1
|
2024-07-01 04:20:08,437 mentat-reporter.py [1987451] INFO: abuse@xxxx.cz: Found 4 event(s) with severity 'medium' and time interval 2024-07-01T00:20:00 -> 2024-07-01T02:20:00 (2:00:00).
|
2
|
2024-07-01 04:20:08,443 mentat-reporter.py [1987451] INFO: abuse@xxxx.cz: Filters let 4 events through, 0 blocked.
|
3
|
2024-07-01 04:20:08,444 mentat-reporter.py [1987451] INFO: Event with ID 'a85ebf74-f4b6-4826-9113-2f74bbfefb5b' contains unknown detector 'cz.cesnet.xxxxxxx'. Assuming full credibility.
|
4
|
2024-07-01 04:20:08,444 mentat-reporter.py [1987451] INFO: Event with ID '0b377bd6-9cf9-4fa2-a80c-a3d1517e7b2b' contains unknown detector 'cz.cesnet.xxxxxxx'. Assuming full credibility.
|
5
|
2024-07-01 04:20:08,444 mentat-reporter.py [1987451] INFO: Event with ID '13fce9c1-0336-4bce-a6f4-9e03003e9aae' contains unknown detector 'cz.cesnet.xxxxxxx'. Assuming full credibility.
|
6
|
2024-07-01 04:20:08,444 mentat-reporter.py [1987451] INFO: Event with ID '65a67b65-3fa0-45c0-8787-ae1f563851c1' contains unknown detector 'cz.cesnet.xxxxxxx'. Assuming full credibility.
|
7
|
2024-07-01 04:20:08,446 mentat-reporter.py [1987451] INFO: ('abuse@xxxx.cz',): Thresholds let 4 events through, 0 blocked.
|
8
|
2024-07-01 04:20:08,472 mentat-reporter.py [1987451] INFO: Modifying report 205851: header bcc changed from None to ['abuse@yyyy.cz']
|
9
|
2024-07-01 04:20:08,472 mentat-reporter.py [1987451] INFO: Modifying report 205851: header from changed from None to xxxxxxxxxxxxxxxxx
|
10
|
2024-07-01 04:20:08,472 mentat-reporter.py [1987451] INFO: Modifying report 205851: header reply_to changed from None to xxxxxxxxxxxxxx
|
11
|
2024-07-01 04:20:08,472 mentat-reporter.py [1987451] INFO: Modifying report 205851: header return_path changed from None to xxxxxxxxxxxxxxxxxx
|
12
|
2024-07-01 04:20:08,472 mentat-reporter.py [1987451] INFO: Sending email: '{'to': ['abuse@xxxx.cz'], 'cc': [], 'report_id': '205851', 'report_type': 'extra', 'report_severity': 'medium', 'report_evcount': 4, 'report_window': '2024-07-01T00:20:00___2024-07-01T02:20:00', 'rep
|
13
|
ort_testdata': False, 'subject': '[205851] Střední - Upozornění na možné problémy týkající se stroje 147.xxx.xxx.xxx', 'report_id_par': '205850', 'report_srcip': '147.xxx.xxx.xxx', 'bcc': ['abuse@yyyy.cz'], 'from': 'xxxxxxxxxxxxxxxxx', 'reply_to': 'xxxxxxxxxxxxxx', 'return_path': 'xxxxxxxxxxxxxxxxxx'}'
|
14
|
2024-07-01 04:20:08,491 mentat-reporter.py [1987451] INFO: Updated thresholding cache with record - TTL=2024-07-07T02:20:00|RLP=2024-07-05T02:20:00|THR=2024-07-01T02:20:00|KEY=vulnerable-config-tls-old+++147.xxx.xxx.xxx
|
15
|
2024-07-01 04:20:08,493 mentat-reporter.py [1987451] INFO: abuse@xxxx.cz: Generated summary report '205850' with severity 'medium' and time interval 2024-07-01T00:20:00 -> 2024-07-01T02:20:00 (2:00:00).
|
16
|
|
17
|
2024-07-07 04:20:09,523 mentat-reporter.py [1012802] INFO: abuse@xxxx.cz: Found 4 event(s) with severity 'medium' and time interval 2024-07-07T00:20:00 -> 2024-07-07T02:20:00 (2:00:00).
|
18
|
2024-07-07 04:20:09,530 mentat-reporter.py [1012802] INFO: abuse@xxxx.cz: Filters let 4 events through, 0 blocked.
|
19
|
2024-07-07 04:20:09,530 mentat-reporter.py [1012802] INFO: Event with ID '4a3fb736-19c0-45c2-a92f-73008c09c0ce' contains unknown detector 'cz.cesnet.xxxxxxx'. Assuming full credibility.
|
20
|
2024-07-07 04:20:09,530 mentat-reporter.py [1012802] INFO: Event with ID 'b5b1738e-1ef6-41ee-92b8-ddc83b314b8b' contains unknown detector 'cz.cesnet.xxxxxxx'. Assuming full credibility.
|
21
|
2024-07-07 04:20:09,530 mentat-reporter.py [1012802] INFO: Event with ID '0421ffe3-5cdb-4c2e-99c0-240cedba510a' contains unknown detector 'cz.cesnet.xxxxxxx'. Assuming full credibility.
|
22
|
2024-07-07 04:20:09,530 mentat-reporter.py [1012802] INFO: Event with ID 'c7c36300-453f-4d0e-a8ec-1aae601652d4' contains unknown detector 'cz.cesnet.xxxxxxx'. Assuming full credibility.
|
23
|
2024-07-07 04:20:09,534 mentat-reporter.py [1012802] INFO: Recorded thresholded event with record - CT=2024-07-07T02:20:00|KEY=vulnerable-config-tls-old+++147.xxx.xxx.xxx|EID=4a3fb736-19c0-45c2-a92f-73008c09c0ce|GRP=abuse@xxxx.cz|SEV=medium
|
24
|
2024-07-07 04:20:09,536 mentat-reporter.py [1012802] INFO: Recorded thresholded event with record - CT=2024-07-07T02:20:00|KEY=vulnerable-config-tls-old+++147.xxx.xxx.xxx|EID=b5b1738e-1ef6-41ee-92b8-ddc83b314b8b|GRP=abuse@xxxx.cz|SEV=medium
|
25
|
2024-07-07 04:20:09,538 mentat-reporter.py [1012802] INFO: Recorded thresholded event with record - CT=2024-07-07T02:20:00|KEY=vulnerable-config-tls-old+++147.xxx.xxx.xxx|EID=0421ffe3-5cdb-4c2e-99c0-240cedba510a|GRP=abuse@xxxx.cz|SEV=medium
|
26
|
2024-07-07 04:20:09,540 mentat-reporter.py [1012802] INFO: Recorded thresholded event with record - CT=2024-07-07T02:20:00|KEY=vulnerable-config-tls-old+++147.xxx.xxx.xxx|EID=c7c36300-453f-4d0e-a8ec-1aae601652d4|GRP=abuse@xxxx.cz|SEV=medium
|
27
|
2024-07-07 04:20:09,540 mentat-reporter.py [1012802] INFO: ('abuse@xxxx.cz',): Thresholds blocked all 4 events, nothing to report.
|
28
|
2024-07-07 04:20:09,544 mentat-reporter.py [1012802] INFO: abuse@xxxx.cz: Found 12 relapsed event(s) with severity 'medium' and relapse threshold TTL '2024-07-07T02:20:00'.
|
29
|
2024-07-07 04:20:09,591 mentat-reporter.py [1012802] INFO: Modifying report 205948: header bcc changed from None to ['abuse@yyyy.cz']
|
30
|
2024-07-07 04:20:09,591 mentat-reporter.py [1012802] INFO: Modifying report 205948: header from changed from None to xxxxxxxxxxxxxxxxx
|
31
|
2024-07-07 04:20:09,591 mentat-reporter.py [1012802] INFO: Modifying report 205948: header reply_to changed from None to xxxxxxxxxxxxxx
|
32
|
2024-07-07 04:20:09,591 mentat-reporter.py [1012802] INFO: Modifying report 205948: header return_path changed from None to xxxxxxxxxxxxxxxxxx
|
33
|
2024-07-07 04:20:09,591 mentat-reporter.py [1012802] INFO: Sending email: '{'to': ['abuse@xxxx.cz'], 'cc': [], 'report_id': '205948', 'report_type': 'extra', 'report_severity': 'medium', 'report_evcount': 12, 'report_window': '2024-07-07T00:20:00___2024-07-07T02:20:00', 'report_testdata': False, 'subject': '[205948] Střední - Upozornění na možné problémy týkající se stroje 147.xxx.xxx.xxx', 'report_id_par': '205947', 'report_srcip': '147.xxx.xxx.xxx', 'bcc': ['abuse@yyyy.cz'], 'from': 'xxxxxxxxxxxxxxxxx', 'reply_to': 'xxxxxxxxxxxxxx', 'return_path': 'xxxxxxxxxxxxxxxxxx'}'
|
34
|
2024-07-07 04:20:09,609 mentat-reporter.py [1012802] INFO: abuse@xxxx.cz: Generated summary report '205947' with severity 'medium' and time interval 2024-07-07T00:20:00 -> 2024-07-07T02:20:00 (2:00:00).
|
35
|
|
36
|
|
37
|
2024-07-08 06:20:14,763 mentat-reporter.py [1208620] INFO: abuse@xxxx.cz: Found 4 event(s) with severity 'medium' and time interval 2024-07-08T02:20:00 -> 2024-07-08T04:20:00 (2:00:00).
|
38
|
2024-07-08 06:20:14,769 mentat-reporter.py [1208620] INFO: abuse@xxxx.cz: Filters let 4 events through, 0 blocked.
|
39
|
2024-07-08 06:20:14,770 mentat-reporter.py [1208620] INFO: Event with ID 'fefb9df2-13c5-4afa-a509-4ccff837abbf' contains unknown detector 'cz.cesnet.xxxxxxx'. Assuming full credibility.
|
40
|
2024-07-08 06:20:14,770 mentat-reporter.py [1208620] INFO: Event with ID 'd2ebe091-09a3-443a-8872-cf8bd713c4ad' contains unknown detector 'cz.cesnet.xxxxxxx'. Assuming full credibility.
|
41
|
2024-07-08 06:20:14,770 mentat-reporter.py [1208620] INFO: Event with ID '9015755a-2d58-4621-8527-03f022088448' contains unknown detector 'cz.cesnet.xxxxxxx'. Assuming full credibility.
|
42
|
2024-07-08 06:20:14,770 mentat-reporter.py [1208620] INFO: Event with ID '19455a26-4541-476f-a157-c7a39cd0bd10' contains unknown detector 'cz.cesnet.xxxxxxx'. Assuming full credibility.
|
43
|
2024-07-08 06:20:14,772 mentat-reporter.py [1208620] INFO: ('abuse@xxxx.cz',): Thresholds let 4 events through, 0 blocked.
|
44
|
2024-07-08 06:20:14,810 mentat-reporter.py [1208620] INFO: Modifying report 205961: header bcc changed from None to ['abuse@yyyy.cz']
|
45
|
2024-07-08 06:20:14,810 mentat-reporter.py [1208620] INFO: Modifying report 205961: header from changed from None to xxxxxxxxxxxxxxxxx
|
46
|
2024-07-08 06:20:14,810 mentat-reporter.py [1208620] INFO: Modifying report 205961: header reply_to changed from None to xxxxxxxxxxxxxx
|
47
|
2024-07-08 06:20:14,810 mentat-reporter.py [1208620] INFO: Modifying report 205961: header return_path changed from None to xxxxxxxxxxxxxxxxxx
|
48
|
2024-07-08 06:20:14,810 mentat-reporter.py [1208620] INFO: Sending email: '{'to': ['abuse@xxxx.cz'], 'cc': [], 'report_id': '205961', 'report_type': 'extra', 'report_severity': 'medium', 'report_evcount': 4, 'report_window': '2024-07-08T02:20:00___2024-07-08T04:20:00', 'report_testdata': False, 'subject': '[205961] Střední - Upozornění na možné problémy týkající se stroje 147.xxx.xxx.xxx', 'report_id_par': '205960', 'report_srcip': '147.xxx.xxx.xxx', 'bcc': ['abuse@yyyy.cz'], 'from': 'xxxxxxxxxxxxxxxxx', 'reply_to': 'xxxxxxxxxxxxxx', 'return_path': 'xxxxxxxxxxxxxxxxxx'}'
|
49
|
2024-07-08 06:20:14,833 mentat-reporter.py [1208620] INFO: Updated thresholding cache with record - TTL=2024-07-14T04:20:00|RLP=2024-07-12T04:20:00|THR=2024-07-08T04:20:00|KEY=vulnerable-config-tls-old+++147.xxx.xxx.xxx
|
50
|
2024-07-08 06:20:14,836 mentat-reporter.py [1208620] INFO: abuse@xxxx.cz: Generated summary report '205960' with severity 'medium' and time interval 2024-07-08T02:20:00 -> 2024-07-08T04:20:00 (2:00:00).
|
51
|
|