Scribd Logo
Upload

Welcome to Scribd!

  • May 19

    Uploaded by

    mybooks all
    9 views6 pages
    guyt

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    guyt

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    9 views6 pages

    May 19

    Uploaded by

    mybooks all
    guyt

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 6

    Daily reports Postilion

    Alarms - A05W063 from: 2018-05-19 to: 2018-05-19

    No Alarms Found for A05W063

    Alarms - A05L020 from: 2018-05-19 to: 2018-05-19

    No Alarms Found for A05L020

    Alarms - A05W067 from: 2018-05-19 to: 2018-05-19

    No Alarms Found for A05W067

    Alarms - A05W068 from: 2018-05-19 to: 2018-05-19

    No Alarms Found for A05W068

    Alarms - A05W069 from: 2018-05-19 to: 2018-05-19

    No Alarms Found for A05W069

    Alarms - A05W070 from: 2018-05-19 to: 2018-05-19

    No Alarms Found for A05W070

    Alarms - A05L015 from: 2018-05-19 to: 2018-05-19

    No Alarms Found for A05L015

    Alarms - A05L016 from: 2018-05-19 to: 2018-05-19

    No Alarms Found for A05L016

    Alarms - A05L017 from: 2018-05-19 to: 2018-05-19

    No Alarms Found for A05L017

    Alarms - A05L019 from: 2018-05-19 to: 2018-05-19

    No Alarms Found for A05L019

    User: admin / 2018-05-21 08:43:03 Page 1 / 6


    Daily reports Postilion

    Alarms - A05W065 from: 2018-05-19 to: 2018-05-19

    No Alarms Found for A05W065

    Alarms - I05W002 from: 2018-05-19 to: 2018-05-19

    No Alarms Found for I05W002

    Alarms - I05L001 from: 2018-05-19 to: 2018-05-19

    No Alarms Found for I05L001

    Alarms - I05L002 from: 2018-05-19 to: 2018-05-19

    No Alarms Found for I05L002

    Alarms - I05L000 from: 2018-05-19 to: 2018-05-19

    No Alarms Found for I05L000

    Alarms - I05W003 from: 2018-05-19 to: 2018-05-19

    No Alarms Found for I05W003

    Alarms - A01W031 from: 2018-05-19 to: 2018-05-19

    No Alarms Found for A01W031

    Alarms - A01W024 from: 2018-05-19 to: 2018-05-19

    No Alarms Found for A01W024

    Alarms - I05W001 from: 2018-05-19 to: 2018-05-19

    No Alarms Found for I05W001

    Alarms - A05W060 from: 2018-05-19 to: 2018-05-19

    No Alarms Found for A05W060

    User: admin / 2018-05-21 08:43:03 Page 2 / 6


    Daily reports Postilion

    Alarms - A05W061 from: 2018-05-19 to: 2018-05-19

    No Alarms Found for A05W061

    Alarms - A05W062 from: 2018-05-19 to: 2018-05-19

    No Alarms Found for A05W062

    Alarm events - Alarm events. Last 25 Events: from: 2018-05-19 to: 2018-05-19

    Event Name Date GMT+2:00 Source Destination Risk


    directive_event: AV Bruteforce attack, Windows
    2018-05-19 13:56:59 0.0.0.0:54970 A05W065
    authentication attack against 10.20.50.11
    directive_event: AV Bruteforce attack, Windows
    2018-05-19 13:46:36 0.0.0.0:54921 A05W065
    authentication attack against 10.20.50.11
    directive_event: AV Bruteforce attack, Windows
    2018-05-19 13:21:07 0.0.0.0:54786 A05W065
    authentication attack against 10.20.50.11
    directive_event: AV Bruteforce attack, Windows
    2018-05-19 12:28:04 0.0.0.0:54725 A05W065
    authentication attack against 10.20.50.11
    directive_event: AV Bruteforce attack, Windows
    2018-05-19 12:24:35 0.0.0.0:54684 A05W065
    authentication attack against 10.20.50.11
    directive_event: AV Bruteforce attack, Windows
    2018-05-19 12:13:11 0.0.0.0:54641 A05W065
    authentication attack against 10.20.50.11
    directive_event: AV Bruteforce attack, Windows
    2018-05-19 11:50:47 0.0.0.0:54573 A05W065
    authentication attack against 10.20.50.11
    directive_event: AV Bruteforce attack, Windows
    2018-05-19 11:36:24 0.0.0.0:54528 A05W065
    authentication attack against 10.20.50.11
    directive_event: AV Bruteforce attack, Windows
    2018-05-19 11:23:49 0.0.0.0:54466 A05W065
    authentication attack against 10.20.50.11
    directive_event: AV Bruteforce attack, Windows
    2018-05-19 08:14:49 0.0.0.0:54358 A05W065
    authentication attack against 10.20.50.11

    Logins - Logins. Last 25 Events: from: 2018-05-19 to: 2018-05-19

    User: admin / 2018-05-21 08:43:03 Page 3 / 6


    Daily reports Postilion

    Date
    Event Name Device IP Username Source Dest.
    GMT+2:00
    AlienVault HIDS: Special
    2018-05-19
    privileges assigned to new 197.97.220.130 Realtime.Service I05W001 I05W001
    23:59:54
    logon
    AlienVault HIDS: Special
    2018-05-19
    privileges assigned to new 197.97.220.130 Realtime.Service I05W001 I05W001
    23:59:54
    logon
    AlienVault HIDS: Special
    2018-05-19
    privileges assigned to new 197.97.220.130 Realtime.Service I05W001 I05W001
    23:59:54
    logon
    AlienVault HIDS: Special
    2018-05-19
    privileges assigned to new 197.97.220.130 Realtime.Service I05W001 I05W001
    23:59:54
    logon
    AlienVault HIDS: Special
    2018-05-19
    privileges assigned to new 197.97.220.130 Realtime.Service I05W001 I05W001
    23:59:54
    logon
    AlienVault HIDS:
    2018-05-19
    Windows Network Logon 197.97.220.130 Realtime.Service 0.0.0.0 I05W001
    23:59:54
    AlienVault HIDS:
    2018-05-19
    Windows Network Logon 197.97.220.130 Realtime.Service 0.0.0.0 I05W001
    23:59:54
    AlienVault HIDS:
    2018-05-19
    Windows Network Logon 197.97.220.130 Realtime.Service 0.0.0.0 I05W001
    23:59:54
    AlienVault HIDS:
    2018-05-19
    Windows Network Logon 197.97.220.130 Realtime.Service 0.0.0.0 I05W001
    23:59:54
    AlienVault HIDS:
    2018-05-19
    Windows Network Logon 197.97.220.130 Realtime.Service 0.0.0.0 I05W001
    23:59:54
    2018-05-19 AlienVault HIDS: SSHD
    10.21.20.13 swmu 192.168.116.11:54630 I05L002
    23:59:50 authentication success.
    2018-05-19 AlienVault HIDS: Login
    10.21.20.13 swmu I05L002 I05L002
    23:59:50 session opened.
    AlienVault HIDS: Special
    2018-05-19
    privileges assigned to new 10.20.20.15 svcADAudit A05W067 A05W067
    23:59:43
    logon
    AlienVault HIDS: Special
    2018-05-19
    privileges assigned to new 10.20.20.15 A05W067$ A05W067 A05W067
    23:59:43
    logon
    AlienVault HIDS:
    2018-05-19 fe80::d0f3:54ba:d160
    Windows Network Logon 10.20.20.15 svcADAudit A05W067
    23:59:43 :43f:54390
    AlienVault HIDS:
    2018-05-19
    Windows Network Logon 10.20.20.15 A05W067$ A05W067:54389 A05W067
    23:59:43
    AlienVault HIDS: Special
    2018-05-19
    privileges assigned to new 10.21.20.11 I05W002$ I05W002 I05W002
    23:59:26
    logon
    AlienVault HIDS:
    2018-05-19
    Windows Network Logon 10.21.20.11 I05W002$ I05W002:60949 I05W002
    23:59:26
    AlienVault HIDS: A
    2018-05-19 Kerberos service ticket
    10.21.20.11 I05W002$ 0.0.0.0 I05W002
    23:59:22 was requested: Success.

    AlienVault HIDS: A
    2018-05-19 Kerberos service ticket
    10.21.20.11 I05W002$ 0.0.0.0 I05W002
    23:59:22 was requested: Success.

    AlienVault HIDS:
    2018-05-19
    Windows Network Logon 10.21.20.11 A05W067$ A05W067:54384 I05W002
    23:59:22

    User: admin / 2018-05-21 08:43:03 Page 4 / 6


    Daily reports Postilion

    AlienVault HIDS: A
    2018-05-19 Kerberos service ticket
    10.20.20.15 A05W071$ A05W071:53856 A05W067
    23:59:19 was requested: Success.

    AlienVault HIDS: A
    2018-05-19 Kerberos service ticket
    10.20.20.15 A05W067$ 0.0.0.0 A05W067
    23:59:19 was requested: Success.

    AlienVault HIDS: A
    2018-05-19 Kerberos service ticket
    10.20.20.15 A05W067$ 0.0.0.0 A05W067
    23:59:19 was requested: Success.

    AlienVault HIDS:
    2018-05-19
    Windows Network Logon 10.20.20.15 I05W002$ I05W002:60946 A05W067
    23:59:19

    Cleartext - Cleartext. Last 25 Events: from: 2018-05-19 to: 2018-05-19

    No data available

    FTP Failed Logons - FTP Failed Logons. Last 25 Events: from: 2018-05-19 to: 2018-05-19

    No data available

    PCI - Protect Stored Data - Database Succesful Logins. Last 25 Events: from: 2018-05-19 to: 2018-05-19

    Event Name Date GMT+2:00 Source Destination Risk


    AlienVault HIDS: MS SQL Server Logon
    2018-05-19 23:59:58 A05W061 A05W061
    Success.
    AlienVault HIDS: MS SQL Server Logon
    2018-05-19 23:59:58 A05W061 A05W061
    Success.
    AlienVault HIDS: MS SQL Server Logon
    2018-05-19 23:59:58 A05W061 A05W061
    Success.
    AlienVault HIDS: MS SQL Server Logon
    2018-05-19 23:59:58 A05W061 A05W061
    Success.
    AlienVault HIDS: MS SQL Server Logon
    2018-05-19 23:59:58 A05W061 A05W061
    Success.
    AlienVault HIDS: MS SQL Server Logon
    2018-05-19 23:59:58 A05W061 A05W061
    Success.
    AlienVault HIDS: MS SQL Server Logon
    2018-05-19 23:59:58 A05W061 A05W061
    Success.
    AlienVault HIDS: MS SQL Server Logon
    2018-05-19 23:59:58 A05W061 A05W061
    Success.
    AlienVault HIDS: MS SQL Server Logon
    2018-05-19 23:59:58 A05W061 A05W061
    Success.
    AlienVault HIDS: MS SQL Server Logon
    2018-05-19 23:59:58 A05W061 A05W061
    Success.
    AlienVault HIDS: MS SQL Server Logon
    2018-05-19 23:59:58 A05W061 A05W061
    Success.

    User: admin / 2018-05-21 08:43:03 Page 5 / 6


    Daily reports Postilion

    AlienVault HIDS: MS SQL Server Logon


    2018-05-19 23:59:58 A05W061 A05W061
    Success.
    AlienVault HIDS: MS SQL Server Logon
    2018-05-19 23:59:58 A05W061 A05W061
    Success.
    AlienVault HIDS: MS SQL Server Logon
    2018-05-19 23:59:58 A05W061 A05W061
    Success.
    AlienVault HIDS: MS SQL Server Logon
    2018-05-19 23:59:58 A05W061 A05W061
    Success.
    AlienVault HIDS: MS SQL Server Logon
    2018-05-19 23:59:58 I05W001 I05W001
    Success.
    AlienVault HIDS: MS SQL Server Logon
    2018-05-19 23:59:58 A05W061 A05W061
    Success.
    AlienVault HIDS: MS SQL Server Logon
    2018-05-19 23:59:58 I05W001 I05W001
    Success.
    AlienVault HIDS: MS SQL Server Logon
    2018-05-19 23:59:58 A05W061 A05W061
    Success.
    AlienVault HIDS: MS SQL Server Logon
    2018-05-19 23:59:58 A05W061 A05W061
    Success.
    AlienVault HIDS: MS SQL Server Logon
    2018-05-19 23:59:58 A05W061 A05W061
    Success.
    AlienVault HIDS: MS SQL Server Logon
    2018-05-19 23:59:58 A05W061 A05W061
    Success.
    AlienVault HIDS: MS SQL Server Logon
    2018-05-19 23:59:58 A05W061 A05W061
    Success.
    AlienVault HIDS: MS SQL Server Logon
    2018-05-19 23:59:58 A05W061 A05W061
    Success.
    AlienVault HIDS: MS SQL Server Logon
    2018-05-19 23:59:58 A05W061 A05W061
    Success.

    Custom Security Events - Windows User Logons. Last 25 Events: from: 2018-05-19 to: 2018-05-19

    No data available

    User: admin / 2018-05-21 08:43:03 Page 6 / 6

    You might also like