/sshd" hostname=? addr=71.234.4.122 terminal=? res=success'
  24. type=CRYPTO_KEY_USER msg=audit(1494868919.506:543990): pid=18347 uid=0 auid=4294967295 ses=4294967295 msg='op=destroy kind=server fp=69:6e:ea:d8:6e:1d:bb:21:f5:91:68:be:d8:df:64:2e direction=? spid=18347 suid=0 exe="/usr/sbin/sshd" hostname=? addr=71.234.4.122 terminal=? res=success'
  25. type=CRYPTO_SESSION msg=audit(1494868919.534:543991): pid=18346 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-server cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256@libssh.org spid=18347 suid=74 rport=58846 laddr=155.37.254.147 lport=22 exe="/usr/sbin/sshd" hostname=? addr=71.234.4.122 terminal=? res=success'
  26. type=CRYPTO_SESSION msg=audit(1494868919.534:543992): pid=18346 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-client cipher=chacha20-poly1305@openssh.com ksize=512 mac= pfs=curve25519-sha256@libssh.org spid=18347 suid=74 rport=58846 laddr=155.37.254.147 lport=22 exe="/usr/sbin/sshd" hostname=? addr=71.234.4.122 terminal=? res=success'
  27.  
  28.  
  29.  
  30. /////
  31.  
  32. type=USER_AUTH msg=audit(1494622574.217:527041): pid=16801 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:authentication grantors=pam_succeed_if,pam_sss acct="egrau" exe="/usr/sbin/sshd" hostname=50-1-7-111.dsl.dynamic.fusionbroadband.com addr=50.1.7.111 terminal=ssh res=success'
  33. type=USER_ACCT msg=audit(1494622574.230:527042): pid=16801 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:accounting grantors=pam_unix,pam_sss,pam_permit acct="egrau" exe="/usr/sbin/sshd" hostname=50-1-7-111.dsl.dynamic.fusionbroadband.com addr=50.1.7.111 terminal=ssh res=success'
  34. type=CRYPTO_KEY_USER msg=audit(1494622574.231:527043): pid=16801 uid=0 auid=4294967295 ses=4294967295 msg='op=destroy kind=session fp=? direction=both spid=16802 suid=74 rport=51015 laddr=155.37.254.147 lport=22 exe="/usr/sbin/sshd" hostname=? addr=50.1.7.111 terminal=? res=success'
  35. type=USER_AUTH msg=audit(1494622574.234:527044): pid=16801 uid=0 auid=4294967295 ses=4294967295 msg='op=success acct="egrau" exe="/usr/sbin/sshd" hostname=? addr=50.1.7.111 terminal=ssh res=success'
  36. type=CRED_ACQ msg=audit(1494622574.236:527045): pid=16801 uid=0 auid=4294967295 ses=4294967295 msg='op=PAM:setcred grantors=pam_localuser,pam_sss acct="egrau" exe="/usr/sbin/sshd" hostname=50-1-7-111.dsl.dynamic.fusionbroadband.com addr=50.1.7.111 terminal=ssh res=success'
  37. type=LOGIN msg=audit(1494622574.236:527046): pid=16801 uid=0 old-auid=4294967295 auid=5728 old-ses=4294967295 ses=28881 res=1
  38. type=USER_START msg=audit(1494622574.346:527047): pid=16801 uid=0 auid=5728 ses=28881 msg='op=PAM:session_open grantors=pam_selinux,pam_loginuid,pam_selinux,pam_namespace,pam_keyinit,pam_keyinit,pam_limits,pam_systemd,pam_unix,pam_sss,pam_lastlog acct="egrau" exe="/usr/sbin/sshd" hostname=50-1-7-111.dsl.dynamic.fusionbroadband.com addr=50.1.7.111 terminal=ssh res=success'
  39. type=CRYPTO_KEY_USER msg=audit(1494622574.348:527048): pid=16801 uid=0 auid=5728 ses=28881 msg='op=destroy kind=session fp=? direction=both spid=16801 suid=0 rport=51015 laddr=155.37.254.147 lport=22 exe="/usr/sbin/sshd" hostname=? addr=50.1.7.111 terminal=? res=success'
  40. type=CRYPTO_KEY_USER msg=audit(1494622574.348:527049): pid=16810 uid=0 auid=5728 ses=28881 msg='op=destroy kind=server fp=23:a9:0a:9a:8d:9d:27:ea:d2:b2:3f:cd:26:1b:a1:95 direction=? spid=16810 suid=0 exe="/usr/sbin/sshd" hostname=? addr=50.1.7.111 terminal=? res=success'
  41. type=CRYPTO_KEY_USER msg=audit(1494622574.349:527050): pid=16810 uid=0 auid=5728 ses=28881 msg='op=destroy kind=server fp=7a:20:9c:82:31:e6:46:95:3a:44:20:fe:0f:0e:e4:44 direction=? spid=16810 suid=0 exe="/usr/sbin/sshd" hostname=? addr=50.1.7.111 terminal=? res=success'
  42. type=CRYPTO_KEY_USER msg=audit(1494622574.349:527051): pid=16810 uid=0 auid=5728 ses=28881 msg='op=destroy kind=server fp=69:6e:ea:d8:6e:1d:bb:21:f5:91:68:be:d8:df:64:2e direction=? spid=16810 suid=0 exe="/usr/sbin/sshd" hostname=? addr=50.1.7.111 terminal=? res=success'
  43. type=CRED_ACQ msg=audit(1494622574.350:527052): pid=16810 uid=0 auid=5728 ses=28881 msg='op=PAM:setcred grantors=pam_localuser,pam_sss acct="egrau" exe="/usr/sbin/sshd" hostname=50-1-7-111.dsl.dynamic.fusionbroadband.com addr=50.1.7.111 terminal=ssh res=success'
  44. type=USER_LOGIN msg=audit(1494622574.646:527053): pid=16801 uid=0 auid=5728 ses=28881 msg='op=login id=5728 exe="/usr/sbin/sshd" hostname=50-1-7-111.dsl.dynamic.fusionbroadband.com addr=50.1.7.111 terminal=/dev/pts/0 res=success'
  45. type=USER_START msg=audit(1494622574.646:527054): pid=16801 uid=0 auid=5728 ses=28881 msg='op=login id=5728 exe="/usr/sbin/sshd" hostname=50-1-7-111.dsl.dynamic.fusionbroadband.com addr=50.1.7.111 terminal=/dev/pts/0 res=success'
  46. type=CRYPTO_KEY_USER msg=audit(1494622574.658:527055): pid=16801 uid=0 auid=5728 ses=28881 msg='op=destroy kind=server fp=69:6e:ea:d8:6e:1d:bb:21:f5:91:68:be:d8:df:64:2e direction=? spid=16811 suid=5728 exe="/usr/sbin/sshd" hostname=? addr=50.1.7.111 terminal=? res=success'
  47. type=CRYPTO_KEY_USER msg=audit(1494622576.862:527056): pid=16849 uid=0 auid=4294967295 ses=4294967295 msg='op=destroy kind=server fp=23:a9:0a:9a:8d:9d:27:ea:d2:b2:3f:cd:26:1b:a1:95 direction=? spid=16849 suid=0 exe="/usr/sbin/sshd" hostname=? addr=121.18.238.123 terminal=? res=success'
  48. type=CRYPTO_KEY_USER msg=audit(1494622576.862:527057): pid=16849 uid=0 auid=4294967295 ses=4294967295 msg='op=destroy kind=server fp=7a:20:9c:82:31:e6:46:95:3a:44:20:fe:0f:0e:e4:44 direction=? spid=16849 suid=0 exe="/usr/sbin/sshd" hostname=? addr=121.18.238.123 terminal=? res=success'
  49. type=CRYPTO_KEY_USER msg=audit(1494622576.862:527058): pid=16849 uid=0 auid=4294967295 ses=4294967295 msg='op=destroy kind=server fp=69:6e:ea:d8:6e:1d:bb:21:f5:91:68:be:d8:df:64:2e direction=? spid=16849 suid=0 exe="/usr/sbin/sshd" hostname=? addr=121.18.238.123 terminal=? res=success'
  50. type=CRYPTO_SESSION msg=audit(1494622577.124:527059): pid=16848 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-server cipher=aes128-ctr ksize=128 mac=hmac-sha1 pfs=diffie-hellman-group14-sha1 spid=16849 suid=74 rport=35090 laddr=155.37.254.147 lport=22 exe="/usr/sbin/sshd" hostname=? addr=121.18.238.123 terminal=? res=success'
  51. type=CRYPTO_SESSION msg=audit(1494622577.124:527060): pid=16848 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-client cipher=aes128-ctr ksize=128 mac=hmac-sha1 pfs=diffie-hellman-group14-sha1 spid=16849 suid=74 rport=35090 laddr=155.37.254.147 lport=22 exe="/usr/sbin/sshd" hostname=? addr=121.18.238.123 terminal=? res=success'
  52. type=CRYPTO_KEY_USER msg=audit(1494622579.059:527061): pid=16848 uid=0 auid=4294967295 ses=4294967295 msg='op=destroy kind=server fp=69:6e:ea:d8:6e:1d:bb:21:f5:91:68:be:d8:df:64:2e direction=? spid=16849 suid=74 exe="/usr/sbin/sshd" hostname=? addr=121.18.238.123 terminal=? res=success'
  53. type=CRYPTO_KEY_USER msg=audit(1494622579.059:527062): pid=16848 uid=0 auid=4294967295 ses=4294967295 msg='op=destroy kind=session fp=? direction=both spid=16849 suid=74 rport=35090 laddr=155.37.254.147 lport=22 exe="/usr/sbin/sshd" hostname=? addr=121.18.238.123 terminal=? res=success'
  54. type=CRYPTO_KEY_USER msg=audit(1494622579.059:527063): pid=16848 uid=0 auid=4294967295 ses=4294967295 msg='op=destroy kind=server fp=23:a9:0a:9a:8d:9d:27:ea:d2:b2:3f:cd:26:1b:a1:95 direction=? spid=16848 suid=0 exe="/usr/sbin/sshd" hostname=? addr=121.18.238.123 terminal=? res=success'
  55. type=CRYPTO_KEY_USER msg=audit(1494622579.061:527064): pid=16848 uid=0 auid=4294967295 ses=4294967295 msg='op=destroy kind=server fp=7a:20:9c:82:31:e6:46:95:3a:44:20:fe:0f:0e:e4:44 direction=? spid=16848 suid=0 exe="/usr/sbin/sshd" hostname=? addr=121.18.238.123 terminal=? res=success'
  56. type=CRYPTO_KEY_USER msg=audit(1494622579.061:527065): pid=16848 uid=0 auid=4294967295 ses=4294967295 msg='op=destroy kind=server fp=69:6e:ea:d8:6e:1d:bb:21:f5:91:68:be:d8:df:64:2e direction=? spid=16848 suid=0 exe="/usr/sbin/sshd" hostname=? addr=121.18.238.123 terminal=? res=success'
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!