Project

General

Profile

Bug #7759 » relapsed.txt

Rajmund Hruška, 07/18/2024 11:12 AM

 
1
2024-07-01 04:20:08,437 mentat-reporter.py [1987451] INFO: abuse@xxxx.cz: Found 4 event(s) with severity 'medium' and time interval 2024-07-01T00:20:00 -> 2024-07-01T02:20:00 (2:00:00).
2
2024-07-01 04:20:08,443 mentat-reporter.py [1987451] INFO: abuse@xxxx.cz: Filters let 4 events through, 0 blocked.
3
2024-07-01 04:20:08,444 mentat-reporter.py [1987451] INFO: Event with ID 'a85ebf74-f4b6-4826-9113-2f74bbfefb5b' contains unknown detector 'cz.cesnet.xxxxxxx'. Assuming full credibility.
4
2024-07-01 04:20:08,444 mentat-reporter.py [1987451] INFO: Event with ID '0b377bd6-9cf9-4fa2-a80c-a3d1517e7b2b' contains unknown detector 'cz.cesnet.xxxxxxx'. Assuming full credibility.
5
2024-07-01 04:20:08,444 mentat-reporter.py [1987451] INFO: Event with ID '13fce9c1-0336-4bce-a6f4-9e03003e9aae' contains unknown detector 'cz.cesnet.xxxxxxx'. Assuming full credibility.
6
2024-07-01 04:20:08,444 mentat-reporter.py [1987451] INFO: Event with ID '65a67b65-3fa0-45c0-8787-ae1f563851c1' contains unknown detector 'cz.cesnet.xxxxxxx'. Assuming full credibility.
7
2024-07-01 04:20:08,446 mentat-reporter.py [1987451] INFO: ('abuse@xxxx.cz',): Thresholds let 4 events through, 0 blocked.
8
2024-07-01 04:20:08,472 mentat-reporter.py [1987451] INFO: Modifying report 205851: header bcc changed from None to ['abuse@yyyy.cz']
9
2024-07-01 04:20:08,472 mentat-reporter.py [1987451] INFO: Modifying report 205851: header from changed from None to xxxxxxxxxxxxxxxxx
10
2024-07-01 04:20:08,472 mentat-reporter.py [1987451] INFO: Modifying report 205851: header reply_to changed from None to xxxxxxxxxxxxxx
11
2024-07-01 04:20:08,472 mentat-reporter.py [1987451] INFO: Modifying report 205851: header return_path changed from None to xxxxxxxxxxxxxxxxxx
12
2024-07-01 04:20:08,472 mentat-reporter.py [1987451] INFO: Sending email: '{'to': ['abuse@xxxx.cz'], 'cc': [], 'report_id': '205851', 'report_type': 'extra', 'report_severity': 'medium', 'report_evcount': 4, 'report_window': '2024-07-01T00:20:00___2024-07-01T02:20:00', 'rep
13
ort_testdata': False, 'subject': '[205851] Střední - Upozornění na možné problémy týkající se stroje 147.xxx.xxx.xxx', 'report_id_par': '205850', 'report_srcip': '147.xxx.xxx.xxx', 'bcc': ['abuse@yyyy.cz'], 'from': 'xxxxxxxxxxxxxxxxx', 'reply_to': 'xxxxxxxxxxxxxx', 'return_path': 'xxxxxxxxxxxxxxxxxx'}'
14
2024-07-01 04:20:08,491 mentat-reporter.py [1987451] INFO: Updated thresholding cache with record - TTL=2024-07-07T02:20:00|RLP=2024-07-05T02:20:00|THR=2024-07-01T02:20:00|KEY=vulnerable-config-tls-old+++147.xxx.xxx.xxx
15
2024-07-01 04:20:08,493 mentat-reporter.py [1987451] INFO: abuse@xxxx.cz: Generated summary report '205850' with severity 'medium' and time interval 2024-07-01T00:20:00 -> 2024-07-01T02:20:00 (2:00:00).
16

    
17
2024-07-07 04:20:09,523 mentat-reporter.py [1012802] INFO: abuse@xxxx.cz: Found 4 event(s) with severity 'medium' and time interval 2024-07-07T00:20:00 -> 2024-07-07T02:20:00 (2:00:00).
18
2024-07-07 04:20:09,530 mentat-reporter.py [1012802] INFO: abuse@xxxx.cz: Filters let 4 events through, 0 blocked.
19
2024-07-07 04:20:09,530 mentat-reporter.py [1012802] INFO: Event with ID '4a3fb736-19c0-45c2-a92f-73008c09c0ce' contains unknown detector 'cz.cesnet.xxxxxxx'. Assuming full credibility.
20
2024-07-07 04:20:09,530 mentat-reporter.py [1012802] INFO: Event with ID 'b5b1738e-1ef6-41ee-92b8-ddc83b314b8b' contains unknown detector 'cz.cesnet.xxxxxxx'. Assuming full credibility.
21
2024-07-07 04:20:09,530 mentat-reporter.py [1012802] INFO: Event with ID '0421ffe3-5cdb-4c2e-99c0-240cedba510a' contains unknown detector 'cz.cesnet.xxxxxxx'. Assuming full credibility.
22
2024-07-07 04:20:09,530 mentat-reporter.py [1012802] INFO: Event with ID 'c7c36300-453f-4d0e-a8ec-1aae601652d4' contains unknown detector 'cz.cesnet.xxxxxxx'. Assuming full credibility.
23
2024-07-07 04:20:09,534 mentat-reporter.py [1012802] INFO: Recorded thresholded event with record - CT=2024-07-07T02:20:00|KEY=vulnerable-config-tls-old+++147.xxx.xxx.xxx|EID=4a3fb736-19c0-45c2-a92f-73008c09c0ce|GRP=abuse@xxxx.cz|SEV=medium
24
2024-07-07 04:20:09,536 mentat-reporter.py [1012802] INFO: Recorded thresholded event with record - CT=2024-07-07T02:20:00|KEY=vulnerable-config-tls-old+++147.xxx.xxx.xxx|EID=b5b1738e-1ef6-41ee-92b8-ddc83b314b8b|GRP=abuse@xxxx.cz|SEV=medium
25
2024-07-07 04:20:09,538 mentat-reporter.py [1012802] INFO: Recorded thresholded event with record - CT=2024-07-07T02:20:00|KEY=vulnerable-config-tls-old+++147.xxx.xxx.xxx|EID=0421ffe3-5cdb-4c2e-99c0-240cedba510a|GRP=abuse@xxxx.cz|SEV=medium
26
2024-07-07 04:20:09,540 mentat-reporter.py [1012802] INFO: Recorded thresholded event with record - CT=2024-07-07T02:20:00|KEY=vulnerable-config-tls-old+++147.xxx.xxx.xxx|EID=c7c36300-453f-4d0e-a8ec-1aae601652d4|GRP=abuse@xxxx.cz|SEV=medium
27
2024-07-07 04:20:09,540 mentat-reporter.py [1012802] INFO: ('abuse@xxxx.cz',): Thresholds blocked all 4 events, nothing to report.
28
2024-07-07 04:20:09,544 mentat-reporter.py [1012802] INFO: abuse@xxxx.cz: Found 12 relapsed event(s) with severity 'medium' and relapse threshold TTL '2024-07-07T02:20:00'.
29
2024-07-07 04:20:09,591 mentat-reporter.py [1012802] INFO: Modifying report 205948: header bcc changed from None to ['abuse@yyyy.cz']
30
2024-07-07 04:20:09,591 mentat-reporter.py [1012802] INFO: Modifying report 205948: header from changed from None to xxxxxxxxxxxxxxxxx
31
2024-07-07 04:20:09,591 mentat-reporter.py [1012802] INFO: Modifying report 205948: header reply_to changed from None to xxxxxxxxxxxxxx
32
2024-07-07 04:20:09,591 mentat-reporter.py [1012802] INFO: Modifying report 205948: header return_path changed from None to xxxxxxxxxxxxxxxxxx
33
2024-07-07 04:20:09,591 mentat-reporter.py [1012802] INFO: Sending email: '{'to': ['abuse@xxxx.cz'], 'cc': [], 'report_id': '205948', 'report_type': 'extra', 'report_severity': 'medium', 'report_evcount': 12, 'report_window': '2024-07-07T00:20:00___2024-07-07T02:20:00', 'report_testdata': False, 'subject': '[205948] Střední - Upozornění na možné problémy týkající se stroje 147.xxx.xxx.xxx', 'report_id_par': '205947', 'report_srcip': '147.xxx.xxx.xxx', 'bcc': ['abuse@yyyy.cz'], 'from': 'xxxxxxxxxxxxxxxxx', 'reply_to': 'xxxxxxxxxxxxxx', 'return_path': 'xxxxxxxxxxxxxxxxxx'}'
34
2024-07-07 04:20:09,609 mentat-reporter.py [1012802] INFO: abuse@xxxx.cz: Generated summary report '205947' with severity 'medium' and time interval 2024-07-07T00:20:00 -> 2024-07-07T02:20:00 (2:00:00).
35

    
36

    
37
2024-07-08 06:20:14,763 mentat-reporter.py [1208620] INFO: abuse@xxxx.cz: Found 4 event(s) with severity 'medium' and time interval 2024-07-08T02:20:00 -> 2024-07-08T04:20:00 (2:00:00).
38
2024-07-08 06:20:14,769 mentat-reporter.py [1208620] INFO: abuse@xxxx.cz: Filters let 4 events through, 0 blocked.
39
2024-07-08 06:20:14,770 mentat-reporter.py [1208620] INFO: Event with ID 'fefb9df2-13c5-4afa-a509-4ccff837abbf' contains unknown detector 'cz.cesnet.xxxxxxx'. Assuming full credibility.
40
2024-07-08 06:20:14,770 mentat-reporter.py [1208620] INFO: Event with ID 'd2ebe091-09a3-443a-8872-cf8bd713c4ad' contains unknown detector 'cz.cesnet.xxxxxxx'. Assuming full credibility.
41
2024-07-08 06:20:14,770 mentat-reporter.py [1208620] INFO: Event with ID '9015755a-2d58-4621-8527-03f022088448' contains unknown detector 'cz.cesnet.xxxxxxx'. Assuming full credibility.
42
2024-07-08 06:20:14,770 mentat-reporter.py [1208620] INFO: Event with ID '19455a26-4541-476f-a157-c7a39cd0bd10' contains unknown detector 'cz.cesnet.xxxxxxx'. Assuming full credibility.
43
2024-07-08 06:20:14,772 mentat-reporter.py [1208620] INFO: ('abuse@xxxx.cz',): Thresholds let 4 events through, 0 blocked.
44
2024-07-08 06:20:14,810 mentat-reporter.py [1208620] INFO: Modifying report 205961: header bcc changed from None to ['abuse@yyyy.cz']
45
2024-07-08 06:20:14,810 mentat-reporter.py [1208620] INFO: Modifying report 205961: header from changed from None to xxxxxxxxxxxxxxxxx
46
2024-07-08 06:20:14,810 mentat-reporter.py [1208620] INFO: Modifying report 205961: header reply_to changed from None to xxxxxxxxxxxxxx
47
2024-07-08 06:20:14,810 mentat-reporter.py [1208620] INFO: Modifying report 205961: header return_path changed from None to xxxxxxxxxxxxxxxxxx
48
2024-07-08 06:20:14,810 mentat-reporter.py [1208620] INFO: Sending email: '{'to': ['abuse@xxxx.cz'], 'cc': [], 'report_id': '205961', 'report_type': 'extra', 'report_severity': 'medium', 'report_evcount': 4, 'report_window': '2024-07-08T02:20:00___2024-07-08T04:20:00', 'report_testdata': False, 'subject': '[205961] Střední - Upozornění na možné problémy týkající se stroje 147.xxx.xxx.xxx', 'report_id_par': '205960', 'report_srcip': '147.xxx.xxx.xxx', 'bcc': ['abuse@yyyy.cz'], 'from': 'xxxxxxxxxxxxxxxxx', 'reply_to': 'xxxxxxxxxxxxxx', 'return_path': 'xxxxxxxxxxxxxxxxxx'}'
49
2024-07-08 06:20:14,833 mentat-reporter.py [1208620] INFO: Updated thresholding cache with record - TTL=2024-07-14T04:20:00|RLP=2024-07-12T04:20:00|THR=2024-07-08T04:20:00|KEY=vulnerable-config-tls-old+++147.xxx.xxx.xxx
50
2024-07-08 06:20:14,836 mentat-reporter.py [1208620] INFO: abuse@xxxx.cz: Generated summary report '205960' with severity 'medium' and time interval 2024-07-08T02:20:00 -> 2024-07-08T04:20:00 (2:00:00).
51

    
    (1-1/1)