Azure-Sentinel/Sample Data/CEF/illusive.csv

1	TenantId	SourceSystem	TimeGenerated	ReceiptTime	DeviceVendor	DeviceProduct	DeviceEventClassID	LogSeverity	OriginalLogSeverity	DeviceAction	SimplifiedDeviceAction	Computer	CommunicationDirection	DeviceFacility	DestinationPort	DestinationIP	DeviceAddress	DeviceName	Message	Protocol	SourcePort	SourceIP	RemoteIP	RemotePort	MaliciousIP	ThreatSeverity	IndicatorThreatType	ThreatDescription	ThreatConfidence	ReportReferenceLink	MaliciousIPLongitude	MaliciousIPLatitude	MaliciousIPCountry	DeviceVersion	Activity	ApplicationProtocol	EventCount	DestinationDnsDomain	DestinationServiceName	DestinationTranslatedAddress	DestinationTranslatedPort	DeviceDnsDomain	DeviceExternalID	DeviceInboundInterface	DeviceNtDomain	DeviceOutboundInterface	DevicePayloadId	ProcessName	DeviceTranslatedAddress	DestinationHostName	DestinationMACAddress	DestinationNTDomain	DestinationProcessId	DestinationUserPrivileges	DestinationProcessName	DeviceTimeZone	DestinationUserID	DestinationUserName	DeviceMacAddress	ProcessID	ExternalID	FileCreateTime	FileHash	FileID	FileModificationTime	FilePath	FilePermission	FileType	FileName	FileSize	ReceivedBytes	OldFileCreateTime	OldFileHash	OldFileID	OldFileModificationTime	OldFileName	OldFilePath	OldFilePermission	OldFileSize	OldFileType	SentBytes	RequestURL	RequestClientApplication	RequestContext	RequestCookies	RequestMethod	SourceHostName	SourceMACAddress	SourceNTDomain	SourceDnsDomain	SourceServiceName	SourceTranslatedAddress	SourceTranslatedPort	SourceProcessId	SourceUserPrivileges	SourceProcessName	SourceUserID	SourceUserName	EventType	DeviceCustomIPv6Address1	DeviceCustomIPv6Address1Label	DeviceCustomIPv6Address2	DeviceCustomIPv6Address2Label	DeviceCustomIPv6Address3	DeviceCustomIPv6Address3Label	DeviceCustomIPv6Address4	DeviceCustomIPv6Address4Label	DeviceCustomFloatingPoint1	DeviceCustomFloatingPoint1Label	DeviceCustomFloatingPoint2	DeviceCustomFloatingPoint2Label	DeviceCustomFloatingPoint3	DeviceCustomFloatingPoint3Label	DeviceCustomFloatingPoint4	DeviceCustomFloatingPoint4Label	DeviceCustomNumber1	DeviceCustomNumber1Label	DeviceCustomNumber2	DeviceCustomNumber2Label	DeviceCustomNumber3	DeviceCustomNumber3Label	DeviceCustomString1	DeviceCustomString1Label	DeviceCustomString2	DeviceCustomString2Label	DeviceCustomString3	DeviceCustomString3Label	DeviceCustomString4	DeviceCustomString4Label	DeviceCustomString5	DeviceCustomString5Label	DeviceCustomString6	DeviceCustomString6Label	DeviceCustomDate1	DeviceCustomDate1Label	DeviceCustomDate2	DeviceCustomDate2Label	FlexDate1	FlexDate1Label	FlexNumber1	FlexNumber1Label	FlexNumber2	FlexNumber2Label	FlexString1	FlexString1Label	FlexString2	FlexString2Label	AdditionalExtensions	StartTime	EndTime	Type	_ResourceId
2	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-12T21:00:23.827Z	1.58971E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com deleted incident {Source ip\=10.1.2.12}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:info;outcome=SUCCESS	null	null	CommonSecurityLog
3	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-12T21:00:23.863Z	1.58971E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com deleted incident {Source ip\=10.1.2.29}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:info;outcome=SUCCESS	null	null	CommonSecurityLog
4	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-12T21:00:58.12Z	1.58971E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
5	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-12T21:00:58.12Z	1.58971E+12	illusive	illusive	illusive:heartbeat	0							null		10.1.2.72				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
6	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-12T21:01:04.867Z	1.58971E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com deleted incident {Source ip\=10.1.2.12}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:info;outcome=SUCCESS	null	null	CommonSecurityLog
7	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-12T21:01:04.903Z	1.58971E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com logged in {User role \= ROLE_ADMIN Source address \= 192.168.77.1}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:info;outcome=SUCCESS	null	null	CommonSecurityLog
8	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-12T21:02:04.907Z	1.58971E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com logged in {User role \= ROLE_ADMIN Source address \= 192.168.77.1}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:info;outcome=SUCCESS	null	null	CommonSecurityLog
9	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-12T21:02:52.217Z	1.58971E+12	illusive	illusive	illusive:login	10							null		192.168.77.78		Event type\=Audit Failure User Domain\=PREEDATTESTENV Event ID\=4771 Raw data\={"4771":{"eventId":4771,"recordNumber":2138141,"strings":["Admin2","S-1-5-21-2619870177-3502509152-1737558779-1117","krbtgt/PREEDATTESTENV","0x40810010","0x18","2","::ffff:10.1.2.13","49460","","",""],"timeGenerated":1589710055000,"timeWritten":1589710055000,"source":"win-euuezzttfsw.preedattestenv.com","eventType":"FAILURE"}}		null	10.1.2.13				null					null	null		3.1.127.1613	Login event		null		WINDOWS		null									win-euuezzttfsw.preedattestenv.com			null					Admin2		null	56									null	null								null		null						endpoint3-pc.preedattestenv.com						null	null					null									null		null		null		null		4771	Windows Event Id	26	Incident Id	null								May 17 2020 12:15:40 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/26	Incident URL	Full Protection	Policy Name							null		null						cat=illusive:alerts;outcome=Audit Failure	null	null	CommonSecurityLog
10	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-12T21:03:04.977Z	1.58971E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com deleted incident {Source ip\=10.1.2.12}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:info;outcome=SUCCESS	null	null	CommonSecurityLog
11	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-12T21:03:05.027Z	1.58971E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com deleted incident {Source ip\=10.1.2.13}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:info;outcome=SUCCESS	null	null	CommonSecurityLog
12	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-12T21:03:05.077Z	1.58971E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com deleted incident {Source ip\=10.1.2.29}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:info;outcome=SUCCESS	null	null	CommonSecurityLog
13	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-12T21:03:31.547Z		illusive	illusive	illusive:login	10							null				hasForensics\=true		null					null					null	null		3.1.127.1613	Login event		null				null												null							null	57									null	null								null		null												null	null					null									null		null		null		null		null		26	Incident Id	null								May 17 2020 12:15:40 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/26	Incident URL	Full Protection	Policy Name							null		null							null	null	CommonSecurityLog
14	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-12T21:03:40.657Z	1.58971E+12	illusive	illusive	illusive:login	10							null		192.168.77.78		Event type\=Audit Failure User Domain\=PREEDATTESTENV Event ID\=4768 Raw data\={"4768":{"eventId":4768,"recordNumber":2138142,"strings":["testit","PREEDATTESTENV","S-1-0-0","krbtgt/PREEDATTESTENV","S-1-0-0","0x40810010","0x6","0xffffffff","-","::ffff:10.1.2.13","49461","","",""],"timeGenerated":1589710060000,"timeWritten":1589710060000,"source":"win-euuezzttfsw.preedattestenv.com","eventType":"FAILURE"}}		null	10.1.2.13				null					null	null		3.1.127.1613	Login event		null		WINDOWS		null									win-euuezzttfsw.preedattestenv.com			null					testit		null	57									null	null								null		null						ENDPOINT3-PC.PreedatTestEnv.com						null	null				No User is Logged-in	null									null		null		null		null		4768	Windows Event Id	26	Incident Id	null								May 17 2020 12:15:40 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/26	Incident URL	Full Protection	Policy Name							null		null						cat=illusive:alerts;outcome=Audit Failure	null	null	CommonSecurityLog
15	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-12T21:03:54.86Z	1.58971E+12	illusive	illusive	illusive:access	10							null	10.1.2.72	192.168.77.78				null	10.1.2.29				null					null	null		3.1.127.1613	Access event		null		SSH		null												null							null	58									null	null								null		null												null	null					null									null		null		null		null		null		27	Incident Id	null										https://MgmtServer2.PreedatTestEnv.com/#/incident/27	Incident URL									null		null						cat=illusive:alerts	null	null	CommonSecurityLog
16	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-12T21:04:48.467Z	1.58971E+12	illusive	illusive	illusive:access	10							null	10.1.2.72	192.168.77.78		processes\=ftp.exe		null	10.1.2.12				null					null	null		3.1.127.1613	Access event		null		FTP		null												null							null	59									null	null								null		null						ENDPOINT2-PC.PreedatTestEnv.com						null	null		cmd.exe(2608),ftp.exe		User2	null									null		null		null		null		null		28	Incident Id	null								May 17 2020 12:15:40 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/28	Incident URL	Full Protection	Policy Name							null		null						cat=illusive:alerts	null	null	CommonSecurityLog
17	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-12T21:04:57.657Z		illusive	illusive	illusive:login	10							null				hasForensics\=true		null					null					null	null		3.1.127.1613	Login event		null				null												null							null	60									null	null								null		null												null	null					null									null		null		null		null		null		28	Incident Id	null								May 17 2020 12:15:40 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/28	Incident URL	Full Protection	Policy Name							null		null							null	null	CommonSecurityLog
18	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-12T21:05:06.78Z	1.58971E+12	illusive	illusive	illusive:login	10							null	10.1.2.72	192.168.77.78		processes\=ftp.exe Is Successful Login\=false		null	10.1.2.12				null					null	null		3.1.127.1613	Login event		null		FTP		null												null					gjkljsdkljdsgl		null	60									null	null								null		null						ENDPOINT2-PC.PreedatTestEnv.com						null	null		cmd.exe(2608),ftp.exe		User2	null									null		null		null		null		null		28	Incident Id	null								May 17 2020 12:15:40 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/28	Incident URL	Full Protection	Policy Name							null		null						cat=illusive:alerts	null	null	CommonSecurityLog
19	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-12T21:05:15.857Z		illusive	illusive	illusive:access	10							null				hasForensics\=true		null					null					null	null		3.1.127.1613	Access event		null				null												null							null	59									null	null								null		null												null	null					null									null		null		null		null		null		28	Incident Id	null								May 17 2020 12:15:40 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/28	Incident URL	Full Protection	Policy Name							null		null							null	null	CommonSecurityLog
20	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-12T21:05:22.94Z	1.58971E+12	illusive	illusive	illusive:access	10							null	10.1.2.72	192.168.77.78		processes\=ftp.exe		null	10.1.2.12				null					null	null		3.1.127.1613	Access event		null		FTP		null												null							null	62									null	null								null		null						ENDPOINT2-PC.PreedatTestEnv.com						null	null		cmd.exe(2608),ftp.exe		User2	null									null		null		null		null		null		30	Incident Id	null								May 17 2020 12:15:40 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/30	Incident URL	Full Protection	Policy Name							null		null						cat=illusive:alerts	null	null	CommonSecurityLog
21	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-12T21:06:14.377Z		illusive	illusive	illusive:access	10							null				hasForensics\=true		null					null					null	null		3.1.127.1613	Access event		null				null												null							null	62									null	null								null		null												null	null					null									null		null		null		null		null		30	Incident Id	null								May 17 2020 12:15:40 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/30	Incident URL	Full Protection	Policy Name							null		null							null	null	CommonSecurityLog
22	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-12T21:06:22.33Z		illusive	illusive	illusive:login	10							null				hasForensics\=true		null					null					null	null		3.1.127.1613	Login event		null				null												null							null	63									null	null								null		null												null	null					null									null		null		null		null		null		31	Incident Id	null								May 17 2020 12:15:40 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/31	Incident URL	Full Protection	Policy Name							null		null							null	null	CommonSecurityLog
23	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-12T21:07:23.563Z	1.58971E+12	illusive	illusive	illusive:access	10							null	10.1.2.72	192.168.77.78				null	10.1.2.28				null					null	null		3.1.127.1613	Access event		null		SSH		null												null							null	67									null	null								null		null												null	null					null									null		null		null		null		null		32	Incident Id	null										https://MgmtServer2.PreedatTestEnv.com/#/incident/32	Incident URL									null		null						cat=illusive:alerts	null	null	CommonSecurityLog
24	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-12T21:07:32.753Z	1.58971E+12	illusive	illusive	illusive:access	10							null	10.1.2.72	192.168.77.78		Share Folder Name\=c$ Operation Result\=$Recycle.Bin\\\nbootmgr\nBOOTNXT\nDocuments and Settings\\\npagefile.sys\nPerfLogs\\\nProgram Files\\\nProgram Files (x86)\\\nProgramData\\\nRecovery\\\nswapfile.sys\nSystem Volume Information\\\nUsers\\\nWindows\\ Share Access Attempt User\=User2 Operation\=Search Operation Data\=\\*		null	10.1.2.12				null					null	null		3.1.127.1613	Access event		null		SHARE		null												null							null	66									null	null								null		null						endpoint2-pc.preedattestenv.com						null	null					null									null		null		null		null		null		30	Incident Id	null		c$	Share Folder Name	Search	Operation	\\*	Operation Data	May 17 2020 12:15:40 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/30	Incident URL	Full Protection	Policy Name							null		null						cat=illusive:alerts	null	null	CommonSecurityLog
25	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-12T21:07:41.813Z		illusive	illusive	illusive:login	10							null				hasForensics\=true		null					null					null	null		3.1.127.1613	Login event		null				null												null							null	64									null	null								null		null												null	null					null									null		null		null		null		null		30	Incident Id	null								May 17 2020 12:15:40 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/30	Incident URL	Full Protection	Policy Name							null		null							null	null	CommonSecurityLog
26	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-12T21:07:50.94Z	1.58971E+12	illusive	illusive	illusive:access	10							null	10.1.2.72	192.168.77.78		Share Folder Name\=c$ Operation Result\=$Recycle.Bin\\\nbootmgr\nBOOTNXT\nDocuments and Settings\\\npagefile.sys\nPerfLogs\\\nProgram Files\\\nProgram Files (x86)\\\nProgramData\\\nRecovery\\\nswapfile.sys\nSystem Volume Information\\\nUsers\\\nWindows\\ Share Access Attempt User\=User2 Operation\=Search Operation Data\=\\*		null	10.1.2.12				null					null	null		3.1.127.1613	Access event		null		SHARE		null												null							null	65									null	null								null		null						ENDPOINT2-PC.PreedatTestEnv.com						null	null		N/A,N/A		User2	null									null		null		null		null		null		30	Incident Id	null		c$	Share Folder Name	Search	Operation	\\*	Operation Data	May 17 2020 12:15:40 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/30	Incident URL	Full Protection	Policy Name							null		null						cat=illusive:alerts	null	null	CommonSecurityLog
27	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-12T21:08:00.097Z		illusive	illusive	illusive:access	10							null				hasForensics\=true		null					null					null	null		3.1.127.1613	Access event		null				null												null							null	65									null	null								null		null												null	null					null									null		null		null		null		null		30	Incident Id	null								May 17 2020 12:15:40 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/30	Incident URL	Full Protection	Policy Name							null		null							null	null	CommonSecurityLog
28	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-12T21:08:07.72Z	1.58971E+12	illusive	illusive	illusive:login	10							null	10.1.2.72	192.168.77.78		processes\=ftp.exe Is Successful Login\=false		null	10.1.2.12				null					null	null		3.1.127.1613	Login event		null		FTP		null												null					gdlkgds l		null	64									null	null								null		null						ENDPOINT2-PC.PreedatTestEnv.com						null	null		cmd.exe(2608),ftp.exe		User2	null									null		null		null		null		null		30	Incident Id	null								May 17 2020 12:15:40 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/30	Incident URL	Full Protection	Policy Name							null		null						cat=illusive:alerts	null	null	CommonSecurityLog
29	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-12T21:09:07.833Z	1.58971E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com deleted incident {Source ip\=10.1.2.28}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:info;outcome=SUCCESS	null	null	CommonSecurityLog
30	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-12T21:09:07.86Z	1.58971E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com deleted incident {Source ip\=10.1.2.12}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:info;outcome=SUCCESS	null	null	CommonSecurityLog
31	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-12T21:09:07.89Z	1.58971E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com deleted incident {Source ip\=10.1.2.13}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:info;outcome=SUCCESS	null	null	CommonSecurityLog
32	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-12T21:15:58.297Z	1.58971E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
33	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-12T21:15:58.31Z	1.58971E+12	illusive	illusive	illusive:heartbeat	0							null		10.1.2.72				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
34	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-12T21:21:16.173Z	1.58971E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com logged out {User role \= ROLE_ADMIN Source address \= 192.168.77.1}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:info;outcome=SUCCESS	null	null	CommonSecurityLog
35	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-12T21:21:21.193Z	1.58971E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com logged out {User role \= ROLE_ADMIN Source address \= 192.168.77.1}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:info;outcome=SUCCESS	null	null	CommonSecurityLog
36	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-12T21:21:21.197Z	1.58971E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com logged out {User role \= ROLE_ADMIN Source address \= 192.168.77.1}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:info;outcome=SUCCESS	null	null	CommonSecurityLog
37	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-12T21:21:21.197Z	1.58971E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com logged out {User role \= ROLE_ADMIN Source address \= 192.168.77.1}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:info;outcome=SUCCESS	null	null	CommonSecurityLog
38	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-12T21:30:58.457Z	1.58971E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
39	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-12T21:30:58.47Z	1.58971E+12	illusive	illusive	illusive:heartbeat	0							null		10.1.2.72				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
40	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-14T20:22:22Z	1.58949E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
41	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-14T20:37:22.107Z	1.58949E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
42	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-14T20:52:22.19Z	1.58949E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
43	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-14T21:00:27.213Z		illusive	illusive	illusive:access	10							null				hasForensics\=true		null					null					null	null		3.1.127.1613	Access event		null				null												null							null	32									null	null								null		null												null	null					null									null		null		null		null		null		13	Incident Id	null								May 17 2020 12:15:40 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/13	Incident URL	Full Protection	Policy Name							null		null							null	null	CommonSecurityLog
44	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-14T21:00:36.337Z	1.5897E+12	illusive	illusive	illusive:access	10							null	10.1.2.72	192.168.77.78		Share Folder Name\=c$ Operation Result\=$Recycle.Bin\\\nbootmgr\nBOOTNXT\nDocuments and Settings\\\npagefile.sys\nPerfLogs\\\nProgram Files\\\nProgram Files (x86)\\\nProgramData\\\nRecovery\\\nswapfile.sys\nSystem Volume Information\\\nUsers\\\nWindows\\ Share Access Attempt User\=User2 Operation\=Search Operation Data\=\\*		null	10.1.2.12				null					null	null		3.1.127.1613	Access event		null		SHARE		null												null							null	33									null	null								null		null						endpoint2-pc.preedattestenv.com						null	null					null									null		null		null		null		null		13	Incident Id	null		c$	Share Folder Name	Search	Operation	\\*	Operation Data	May 17 2020 12:15:40 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/13	Incident URL	Full Protection	Policy Name							null		null						cat=illusive:alerts	null	null	CommonSecurityLog
45	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-14T21:07:26.87Z	1.58949E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
46	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-14T21:10:08.943Z	1.5897E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
47	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-14T21:10:08.967Z	1.5897E+12	illusive	illusive	illusive:heartbeat	0							null		10.1.2.72				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
48	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-14T21:16:36.717Z	1.5897E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com logged out {User role \= ROLE_ADMIN Source address \= 192.168.77.1}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:info;outcome=SUCCESS	null	null	CommonSecurityLog
49	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-14T21:16:36.767Z	1.5897E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com logged out {User role \= ROLE_ADMIN Source address \= 192.168.77.1}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:info;outcome=SUCCESS	null	null	CommonSecurityLog
50	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-14T21:22:26.95Z	1.58949E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
51	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-14T21:25:09.19Z	1.5897E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
52	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-14T21:25:14.217Z	1.5897E+12	illusive	illusive	illusive:heartbeat	0							null		10.1.2.72				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
53	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-14T21:37:27.047Z	1.58949E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
54	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-14T21:40:09.52Z	1.5897E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
55	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-14T21:40:14.55Z	1.5897E+12	illusive	illusive	illusive:heartbeat	0							null		10.1.2.72				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
56	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-14T21:52:27.137Z	1.58949E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
57	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-14T21:55:09.837Z	1.58971E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
58	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-14T21:55:14.863Z	1.58971E+12	illusive	illusive	illusive:heartbeat	0							null		10.1.2.72				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
59	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-14T22:07:27.217Z	1.58949E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
60	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-14T22:10:10.303Z	1.58971E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
61	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-14T22:10:15.337Z	1.58971E+12	illusive	illusive	illusive:heartbeat	0							null		10.1.2.72				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
62	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-14T22:22:27.317Z	1.58949E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
63	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-14T22:25:10.647Z	1.58971E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
64	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-14T22:25:15.673Z	1.58971E+12	illusive	illusive	illusive:heartbeat	0							null		10.1.2.72				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
65	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-14T22:37:27.407Z	1.5895E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
66	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-14T22:40:10.817Z	1.58971E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
67	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-14T22:40:15.837Z	1.58971E+12	illusive	illusive	illusive:heartbeat	0							null		10.1.2.72				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
68	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-14T22:52:27.51Z	1.5895E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
69	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-14T23:07:27.613Z	1.5895E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
70	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-14T23:22:27.703Z	1.5895E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
71	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-14T23:37:27.797Z	1.5895E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
72	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-14T23:52:27.907Z	1.5895E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
73	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T00:07:28Z	1.5895E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
74	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T00:22:28.09Z	1.5895E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
75	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T00:37:28.183Z	1.5895E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
76	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T00:52:28.28Z	1.5895E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
77	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T01:07:28.357Z	1.5895E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
78	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T01:22:28.437Z	1.58951E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
79	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T01:37:28.53Z	1.58951E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
80	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T01:52:28.607Z	1.58951E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
81	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T02:07:28.687Z	1.58951E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
82	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T02:22:28.747Z	1.58951E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
83	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T02:37:28.833Z	1.58951E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
84	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T02:52:28.917Z	1.58951E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
85	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T03:07:29.017Z	1.58951E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
86	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T03:22:29.107Z	1.58951E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
87	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T03:37:37.227Z	1.58951E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
88	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T03:52:37.307Z	1.58951E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
89	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T04:07:37.407Z	1.58952E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
90	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T04:22:37.503Z	1.58952E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
91	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T04:37:37.597Z	1.58952E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
92	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T04:52:37.683Z	1.58952E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
93	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T05:07:37.763Z	1.58952E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
94	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T05:22:37.847Z	1.58952E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
95	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T05:37:45.167Z	1.58952E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
96	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T05:52:45.247Z	1.58952E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
97	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T06:07:45.297Z	1.58952E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
98	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T06:22:45.387Z	1.58952E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
99	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T06:37:45.467Z	1.58952E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
100	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T06:52:45.56Z	1.58953E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
101	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T07:07:45.68Z	1.58953E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
102	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T07:22:45.777Z	1.58953E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
103	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T07:37:45.857Z	1.58953E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
104	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T07:52:45.95Z	1.58953E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
105	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T08:07:46.03Z	1.58953E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
106	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T08:22:46.13Z	1.58953E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
107	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T08:37:46.233Z	1.58953E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
108	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T08:52:50.86Z	1.58953E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
109	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T09:07:50.977Z	1.58953E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
110	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T09:22:52.71Z	1.58953E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
111	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T09:37:52.8Z	1.58954E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
112	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T09:52:52.89Z	1.58954E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
113	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T10:07:52.99Z	1.58954E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
114	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T10:22:53.027Z	1.58954E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
115	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T10:37:53.123Z	1.58954E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
116	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T10:52:53.207Z	1.58954E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
117	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T11:07:53.3Z	1.58954E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
118	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T11:22:53.41Z	1.58954E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
119	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T11:37:57.553Z	1.58954E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
120	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T11:52:57.64Z	1.58954E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
121	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T12:07:57.74Z	1.58954E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
122	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T12:22:57.847Z	1.58955E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
123	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T12:37:57.937Z	1.58955E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
124	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T12:52:58.02Z	1.58955E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
125	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T13:07:58.11Z	1.58955E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
126	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T13:22:58.207Z	1.58955E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
127	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T13:37:58.307Z	1.58955E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
128	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T13:52:58.393Z	1.58955E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
129	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T14:07:58.507Z	1.58955E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
130	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T14:22:58.557Z	1.58955E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
131	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T14:37:58.67Z	1.58955E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
132	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T14:52:58.773Z	1.58955E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
133	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T15:07:58.867Z	1.58956E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
134	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T15:23:02.037Z	1.58956E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
135	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T15:38:02.123Z	1.58956E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
136	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T15:53:02.203Z	1.58956E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
137	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T16:08:02.297Z	1.58956E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
138	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T16:23:02.387Z	1.58956E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
139	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T16:38:02.483Z	1.58956E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
140	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T16:53:02.6Z	1.58956E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
141	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T17:08:02.687Z	1.58956E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
142	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T17:23:02.773Z	1.58956E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
143	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T17:38:02.867Z	1.58956E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
144	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T17:53:02.96Z	1.58957E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
145	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T18:08:08.683Z	1.58957E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
146	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T18:23:08.77Z	1.58957E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
147	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T18:38:08.863Z	1.58957E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
148	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T18:53:08.97Z	1.58957E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
149	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T19:08:09.063Z	1.58957E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
150	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T19:23:09.137Z	1.58957E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
151	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T19:38:09.167Z	1.58957E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
152	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T19:53:09.267Z	1.58957E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
153	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T20:08:18.037Z	1.58957E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
154	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T20:23:18.127Z	1.58957E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
155	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T20:38:18.223Z	1.58958E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
156	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T20:53:18.33Z	1.58958E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
157	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T21:00:30.41Z	1.5897E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com deleted incident {Source ip\=10.1.2.29}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:info;outcome=SUCCESS	null	null	CommonSecurityLog
158	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T21:00:30.453Z	1.5897E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com deleted incident {Source ip\=10.1.2.28}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:info;outcome=SUCCESS	null	null	CommonSecurityLog
159	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T21:00:30.503Z	1.5897E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com deleted incident {Source ip\=10.1.2.12}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:info;outcome=SUCCESS	null	null	CommonSecurityLog
160	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T21:00:30.547Z	1.5897E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com deleted incident {Source ip\=10.1.2.16}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:info;outcome=SUCCESS	null	null	CommonSecurityLog
161	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T21:00:30.593Z	1.5897E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com deleted incident {Source ip\=10.1.2.13}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:info;outcome=SUCCESS	null	null	CommonSecurityLog
162	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T21:03:54.78Z	1.5897E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
163	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T21:03:59.807Z	1.5897E+12	illusive	illusive	illusive:access	10							null	10.1.2.72	192.168.77.78		processes\=ftp.exe		null	10.1.2.12				null					null	null		3.1.127.1613	Access event		null		FTP		null												null							null	28									null	null								null		null						ENDPOINT2-PC.PreedatTestEnv.com						null	null		cmd.exe(2608),ftp.exe		User2	null									null		null		null		null		null		10	Incident Id	null								May 17 2020 12:15:40 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/10	Incident URL	Full Protection	Policy Name							null		null						cat=illusive:alerts	null	null	CommonSecurityLog
164	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T21:03:59.807Z	1.5897E+12	illusive	illusive	illusive:heartbeat	0							null		10.1.2.72				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
165	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T21:04:39.87Z	1.5897E+12	illusive	illusive	illusive:login	10							null		192.168.77.78		Event type\=Audit Failure User Domain\=PREEDATTESTENV Event ID\=4768 Raw data\={"4768":{"eventId":4768,"recordNumber":2136221,"strings":["testit","PREEDATTESTENV","S-1-0-0","krbtgt/PREEDATTESTENV","S-1-0-0","0x40810010","0x6","0xffffffff","-","::ffff:10.1.2.13","49317","","",""],"timeGenerated":1589700910000,"timeWritten":1589700910000,"source":"win-euuezzttfsw.preedattestenv.com","eventType":"FAILURE"}}		null	10.1.2.13				null					null	null		3.1.127.1613	Login event		null		WINDOWS		null									win-euuezzttfsw.preedattestenv.com			null					testit		null	29									null	null								null		null						ENDPOINT3-PC.PreedatTestEnv.com						null	null				No User is Logged-in	null									null		null		null		null		4768	Windows Event Id	11	Incident Id	null								May 17 2020 12:15:40 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/11	Incident URL	Full Protection	Policy Name							null		null						cat=illusive:alerts;outcome=Audit Failure	null	null	CommonSecurityLog
166	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T21:04:48.917Z		illusive	illusive	illusive:login	10							null				hasForensics\=true		null					null					null	null		3.1.127.1613	Login event		null				null												null							null	29									null	null								null		null												null	null					null									null		null		null		null		null		11	Incident Id	null								May 17 2020 12:15:40 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/11	Incident URL	Full Protection	Policy Name							null		null							null	null	CommonSecurityLog
167	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T21:04:58.073Z		illusive	illusive	illusive:access	10							null				hasForensics\=true		null					null					null	null		3.1.127.1613	Access event		null				null												null							null	28									null	null								null		null												null	null					null									null		null		null		null		null		10	Incident Id	null								May 17 2020 12:15:40 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/10	Incident URL	Full Protection	Policy Name							null		null							null	null	CommonSecurityLog
168	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T21:07:03.79Z	1.5897E+12	illusive	illusive	illusive:login	10							null	10.1.2.72	192.168.77.78		processes\=ftp.exe Is Successful Login\=false		null	10.1.2.12				null					null	null		3.1.127.1613	Login event		null		FTP		null												null					safkalf		null	31									null	null								null		null						ENDPOINT2-PC.PreedatTestEnv.com						null	null		cmd.exe(2608),ftp.exe		User2	null									null		null		null		null		null		10	Incident Id	null								May 17 2020 12:15:40 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/10	Incident URL	Full Protection	Policy Name							null		null						cat=illusive:alerts	null	null	CommonSecurityLog
169	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T21:08:05.853Z		illusive	illusive	illusive:login	10							null				hasForensics\=true		null					null					null	null		3.1.127.1613	Login event		null				null												null							null	31									null	null								null		null												null	null					null									null		null		null		null		null		10	Incident Id	null								May 17 2020 12:15:40 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/10	Incident URL	Full Protection	Policy Name							null		null							null	null	CommonSecurityLog
170	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T21:08:18.423Z	1.58958E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
171	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T21:23:18.517Z	1.58958E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
172	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T21:38:18.623Z	1.58958E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
173	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T21:53:21.197Z	1.58958E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
174	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T22:08:21.28Z	1.58958E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
175	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T22:23:21.363Z	1.58958E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
176	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T22:38:21.46Z	1.58958E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
177	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T22:53:21.553Z	1.58958E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
178	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T23:08:21.647Z	1.58958E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
179	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T23:23:21.737Z	1.58959E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
180	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T23:38:21.823Z	1.58959E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
181	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-15T23:53:21.907Z	1.58959E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
182	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T00:08:22.003Z	1.58959E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
183	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T00:23:22.1Z	1.58959E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
184	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T00:38:22.21Z	1.58959E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
185	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T00:53:22.313Z	1.58959E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
186	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T01:08:22.407Z	1.58959E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
187	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T01:23:22.5Z	1.58959E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
188	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T01:38:23.863Z	1.58959E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
189	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T01:53:23.963Z	1.58959E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
190	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T02:08:24.057Z	1.58959E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
191	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T02:23:24.147Z	1.5896E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
192	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T02:38:24.233Z	1.5896E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
193	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T02:53:24.313Z	1.5896E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
194	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T03:08:24.357Z	1.5896E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
195	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T03:23:24.437Z	1.5896E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
196	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T03:38:24.52Z	1.5896E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
197	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T03:53:24.617Z	1.5896E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
198	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T04:08:24.71Z	1.5896E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
199	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T04:23:26.997Z	1.5896E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
200	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T04:38:27.087Z	1.5896E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
201	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T04:53:27.18Z	1.5896E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
202	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T05:08:27.277Z	1.58961E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
203	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T05:23:27.363Z	1.58961E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
204	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T05:38:27.467Z	1.58961E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
205	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T05:53:27.513Z	1.58961E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
206	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T06:08:27.6Z	1.58961E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
207	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T06:23:27.713Z	1.58961E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
208	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T06:38:27.817Z	1.58961E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
209	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T06:53:27.907Z	1.58961E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
210	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T07:08:28.007Z	1.58961E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
211	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T07:23:28.12Z	1.58961E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
212	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T07:38:28.207Z	1.58961E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
213	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T07:53:28.32Z	1.58962E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
214	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T08:08:30.81Z	1.58962E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
215	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T08:23:30.897Z	1.58962E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
216	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T08:38:30.997Z	1.58962E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
217	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T08:53:31.093Z	1.58962E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
218	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T09:08:31.17Z	1.58962E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
219	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T09:23:31.26Z	1.58962E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
220	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T09:38:31.347Z	1.58962E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
221	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T09:53:31.437Z	1.58962E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
222	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T10:08:36.223Z	1.58962E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
223	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T10:23:36.31Z	1.58962E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
224	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T10:38:36.403Z	1.58963E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
225	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T10:53:36.437Z	1.58963E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
226	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T11:08:36.543Z	1.58963E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
227	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T11:23:36.64Z	1.58963E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
228	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T11:38:36.737Z	1.58963E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
229	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T11:53:36.83Z	1.58963E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
230	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T12:08:36.857Z	1.58963E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
231	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T12:23:36.963Z	1.58963E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
232	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T12:38:37.067Z	1.58963E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
233	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T12:53:37.177Z	1.58963E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
234	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T13:08:37.277Z	1.58963E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
235	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T13:23:37.367Z	1.58964E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
236	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T13:38:38.313Z	1.58964E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
237	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T13:53:38.407Z	1.58964E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
238	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T14:08:38.51Z	1.58964E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
239	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T14:23:38.613Z	1.58964E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
240	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T14:38:48.72Z	1.58964E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
241	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T14:53:48.82Z	1.58964E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
242	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T15:08:48.92Z	1.58964E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
243	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T15:23:49.017Z	1.58964E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
244	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T15:38:49.11Z	1.58964E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
245	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T15:53:49.207Z	1.58964E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
246	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T16:08:49.247Z	1.58965E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
247	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T16:23:49.33Z	1.58965E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
248	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T16:38:49.407Z	1.58965E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
249	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T16:53:49.5Z	1.58965E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
250	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T17:08:52.093Z	1.58965E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
251	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T17:23:52.18Z	1.58965E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
252	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T17:38:52.28Z	1.58965E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
253	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T17:53:52.38Z	1.58965E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
254	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T18:08:52.47Z	1.58965E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
255	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T18:23:52.56Z	1.58965E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
256	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T18:38:52.65Z	1.58965E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
257	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T18:53:52.753Z	1.58966E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
258	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T19:08:52.847Z	1.58966E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
259	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T19:23:52.937Z	1.58966E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
260	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T19:38:53.027Z	1.58966E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
261	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T19:53:53.117Z	1.58966E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
262	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T20:08:53.157Z	1.58966E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
263	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T20:23:53.263Z	1.58966E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
264	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T20:38:53.367Z	1.58966E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
265	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T20:53:53.453Z	1.58966E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
266	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T21:09:00.97Z	1.58966E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
267	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T21:24:01.07Z	1.58966E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
268	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T21:39:01.157Z	1.58967E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
269	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T21:54:01.24Z	1.58967E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
270	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T22:09:01.33Z	1.58967E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
271	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T22:24:01.44Z	1.58967E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
272	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T22:39:01.533Z	1.58967E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
273	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T22:54:01.64Z	1.58967E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
274	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T23:09:01.727Z	1.58967E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
275	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T23:24:01.837Z	1.58967E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
276	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T23:39:01.94Z	1.58967E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
277	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-16T23:54:04.107Z	1.58967E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
278	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T00:09:04.187Z	1.58967E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
279	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T00:24:04.277Z	1.58967E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
280	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T00:39:04.37Z	1.58968E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
281	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T00:54:14.413Z	1.58968E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
282	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T01:09:14.507Z	1.58968E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
283	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T01:24:14.617Z	1.58968E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
284	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T01:39:14.703Z	1.58968E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
285	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T01:54:14.79Z	1.58968E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
286	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T02:09:14.827Z	1.58968E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
287	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T02:24:14.907Z	1.58968E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
288	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T02:39:14.987Z	1.58968E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
289	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T02:54:15.067Z	1.58968E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
290	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T03:09:15.16Z	1.58968E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
291	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T03:24:15.257Z	1.58969E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
292	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T03:39:15.36Z	1.58969E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
293	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T03:54:15.437Z	1.58969E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
294	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T04:09:15.54Z	1.58969E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
295	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T04:24:15.657Z	1.58969E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
296	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T04:39:15.753Z	1.58969E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
297	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T04:54:15.827Z	1.58969E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.125.0-SNAPSHOT	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
298	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:10:56.44Z	1.5897E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com added report server {Host\=10.1.2.29 Server type\=SYSLOG} full details {Port\=514 Host\=10.1.2.29 SEND_AUDITS\=true Protocol\=TCP Server type\=SYSLOG}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:change;outcome=SUCCESS	null	null	CommonSecurityLog
299	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:10:56.557Z	1.5897E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com completed configuration wizard step {step id\=a3de3b02-1405-11e9-ab14-d663bd873d93} full details {status changed from 'PENDING' to 'COMPLETED'}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:change;outcome=SUCCESS	null	null	CommonSecurityLog
300	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:10:56.68Z	1.5897E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com completed configuration wizard step {step id\=fbfec47e-f17d-4074-9caf-7716ac000a20} full details {status changed from 'PENDING' to 'COMPLETED'}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:change;outcome=SUCCESS	null	null	CommonSecurityLog
301	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:11:56.843Z	1.5897E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com assigned directory entity to attacker view {Entity type\=Computer Entity name\=ENDPOINT3-PC}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:info;outcome=SUCCESS	null	null	CommonSecurityLog
302	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:11:56.883Z	1.5897E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com assigned directory entity to attacker view {Entity type\=Computer Entity name\=ENDPOINT5-PC}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:info;outcome=SUCCESS	null	null	CommonSecurityLog
303	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:11:56.92Z	1.5897E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com started attacker view collection		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:info;outcome=SUCCESS	null	null	CommonSecurityLog
304	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:11:56.963Z	1.5897E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com assigned directory entity to attacker view {Entity type\=Computer Entity name\=ENDPOINT2-PC}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:info;outcome=SUCCESS	null	null	CommonSecurityLog
305	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:13:57.173Z	1.5897E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com added deception entity {username\=Admin2} full details {AD User\=true password\=927mObB domain_name\=PreedatTestEnv.com is_persist\=false username\=Admin2}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:change;outcome=SUCCESS	null	null	CommonSecurityLog
306	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:13:57.233Z	1.5897E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com added deception entity {username\=user5} full details {AD User\=true password\=JoMAlY11 domain_name\=PreedatTestEnv.com is_persist\=false username\=user5}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:change;outcome=SUCCESS	null	null	CommonSecurityLog
307	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:13:57.297Z	1.5897E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com added deception entity {username\=testit} full details {AD User\=false password\=fERRa32 domain_name\=PreedatTestEnv.com is_persist\=false username\=testit}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:change;outcome=SUCCESS	null	null	CommonSecurityLog
308	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:14:57.473Z	1.5897E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com added deception entity {host\=winemacgw10.preedattestenv.com} full details {AD Host\=false host\=winemacgw10.preedattestenv.com service type\=WEB}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:change;outcome=SUCCESS	null	null	CommonSecurityLog
309	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:14:57.523Z	1.5897E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com added deception entity {host\=sharepoint1.preedattestenv.com} full details {AD Host\=false host\=sharepoint1.preedattestenv.com service type\=WEB}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:change;outcome=SUCCESS	null	null	CommonSecurityLog
310	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:14:57.577Z	1.5897E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com added deception entity {host\=sharepoint2.preedattestenv.com} full details {AD Host\=false host\=sharepoint2.preedattestenv.com service type\=WEB}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:change;outcome=SUCCESS	null	null	CommonSecurityLog
311	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:14:57.637Z	1.5897E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com added deception entity {host\=winemacgw11.preedattestenv.com} full details {AD Host\=false host\=winemacgw11.preedattestenv.com service type\=WEB}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:change;outcome=SUCCESS	null	null	CommonSecurityLog
312	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:15:57.817Z	1.5897E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com assigned entity to policy {Entity type\=Computer Entity name\=ENDPOINT5-PC Full Protection}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:change;outcome=SUCCESS	null	null	CommonSecurityLog
313	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:15:57.863Z	1.5897E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com deployed all policies		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:info;outcome=SUCCESS	null	null	CommonSecurityLog
314	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:15:57.907Z	1.5897E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com assigned entity to policy {Entity type\=Computer Entity name\=ENDPOINT3-PC Full Protection}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:change;outcome=SUCCESS	null	null	CommonSecurityLog
315	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:15:57.953Z	1.5897E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com assigned entity to policy {Entity type\=Computer Entity name\=ENDPOINT2-PC Full Protection}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:change;outcome=SUCCESS	null	null	CommonSecurityLog
316	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:17:54.543Z		illusive	illusive	illusive:login	10							null				hasForensics\=true		null					null					null	null		3.1.127.1613	Login event		null				null												null							null	2									null	null								null		null												null	null					null									null		null		null		null		null		2	Incident Id	null								May 17 2020 12:15:40 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/2	Incident URL	Full Protection	Policy Name							null		null							null	null	CommonSecurityLog
317	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:18:07.25Z	1.5897E+12	illusive	illusive	illusive:login	10							null		192.168.77.78		Event type\=Audit Failure User Domain\=PREEDATTESTENV Event ID\=4768 Raw data\={"4768":{"eventId":4768,"recordNumber":2135807,"strings":["testit","PREEDATTESTENV","S-1-0-0","krbtgt/PREEDATTESTENV","S-1-0-0","0x40810010","0x6","0xffffffff","-","::ffff:10.1.2.12","49219","","",""],"timeGenerated":1589699707000,"timeWritten":1589699707000,"source":"win-euuezzttfsw.preedattestenv.com","eventType":"FAILURE"}}		null	10.1.2.12				null					null	null		3.1.127.1613	Login event		null		WINDOWS		null									win-euuezzttfsw.preedattestenv.com			null					testit		null	2									null	null								null		null						ENDPOINT2-PC.PreedatTestEnv.com						null	null				User2	null									null		null		null		null		4768	Windows Event Id	2	Incident Id	null								May 17 2020 12:15:40 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/2	Incident URL	Full Protection	Policy Name							null		null						cat=illusive:alerts;outcome=Audit Failure	null	null	CommonSecurityLog
318	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:18:57.523Z	1.5897E+12	illusive	illusive	illusive:login	10							null		192.168.77.78		Event type\=Audit Failure User Domain\=PREEDATTESTENV Event ID\=4771 Raw data\={"4771":{"eventId":4771,"recordNumber":2135871,"strings":["Admin2","S-1-5-21-2619870177-3502509152-1737558779-1117","krbtgt/PREEDATTESTENV","0x40810010","0x18","2","::ffff:10.1.2.12","49228","","",""],"timeGenerated":1589699752000,"timeWritten":1589699752000,"source":"win-euuezzttfsw.preedattestenv.com","eventType":"FAILURE"}}		null	10.1.2.12				null					null	null		3.1.127.1613	Login event		null		WINDOWS		null									win-euuezzttfsw.preedattestenv.com			null					Admin2		null	3									null	null								null		null						endpoint2-pc.preedattestenv.com						null	null					null									null		null		null		null		4771	Windows Event Id	2	Incident Id	null								May 17 2020 12:15:40 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/2	Incident URL	Full Protection	Policy Name							null		null						cat=illusive:alerts;outcome=Audit Failure	null	null	CommonSecurityLog
319	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:20:01.443Z		illusive	illusive	illusive:access	10							null				hasForensics\=true		null					null					null	null		3.1.127.1613	Access event		null				null												null							null	4									null	null								null		null												null	null					null									null		null		null		null		null		3	Incident Id	null								May 17 2020 12:15:58 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/3	Incident URL	Full Protection	Policy Name							null		null							null	null	CommonSecurityLog
320	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:20:16.6Z	1.5897E+12	illusive	illusive	illusive:access	10							null	10.1.2.72	192.168.77.78		processes\=ftp.exe		null	10.1.2.16				null					null	null		3.1.127.1613	Access event		null		FTP		null												null							null	4									null	null								null		null						Endpoint5-PC.PreedatTestEnv.com						null	null		cmd.exe(1648),ftp.exe		user5	null									null		null		null		null		null		3	Incident Id	null								May 17 2020 12:15:58 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/3	Incident URL	Full Protection	Policy Name							null		null						cat=illusive:alerts	null	null	CommonSecurityLog
321	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:20:25.723Z	1.5897E+12	illusive	illusive	illusive:login	10							null	10.1.2.72	192.168.77.78		Is Successful Login\=false		null	10.1.2.16				null					null	null		3.1.127.1613	Login event		null		FTP		null												null					hdfjksfs		null	5									null	null								null		null						endpoint5-pc.preedattestenv.com						null	null					null									null		null		null		null		null		3	Incident Id	null								May 17 2020 12:15:58 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/3	Incident URL	Full Protection	Policy Name							null		null						cat=illusive:alerts	null	null	CommonSecurityLog
322	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:21:05.77Z		illusive	illusive	illusive:access	10							null				hasForensics\=true		null					null					null	null		3.1.127.1613	Access event		null				null												null							null	6									null	null								null		null												null	null					null									null		null		null		null		null		4	Incident Id	null								May 17 2020 12:15:40 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/4	Incident URL	Full Protection	Policy Name							null		null							null	null	CommonSecurityLog
323	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:21:34.973Z	1.5897E+12	illusive	illusive	illusive:access	10							null	10.1.2.72	192.168.77.78		accept-language\=en-US,en q\=0.9 Web Protocol\=HTTP accept\=text/html,application/xhtml+xml,application/xml q\=0.9,image/webp,image/apng,*/* q\=0.8,application/signed-exchange v\=b3 q\=0.9 Web Host\=10.1.2.72 Web Url\=/ authorization\=Digest username\="fdslkf d", realm\="Domain Name", nonce\="1589699919330:8b2ca8e89a3a6f07e4a23ed531511415", uri\="/", response\="3c07d81f9768008ed2cfc8f57ca305bd", opaque\="A5F6B6ED2AD91DFCC42EB94987D23D53", qop\=auth, nc\=00000002, cnonce\="bba347df912d5e91" Web Body\= Web Method\=GET upgrade-insecure-requests\=1 Web User Agent\=Mozilla/5.0 (Windows NT 6.1 WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36 connection\=keep-alive cache-control\=max-age\=0 accept-encoding\=gzip, deflate		null	10.1.2.13				null					null	null		3.1.127.1613	Access event		null		WEB		null												null							null	9									null	null								null		null		Mozilla/5.0 (Windows NT 6.1 WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36				endpoint3-pc.preedattestenv.com						null	null					null									null		null		null		null		null		4	Incident Id	null								May 17 2020 12:15:40 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/4	Incident URL	Full Protection	Policy Name							null		null						cat=illusive:alerts	null	null	CommonSecurityLog
324	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:21:44.053Z	1.5897E+12	illusive	illusive	illusive:login	10							null	10.1.2.72	192.168.77.78		Is Successful Login\=false accept-language\=en-US,en q\=0.9 Web Protocol\=HTTP accept\=text/html,application/xhtml+xml,application/xml q\=0.9,image/webp,image/apng,*/* q\=0.8,application/signed-exchange v\=b3 q\=0.9 Web Host\=10.1.2.72 Web Url\=/ authorization\=Digest username\="fdslkf d", realm\="Domain Name", nonce\="1589699919330:8b2ca8e89a3a6f07e4a23ed531511415", uri\="/", response\="3c07d81f9768008ed2cfc8f57ca305bd", opaque\="A5F6B6ED2AD91DFCC42EB94987D23D53", qop\=auth, nc\=00000002, cnonce\="bba347df912d5e91" Web Body\= Web Method\=GET upgrade-insecure-requests\=1 Web User Agent\=Mozilla/5.0 (Windows NT 6.1 WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36 connection\=keep-alive cache-control\=max-age\=0 accept-encoding\=gzip, deflate		null	10.1.2.13				null					null	null		3.1.127.1613	Login event		null		WEB		null												null					fdslkf d		null	10									null	null								null		null		Mozilla/5.0 (Windows NT 6.1 WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36				endpoint3-pc.preedattestenv.com						null	null					null									null		null		null		null		null		4	Incident Id	null								May 17 2020 12:15:40 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/4	Incident URL	Full Protection	Policy Name							null		null						cat=illusive:alerts	null	null	CommonSecurityLog
325	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:21:53.16Z	1.5897E+12	illusive	illusive	illusive:access	10							3306	10.1.2.72	192.168.77.78		Source Port\=49277 Database Type\=MySQL Trap port\=3306		49277	10.1.2.13				null					null	null		3.1.127.1613	Access event		null		DB		null												null							null	7									null	null								null		null						endpoint3-pc.preedattestenv.com						null	null					null									null		null		null		null		null		4	Incident Id	null								May 17 2020 12:15:40 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/4	Incident URL	Full Protection	Policy Name							null		null						cat=illusive:alerts	null	null	CommonSecurityLog
326	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:22:02.287Z	1.5897E+12	illusive	illusive	illusive:access	10							null	10.1.2.72	192.168.77.78		accept-language\=en-US,en q\=0.9 Web Body\= Web Method\=GET upgrade-insecure-requests\=1 Web User Agent\=Mozilla/5.0 (Windows NT 6.1 WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36 connection\=keep-alive Web Protocol\=HTTP accept-encoding\=gzip, deflate accept\=text/html,application/xhtml+xml,application/xml q\=0.9,image/webp,image/apng,*/* q\=0.8,application/signed-exchange v\=b3 q\=0.9 Web Host\=10.1.2.72 Web Url\=/		null	10.1.2.13				null					null	null		3.1.127.1613	Access event		null		WEB		null												null							null	8									null	null								null		null		Mozilla/5.0 (Windows NT 6.1 WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36				endpoint3-pc.preedattestenv.com						null	null					null									null		null		null		null		null		4	Incident Id	null								May 17 2020 12:15:40 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/4	Incident URL	Full Protection	Policy Name							null		null						cat=illusive:alerts	null	null	CommonSecurityLog
327	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:22:11.537Z	1.5897E+12	illusive	illusive	illusive:access	10							3306	10.1.2.72	192.168.77.78		Source Port\=49286 Database Type\=MySQL Trap port\=3306		49286	10.1.2.13				null					null	null		3.1.127.1613	Access event		null		DB		null												null							null	11									null	null								null		null						endpoint3-pc.preedattestenv.com						null	null					null									null		null		null		null		null		4	Incident Id	null								May 17 2020 12:15:40 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/4	Incident URL	Full Protection	Policy Name							null		null						cat=illusive:alerts	null	null	CommonSecurityLog
328	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:22:20.723Z	1.5897E+12	illusive	illusive	illusive:access	10							3306	10.1.2.72	192.168.77.78		Source Port\=49276 processes\=chrome.exe Database Type\=MySQL Trap port\=3306		49276	10.1.2.13				null					null	null		3.1.127.1613	Access event		null		DB		null												null							null	6									null	null								null		null						ENDPOINT3-PC.PreedatTestEnv.com						null	null		chrome.exe(292),chrome.exe		User3	null									null		null		null		null		null		4	Incident Id	null								May 17 2020 12:15:40 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/4	Incident URL	Full Protection	Policy Name							null		null						cat=illusive:alerts	null	null	CommonSecurityLog
329	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:22:55.3Z	1.5897E+12	illusive	illusive	illusive:heartbeat	0							null		10.1.2.72				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
330	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:22:55.3Z	1.5897E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
331	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:23:28.473Z		illusive	illusive	illusive:access	10							null				hasForensics\=true		null					null					null	null		3.1.127.1613	Access event		null				null												null							null	12									null	null								null		null												null	null					null									null		null		null		null		null		2	Incident Id	null								May 17 2020 12:15:40 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/2	Incident URL	Full Protection	Policy Name							null		null							null	null	CommonSecurityLog
332	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:23:34.567Z	1.5897E+12	illusive	illusive	illusive:access	10							null	10.1.2.72	192.168.77.78		Share Folder Name\=c$ Operation Result\=$Recycle.Bin\\\nbootmgr\nBOOTNXT\nDocuments and Settings\\\npagefile.sys\nPerfLogs\\\nProgram Files\\\nProgram Files (x86)\\\nProgramData\\\nRecovery\\\nswapfile.sys\nSystem Volume Information\\\nUsers\\\nWindows\\ Share Access Attempt User\=User2 Operation\=Search Operation Data\=\\*		null	10.1.2.12				null					null	null		3.1.127.1613	Access event		null		SHARE		null												null							null	12									null	null								null		null						ENDPOINT2-PC.PreedatTestEnv.com						null	null		N/A,N/A		User2	null									null		null		null		null		null		2	Incident Id	null		c$	Share Folder Name	Search	Operation	\\*	Operation Data	May 17 2020 12:15:40 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/2	Incident URL	Full Protection	Policy Name							null		null						cat=illusive:alerts	null	null	CommonSecurityLog
333	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:23:43.677Z		illusive	illusive	illusive:access	10							null				hasForensics\=true		null					null					null	null		3.1.127.1613	Access event		null				null												null							null	13									null	null								null		null												null	null					null									null		null		null		null		null		2	Incident Id	null								May 17 2020 12:15:40 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/2	Incident URL	Full Protection	Policy Name							null		null							null	null	CommonSecurityLog
334	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:23:52.88Z	1.5897E+12	illusive	illusive	illusive:access	10							null	10.1.2.72	192.168.77.78		Share Folder Name\=c$ Operation Result\=$Recycle.Bin\\\nbootmgr\nBOOTNXT\nDocuments and Settings\\\npagefile.sys\nPerfLogs\\\nProgram Files\\\nProgram Files (x86)\\\nProgramData\\\nRecovery\\\nswapfile.sys\nSystem Volume Information\\\nUsers\\\nWindows\\ Share Access Attempt User\=User2 Operation\=Search Operation Data\=\\*		null	10.1.2.12				null					null	null		3.1.127.1613	Access event		null		SHARE		null												null							null	13									null	null								null		null						ENDPOINT2-PC.PreedatTestEnv.com						null	null		N/A,N/A		User2	null									null		null		null		null		null		2	Incident Id	null		c$	Share Folder Name	Search	Operation	\\*	Operation Data	May 17 2020 12:15:40 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/2	Incident URL	Full Protection	Policy Name							null		null						cat=illusive:alerts	null	null	CommonSecurityLog
335	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:24:53.01Z	1.5897E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com deleted incident {Source ip\=10.1.2.13}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:info;outcome=SUCCESS	null	null	CommonSecurityLog
336	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:24:53.043Z	1.5897E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com deleted incident {Source ip\=10.1.2.16}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:info;outcome=SUCCESS	null	null	CommonSecurityLog
337	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:24:53.08Z	1.5897E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com deleted incident {Source ip\=10.1.2.12}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:info;outcome=SUCCESS	null	null	CommonSecurityLog
338	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:25:19.847Z	1.5897E+12	illusive	illusive	illusive:access	10							null	10.1.2.72	192.168.77.78		processes\=ftp.exe		null	10.1.2.12				null					null	null		3.1.127.1613	Access event		null		FTP		null												null							null	14									null	null								null		null						ENDPOINT2-PC.PreedatTestEnv.com						null	null		cmd.exe(2608),ftp.exe		User2	null									null		null		null		null		null		5	Incident Id	null								May 17 2020 12:15:40 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/5	Incident URL	Full Protection	Policy Name							null		null						cat=illusive:alerts	null	null	CommonSecurityLog
339	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:26:02.253Z		illusive	illusive	illusive:login	10							null				hasForensics\=true		null					null					null	null		3.1.127.1613	Login event		null				null												null							null	15									null	null								null		null												null	null					null									null		null		null		null		null		5	Incident Id	null								May 17 2020 12:15:40 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/5	Incident URL	Full Protection	Policy Name							null		null							null	null	CommonSecurityLog
340	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:26:11.347Z	1.5897E+12	illusive	illusive	illusive:login	10							null	10.1.2.72	192.168.77.78		processes\=ftp.exe Is Successful Login\=false		null	10.1.2.12				null					null	null		3.1.127.1613	Login event		null		FTP		null												null					dfj lkds		null	15									null	null								null		null						ENDPOINT2-PC.PreedatTestEnv.com						null	null		cmd.exe(2608),ftp.exe		User2	null									null		null		null		null		null		5	Incident Id	null								May 17 2020 12:15:40 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/5	Incident URL	Full Protection	Policy Name							null		null						cat=illusive:alerts	null	null	CommonSecurityLog
341	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:26:20.44Z		illusive	illusive	illusive:access	10							null				hasForensics\=true		null					null					null	null		3.1.127.1613	Access event		null				null												null							null	14									null	null								null		null												null	null					null									null		null		null		null		null		5	Incident Id	null								May 17 2020 12:15:40 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/5	Incident URL	Full Protection	Policy Name							null		null							null	null	CommonSecurityLog
342	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:27:27.097Z	1.5897E+12	illusive	illusive	illusive:access	10							null	10.1.2.72	192.168.77.78		Share Folder Name\=c$ Operation Result\=$Recycle.Bin\\\nbootmgr\nBOOTNXT\nDocuments and Settings\\\npagefile.sys\nPerfLogs\\\nProgram Files\\\nProgram Files (x86)\\\nProgramData\\\nRecovery\\\nswapfile.sys\nSystem Volume Information\\\nUsers\\\nWindows\\ Share Access Attempt User\=user5 Operation\=Search Operation Data\=\\*		null	10.1.2.16				null					null	null		3.1.127.1613	Access event		null		SHARE		null												null							null	17									null	null								null		null						endpoint5-pc.preedattestenv.com						null	null					null									null		null		null		null		null		6	Incident Id	null		c$	Share Folder Name	Search	Operation	\\*	Operation Data	May 17 2020 12:15:58 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/6	Incident URL	Full Protection	Policy Name							null		null						cat=illusive:alerts	null	null	CommonSecurityLog
343	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:27:34.647Z		illusive	illusive	illusive:access	10							null				hasForensics\=true		null					null					null	null		3.1.127.1613	Access event		null				null												null							null	16									null	null								null		null												null	null					null									null		null		null		null		null		6	Incident Id	null								May 17 2020 12:15:58 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/6	Incident URL	Full Protection	Policy Name							null		null							null	null	CommonSecurityLog
344	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:27:43.787Z	1.5897E+12	illusive	illusive	illusive:access	10							null	10.1.2.72	192.168.77.78		Share Folder Name\=c$ Operation Result\=$Recycle.Bin\\\nbootmgr\nBOOTNXT\nDocuments and Settings\\\npagefile.sys\nPerfLogs\\\nProgram Files\\\nProgram Files (x86)\\\nProgramData\\\nRecovery\\\nswapfile.sys\nSystem Volume Information\\\nUsers\\\nWindows\\ Share Access Attempt User\=user5 Operation\=Search Operation Data\=\\*		null	10.1.2.16				null					null	null		3.1.127.1613	Access event		null		SHARE		null												null							null	18									null	null								null		null						endpoint5-pc.preedattestenv.com						null	null					null									null		null		null		null		null		6	Incident Id	null		c$	Share Folder Name	Search	Operation	\\*	Operation Data	May 17 2020 12:15:58 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/6	Incident URL	Full Protection	Policy Name							null		null						cat=illusive:alerts	null	null	CommonSecurityLog
345	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:27:52.91Z	1.5897E+12	illusive	illusive	illusive:access	10							null	10.1.2.72	192.168.77.78				null	10.1.2.29				null					null	null		3.1.127.1613	Access event		null		SSH		null												null							null	19									null	null								null		null												null	null					null									null		null		null		null		null		7	Incident Id	null										https://MgmtServer2.PreedatTestEnv.com/#/incident/7	Incident URL									null		null						cat=illusive:alerts	null	null	CommonSecurityLog
346	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:28:02.037Z	1.5897E+12	illusive	illusive	illusive:access	10							null	10.1.2.72	192.168.77.78		Share Folder Name\=c$ Operation Result\=$Recycle.Bin\\\nbootmgr\nBOOTNXT\nDocuments and Settings\\\npagefile.sys\nPerfLogs\\\nProgram Files\\\nProgram Files (x86)\\\nProgramData\\\nRecovery\\\nswapfile.sys\nSystem Volume Information\\\nUsers\\\nWindows\\ Share Access Attempt User\=user5 Operation\=Search Operation Data\=\\*		null	10.1.2.16				null					null	null		3.1.127.1613	Access event		null		SHARE		null												null							null	16									null	null								null		null						Endpoint5-PC.PreedatTestEnv.com						null	null		N/A,N/A		user5	null									null		null		null		null		null		6	Incident Id	null		c$	Share Folder Name	Search	Operation	\\*	Operation Data	May 17 2020 12:15:58 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/6	Incident URL	Full Protection	Policy Name							null		null						cat=illusive:alerts	null	null	CommonSecurityLog
347	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:28:29.74Z	1.5897E+12	illusive	illusive	illusive:access	10							null	10.1.2.72	192.168.77.78				null	10.1.2.29				null					null	null		3.1.127.1613	Access event		null		SSH		null												null							null	20									null	null								null		null												null	null					null									null		null		null		null		null		7	Incident Id	null										https://MgmtServer2.PreedatTestEnv.com/#/incident/7	Incident URL									null		null						cat=illusive:alerts	null	null	CommonSecurityLog
348	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:29:37.457Z	1.5897E+12	illusive	illusive	illusive:login	10							null		192.168.77.78		Event type\=Audit Failure User Domain\=PREEDATTESTENV Event ID\=4768 Raw data\={"4768":{"eventId":4768,"recordNumber":2136134,"strings":["testit","PREEDATTESTENV","S-1-0-0","krbtgt/PREEDATTESTENV","S-1-0-0","0x40810010","0x6","0xffffffff","-","::ffff:10.1.2.13","49309","","",""],"timeGenerated":1589700381000,"timeWritten":1589700381000,"source":"win-euuezzttfsw.preedattestenv.com","eventType":"FAILURE"}}		null	10.1.2.13				null					null	null		3.1.127.1613	Login event		null		WINDOWS		null									win-euuezzttfsw.preedattestenv.com			null					testit		null	22									null	null								null		null						ENDPOINT3-PC.PreedatTestEnv.com						null	null				No User is Logged-in	null									null		null		null		null		4768	Windows Event Id	8	Incident Id	null								May 17 2020 12:15:40 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/8	Incident URL	Full Protection	Policy Name							null		null						cat=illusive:alerts;outcome=Audit Failure	null	null	CommonSecurityLog
349	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:29:46.613Z	1.5897E+12	illusive	illusive	illusive:access	10							null	10.1.2.72	192.168.77.78		processes\=ftp.exe		null	10.1.2.16				null					null	null		3.1.127.1613	Access event		null		FTP		null												null							null	21									null	null								null		null						Endpoint5-PC.PreedatTestEnv.com						null	null		cmd.exe(1648),ftp.exe		user5	null									null		null		null		null		null		6	Incident Id	null								May 17 2020 12:15:58 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/6	Incident URL	Full Protection	Policy Name							null		null						cat=illusive:alerts	null	null	CommonSecurityLog
350	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:29:55.677Z		illusive	illusive	illusive:access	10							null				hasForensics\=true		null					null					null	null		3.1.127.1613	Access event		null				null												null							null	21									null	null								null		null												null	null					null									null		null		null		null		null		6	Incident Id	null								May 17 2020 12:15:58 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/6	Incident URL	Full Protection	Policy Name							null		null							null	null	CommonSecurityLog
351	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:30:04.77Z		illusive	illusive	illusive:login	10							null				hasForensics\=true		null					null					null	null		3.1.127.1613	Login event		null				null												null							null	22									null	null								null		null												null	null					null									null		null		null		null		null		8	Incident Id	null								May 17 2020 12:15:40 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/8	Incident URL	Full Protection	Policy Name							null		null							null	null	CommonSecurityLog
352	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:31:34.693Z	1.5897E+12	illusive	illusive	illusive:access	10							null	10.1.2.72	192.168.77.78				null	10.1.2.28				null					null	null		3.1.127.1613	Access event		null		SSH		null												null							null	23									null	null								null		null												null	null					null									null		null		null		null		null		9	Incident Id	null										https://MgmtServer2.PreedatTestEnv.com/#/incident/9	Incident URL									null		null						cat=illusive:alerts	null	null	CommonSecurityLog
353	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:32:14.02Z	1.5897E+12	illusive	illusive	illusive:login	10							null	10.1.2.72	192.168.77.78		Is Successful Login\=false Using SSH Key\=false		null	10.1.2.28				null					null	null		3.1.127.1613	Login event		null		SSH		null												null					user1		null	24									null	null								null		null												null	null					null									null		null		null		null		null		9	Incident Id	null										https://MgmtServer2.PreedatTestEnv.com/#/incident/9	Incident URL									null		null						cat=illusive:alerts	null	null	CommonSecurityLog
354	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:32:40.02Z	1.5897E+12	illusive	illusive	illusive:login	10							null	10.1.2.72	192.168.77.78		Is Successful Login\=false Using SSH Key\=false		null	10.1.2.28				null					null	null		3.1.127.1613	Login event		null		SSH		null												null					user1		null	25									null	null								null		null												null	null					null									null		null		null		null		null		9	Incident Id	null										https://MgmtServer2.PreedatTestEnv.com/#/incident/9	Incident URL									null		null						cat=illusive:alerts	null	null	CommonSecurityLog
355	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:33:21.723Z	1.5897E+12	illusive	illusive	illusive:access	10							null	10.1.2.72	192.168.77.78		x-illusive-remote-addr\=10.1.2.28 Web Protocol\=HTTPS Web Url\=/ Web Host\=10.1.2.72 accept\=*/* x-illusive-local-addr\=10.1.2.72 x-illusive-server-port\=443 x-forwarded-server\=fe80::51aa:a3dd:dfc8:2318 x-illusive-remote-host\=10.1.2.28 x-forwarded-host\=10.1.2.72 Web X-Forwarded-For\=10.1.2.28 Web Method\=GET Web Body\= Web User Agent\=Wget/1.14 (linux-gnu) connection\=Keep-Alive		null	10.1.2.28				null					null	null		3.1.127.1613	Access event		null		WEB		null												null							null	27									null	null								null		null		Wget/1.14 (linux-gnu)										null	null					null									null		null		null		null		null		9	Incident Id	null										https://MgmtServer2.PreedatTestEnv.com/#/incident/9	Incident URL									null		null						cat=illusive:alerts	null	null	CommonSecurityLog
356	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:33:30.863Z	1.5897E+12	illusive	illusive	illusive:access	10							null	10.1.2.72	192.168.77.78		Web Method\=GET Web Body\= Web User Agent\=Wget/1.14 (linux-gnu) connection\=Keep-Alive Web Protocol\=HTTP Web Url\=/ Web Host\=10.1.2.72 accept\=*/*		null	10.1.2.28				null					null	null		3.1.127.1613	Access event		null		WEB		null												null							null	26									null	null								null		null		Wget/1.14 (linux-gnu)										null	null					null									null		null		null		null		null		9	Incident Id	null										https://MgmtServer2.PreedatTestEnv.com/#/incident/9	Incident URL									null		null						cat=illusive:alerts	null	null	CommonSecurityLog
357	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:54:06.613Z	1.5897E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com deleted incident {Source ip\=10.1.2.12}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:info;outcome=SUCCESS	null	null	CommonSecurityLog
358	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:54:06.69Z	1.5897E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com deleted incident {Source ip\=10.1.2.13}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:info;outcome=SUCCESS	null	null	CommonSecurityLog
359	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T07:57:21.997Z	1.5897E+12	illusive	illusive	illusive:access	10							null	10.1.2.72	192.168.77.78		Share Folder Name\=c$ Operation Result\=$Recycle.Bin\\\nbootmgr\nBOOTNXT\nDocuments and Settings\\\npagefile.sys\nPerfLogs\\\nProgram Files\\\nProgram Files (x86)\\\nProgramData\\\nRecovery\\\nswapfile.sys\nSystem Volume Information\\\nUsers\\\nWindows\\ Share Access Attempt User\=User2 Operation\=Search Operation Data\=\\*		null	10.1.2.12				null					null	null		3.1.127.1613	Access event		null		SHARE		null												null							null	32									null	null								null		null						ENDPOINT2-PC.PreedatTestEnv.com						null	null		N/A,N/A		User2	null									null		null		null		null		null		13	Incident Id	null		c$	Share Folder Name	Search	Operation	\\*	Operation Data	May 17 2020 12:15:40 AM	Last deployment time	https://MgmtServer2.PreedatTestEnv.com/#/incident/13	Incident URL	Full Protection	Policy Name							null		null						cat=illusive:alerts	null	null	CommonSecurityLog
360	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T10:53:01.877Z	1.58971E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
361	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T10:53:01.89Z	1.58971E+12	illusive	illusive	illusive:heartbeat	0							null		10.1.2.72				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
362	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T11:08:02.137Z	1.58971E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
363	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T11:08:02.153Z	1.58971E+12	illusive	illusive	illusive:heartbeat	0							null		10.1.2.72				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
364	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T11:08:23.087Z	1.58971E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com logged out {User role \= ROLE_ADMIN Source address \= 192.168.77.1}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:info;outcome=SUCCESS	null	null	CommonSecurityLog
365	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T11:08:23.127Z	1.58971E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com logged out {User role \= ROLE_ADMIN Source address \= 192.168.77.1}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:info;outcome=SUCCESS	null	null	CommonSecurityLog
366	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T11:23:02.313Z	1.58971E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
367	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T11:23:02.33Z	1.58971E+12	illusive	illusive	illusive:heartbeat	0							null		10.1.2.72				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
368	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T11:38:02.487Z	1.58972E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
369	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T11:38:02.507Z	1.58972E+12	illusive	illusive	illusive:heartbeat	0							null		10.1.2.72				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
370	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T11:53:02.723Z	1.58972E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
371	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T11:53:02.743Z	1.58972E+12	illusive	illusive	illusive:heartbeat	0							null		10.1.2.72				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
372	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T12:08:02.993Z	1.58972E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
373	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T12:08:03.02Z	1.58972E+12	illusive	illusive	illusive:heartbeat	0							null		10.1.2.72				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
374	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T12:23:03.157Z	1.58972E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
375	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T12:23:03.17Z	1.58972E+12	illusive	illusive	illusive:heartbeat	0							null		10.1.2.72				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
376	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T12:38:03.31Z	1.58972E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
377	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T12:38:03.323Z	1.58972E+12	illusive	illusive	illusive:heartbeat	0							null		10.1.2.72				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
378	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T12:53:03.403Z	1.58972E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
379	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T12:53:03.417Z	1.58972E+12	illusive	illusive	illusive:heartbeat	0							null		10.1.2.72				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
380	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T13:08:03.677Z	1.58972E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
381	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T13:08:03.7Z	1.58972E+12	illusive	illusive	illusive:heartbeat	0							null		10.1.2.72				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
382	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T13:23:03.867Z	1.58972E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
383	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T13:23:03.88Z	1.58972E+12	illusive	illusive	illusive:heartbeat	0							null		10.1.2.72				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
384	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T13:38:04.033Z	1.58972E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
385	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T13:38:04.047Z	1.58972E+12	illusive	illusive	illusive:heartbeat	0							null		10.1.2.72				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
386	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T13:53:04.177Z	1.58972E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
387	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T13:53:04.19Z	1.58972E+12	illusive	illusive	illusive:heartbeat	0							null		10.1.2.72				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
388	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T14:08:04.323Z	1.58972E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
389	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T14:08:04.337Z	1.58972E+12	illusive	illusive	illusive:heartbeat	0							null		10.1.2.72				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
390	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T14:23:04.497Z	1.58973E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
391	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T14:23:04.51Z	1.58973E+12	illusive	illusive	illusive:heartbeat	0							null		10.1.2.72				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
392	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T14:38:04.673Z	1.58973E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
393	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T14:38:04.687Z	1.58973E+12	illusive	illusive	illusive:heartbeat	0							null		10.1.2.72				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
394	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T14:53:04.827Z	1.58973E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
395	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T14:53:04.837Z	1.58973E+12	illusive	illusive	illusive:heartbeat	0							null		10.1.2.72				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
396	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T15:08:05.017Z	1.58973E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
397	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T15:08:05.03Z	1.58973E+12	illusive	illusive	illusive:heartbeat	0							null		10.1.2.72				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
398	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T15:23:05.2Z	1.58973E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
399	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T15:23:05.213Z	1.58973E+12	illusive	illusive	illusive:heartbeat	0							null		10.1.2.72				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
400	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T15:38:05.39Z	1.58973E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
401	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T15:38:05.407Z	1.58973E+12	illusive	illusive	illusive:heartbeat	0							null		10.1.2.72				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
402	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T15:53:05.563Z	1.58973E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
403	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T15:53:10.587Z	1.58973E+12	illusive	illusive	illusive:heartbeat	0							null		10.1.2.72				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
404	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T16:08:05.77Z	1.58973E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
405	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T16:08:05.787Z	1.58973E+12	illusive	illusive	illusive:heartbeat	0							null		10.1.2.72				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
406	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T16:23:09.053Z	1.58973E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
407	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T16:23:09.067Z	1.58973E+12	illusive	illusive	illusive:heartbeat	0							null		10.1.2.72				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
408	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T16:38:09.207Z	1.58973E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
409	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T16:38:09.22Z	1.58973E+12	illusive	illusive	illusive:heartbeat	0							null		10.1.2.72				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
410	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T16:53:09.377Z	1.58973E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
411	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T16:53:09.39Z	1.58973E+12	illusive	illusive	illusive:heartbeat	0							null		10.1.2.72				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
412	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T17:08:09.55Z	1.58974E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
413	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T17:08:09.567Z	1.58974E+12	illusive	illusive	illusive:heartbeat	0							null		10.1.2.72				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
414	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T17:23:09.717Z	1.58974E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
415	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T17:23:09.733Z	1.58974E+12	illusive	illusive	illusive:heartbeat	0							null		10.1.2.72				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
416	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T17:38:09.897Z	1.58974E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
417	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T17:38:09.907Z	1.58974E+12	illusive	illusive	illusive:heartbeat	0							null		10.1.2.72				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
418	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T17:53:09.987Z	1.58974E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
419	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T17:53:10.003Z	1.58974E+12	illusive	illusive	illusive:heartbeat	0							null		10.1.2.72				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
420	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T18:08:10.147Z	1.58974E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
421	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T18:08:10.16Z	1.58974E+12	illusive	illusive	illusive:heartbeat	0							null		10.1.2.72				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
422	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T18:23:10.303Z	1.58974E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
423	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T18:23:10.317Z	1.58974E+12	illusive	illusive	illusive:heartbeat	0							null		10.1.2.72				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
424	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T18:38:10.453Z	1.58974E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
425	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T18:38:10.47Z	1.58974E+12	illusive	illusive	illusive:heartbeat	0							null		10.1.2.72				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
426	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T18:50:29.147Z	1.58974E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com logged in {User role \= ROLE_ADMIN Source address \= 192.168.77.1}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:info;outcome=SUCCESS	null	null	CommonSecurityLog
427	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T18:51:29.487Z	1.58974E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com uploaded license		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:change;outcome=SUCCESS	null	null	CommonSecurityLog
428	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T18:52:29.543Z	1.58974E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com uploaded license		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:change;outcome=SUCCESS	null	null	CommonSecurityLog
429	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T18:52:29.583Z	1.58974E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com uploaded license		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:change;outcome=SUCCESS	null	null	CommonSecurityLog
430	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T18:53:10.553Z	1.58974E+12	illusive	illusive	illusive:heartbeat	0							null		10.1.2.72				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
431	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T18:53:10.553Z	1.58974E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
432	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T18:53:29.65Z	1.58974E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com add attack surface rule{Rule Name\=Discover Domain User Credentials #1} full details {User Groups\=TargetEntities{directoryEntity\=DirectoryEntity{commonName\='Haim Cohen', distinguishedName\='CN\=Haim Cohen,CN\=Users,dc\=PreedatTestEnv,dc\=com', objectClass\=User, childrenEntities\=null, members\=null, logonUser\='null', logonUserPreWindows2003\='User1', objectSid\='null'} BaseEntity{dateCreated\=Sun May 17 11:53:26 PDT 2020, lastUpdated\=Sun May 17 11:53:26 PDT 2020}, operationType\=INCLUDE},TargetEntities{directoryEntity\=DirectoryEntity{commonName\='Eran Zehavi', distinguishedName\='CN\=Eran Zehavi,CN\=Users,dc\=PreedatTestEnv,dc\=com', objectClass\=User, childrenEntities\=null, members\=null, logonUser\='null', logonUserPreWindows2003\='user5', objectSid\='null'} BaseEntity{dateCreated\=Sun May 17 11:53:26 PDT 2020, lastUpdated\=Sun May 17 11:53:26 PDT 2020}, operationType\=INCLUDE},TargetEntities{directoryEntity\=DirectoryEntity{commonName\='Tal Ben Haim', distinguishedName\='CN\=Tal Ben Haim,CN\=Users,dc\=PreedatTestEnv,dc\=com', objectClass\=User, childrenEntities\=null, members\=null, logonUser\='null', logonUserPreWindows2003\='user4', objectSid\='null'} BaseEntity{dateCreated\=Sun May 17 11:53:26 PDT 2020, lastUpdated\=Sun May 17 11:53:26 PDT 2020}, operationType\=INCLUDE},TargetEntities{directoryEntity\=DirectoryEntity{commonName\='Moshe Levi.', distinguishedName\='CN\=Moshe Levi.,CN\=Users,dc\=PreedatTestEnv,dc\=com', objectClass\=User, childrenEntities\=null, members\=null, logonUser\='null', logonUserPreWindows2003\='User2', objectSid\='null'} BaseEntity{dateCreated\=Sun May 17 11:53:26 PDT 2020, lastUpdated\=Sun May 17 11:53:26 PDT 2020}, operationType\=INCLUDE},TargetEntities{directoryEntity\=DirectoryEntity{commonName\='Avi Nimni', distinguishedName\='CN\=Avi Nimni,CN\=Users,dc\=PreedatTestEnv,dc\=com', objectClass\=User, childrenEntities\=null, members\=null, logonUser\='null', logonUserPreWindows2003\='User3', objectSid\='null'} BaseEntity{dateCreated\=Sun May 17 11:53:26 PDT 2020, lastUpdated\=Sun May 17 11:53:26 PDT 2020}, operationType\=INCLUDE} Should Notify Siem\=true Rule Name\=Discover Domain User Credentials #1 Should Run on all Network\=true Should Send Mail Notification\=false}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:change;outcome=SUCCESS	null	null	CommonSecurityLog
433	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T18:54:29.79Z	1.58974E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com deployed machine		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:info;outcome=SUCCESS	null	null	CommonSecurityLog
434	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T18:55:24.827Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: User:Avi Nimni and User:Moshe Levi. and Group:Users and User:Eran Zehavi and User:Haim Cohen and User:Tal Ben Haim		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint3-pc.preedattestenv.com						null	null				preedattestenv.com\\user3	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	User name: 'preedattestenv\\user3' has session in state 'Disconnected'. Session id: '1', Logon ids: '1084102,1084046', Logon type: 'Interactive', first logon time: 'May 17 2020 12:17:39 AM', last logon time: 'May 17 2020 12:17:39 AM', last active time: 'May 17 2020 12:26:14 AM'	Collection details	UserSession	Collection source													null		null							null	null	CommonSecurityLog
435	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T18:55:24.827Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: User:Avi Nimni and User:Moshe Levi. and Group:Users and User:Eran Zehavi and User:Haim Cohen and User:Tal Ben Haim		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint2-pc.preedattestenv.com						null	null				preedattestenv.com\\user4	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	Profile name: 'S-1-5-21-2619870177-3502509152-1737558779-1109' has connection to: 'LegacyGeneric:target\=PREEDATTESTENV\\user4' with username: 'PREEDATTESTENV\\user4' and last modification time: 'Nov 13 2019 7:44:17 AM'	Collection details	Vault	Collection source													null		null							null	null	CommonSecurityLog
436	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T18:55:24.827Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: User:Avi Nimni and User:Moshe Levi. and Group:Users and User:Eran Zehavi and User:Haim Cohen and User:Tal Ben Haim		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint5-pc.preedattestenv.com						null	null				preedattestenv.com\\user2	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	Profile name: 'S-1-5-21-2619870177-3502509152-1737558779-1125' has connection to: 'LegacyGeneric:target\=PREEDATTESTENV\\User2' with username: 'PREEDATTESTENV\\User2' and last modification time: 'Sep 15 2019 11:30:30 AM'	Collection details	Vault	Collection source													null		null							null	null	CommonSecurityLog
437	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T18:55:24.827Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: User:Avi Nimni and User:Moshe Levi. and Group:Users and User:Eran Zehavi and User:Haim Cohen and User:Tal Ben Haim		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint5-pc.preedattestenv.com						null	null				preedattestenv.com\\user5	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	User name: 'preedattestenv\\user5' has session in state 'Active'. Session id: '1', Logon ids: '517304', Logon type: 'Interactive', first logon time: 'May 17 2020 12:16:55 AM', last logon time: 'May 17 2020 12:16:55 AM'	Collection details	UserSession	Collection source													null		null							null	null	CommonSecurityLog
438	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T18:55:24.827Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: User:Avi Nimni and User:Moshe Levi. and Group:Users and User:Eran Zehavi and User:Haim Cohen and User:Tal Ben Haim		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint2-pc.preedattestenv.com						null	null				preedattestenv.com\\user2	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	User name: 'preedattestenv\\user2' has session in state 'Active'. Session id: '1', Logon ids: '486262,486308', Logon type: 'Interactive', first logon time: 'May 17 2020 12:16:03 AM', last logon time: 'May 17 2020 12:16:03 AM'	Collection details	UserSession	Collection source													null		null							null	null	CommonSecurityLog
439	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T18:55:29.957Z	1.58974E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com started attacker view collection		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:info;outcome=SUCCESS	null	null	CommonSecurityLog
440	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T18:55:30.003Z	1.58974E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com update attack surface rule{Rule Name\=Discover Domain User Credentials #1} full details {User Groups changed from 'TargetEntities{directoryEntity\=DirectoryEntity{commonName\='Haim Cohen', distinguishedName\='CN\=Haim Cohen,CN\=Users,dc\=PreedatTestEnv,dc\=com', objectClass\=User, childrenEntities\=null, members\=null, logonUser\='null', logonUserPreWindows2003\='null', objectSid\='null'} BaseEntity{dateCreated\=2020-05-17 11:53:26.894, lastUpdated\=2020-05-17 11:53:26.894}, operationType\=INCLUDE},TargetEntities{directoryEntity\=DirectoryEntity{commonName\='Tal Ben Haim', distinguishedName\='CN\=Tal Ben Haim,CN\=Users,dc\=PreedatTestEnv,dc\=com', objectClass\=User, childrenEntities\=null, members\=null, logonUser\='null', logonUserPreWindows2003\='null', objectSid\='null'} BaseEntity{dateCreated\=2020-05-17 11:53:26.894, lastUpdated\=2020-05-17 11:53:26.894}, operationType\=INCLUDE},TargetEntities{directoryEntity\=DirectoryEntity{commonName\='Moshe Levi.', distinguishedName\='CN\=Moshe Levi.,CN\=Users,dc\=PreedatTestEnv,dc\=com', objectClass\=User, childrenEntities\=null, members\=null, logonUser\='null', logonUserPreWindows2003\='null', objectSid\='null'} BaseEntity{dateCreated\=2020-05-17 11:53:26.894, lastUpdated\=2020-05-17 11:53:26.894}, operationType\=INCLUDE},TargetEntities{directoryEntity\=DirectoryEntity{commonName\='Avi Nimni', distinguishedName\='CN\=Avi Nimni,CN\=Users,dc\=PreedatTestEnv,dc\=com', objectClass\=User, childrenEntities\=null, members\=null, logonUser\='null', logonUserPreWindows2003\='null', objectSid\='null'} BaseEntity{dateCreated\=2020-05-17 11:53:26.894, lastUpdated\=2020-05-17 11:53:26.894}, operationType\=INCLUDE},TargetEntities{directoryEntity\=DirectoryEntity{commonName\='Eran Zehavi', distinguishedName\='CN\=Eran Zehavi,CN\=Users,dc\=PreedatTestEnv,dc\=com', objectClass\=User, childrenEntities\=null, members\=null, logonUser\='null', logonUserPreWindows2003\='null', objectSid\='null'} BaseEntity{dateCreated\=2020-05-17 11:53:26.894, lastUpdated\=2020-05-17 11:53:26.894}, operationType\=INCLUDE}' to 'TargetEntities{directoryEntity\=DirectoryEntity{commonName\='Users', distinguishedName\='CN\=Users,CN\=Builtin,dc\=PreedatTestEnv,dc\=com', objectClass\=Group, childrenEntities\=null, members\=null, logonUser\='null', logonUserPreWindows2003\='Users', objectSid\='null'} BaseEntity{dateCreated\=Sun May 17 11:54:30 PDT 2020, lastUpdated\=Sun May 17 11:54:30 PDT 2020}, operationType\=INCLUDE},TargetEntities{directoryEntity\=DirectoryEntity{commonName\='Haim Cohen', distinguishedName\='CN\=Haim Cohen,CN\=Users,dc\=PreedatTestEnv,dc\=com', objectClass\=User, childrenEntities\=null, members\=null, logonUser\='null', logonUserPreWindows2003\='null', objectSid\='null'} BaseEntity{dateCreated\=2020-05-17 11:53:26.894, lastUpdated\=2020-05-17 11:53:26.894}, operationType\=INCLUDE},TargetEntities{directoryEntity\=DirectoryEntity{commonName\='Tal Ben Haim', distinguishedName\='CN\=Tal Ben Haim,CN\=Users,dc\=PreedatTestEnv,dc\=com', objectClass\=User, childrenEntities\=null, members\=null, logonUser\='null', logonUserPreWindows2003\='null', objectSid\='null'} BaseEntity{dateCreated\=2020-05-17 11:53:26.894, lastUpdated\=2020-05-17 11:53:26.894}, operationType\=INCLUDE},TargetEntities{directoryEntity\=DirectoryEntity{commonName\='Moshe Levi.', distinguishedName\='CN\=Moshe Levi.,CN\=Users,dc\=PreedatTestEnv,dc\=com', objectClass\=User, childrenEntities\=null, members\=null, logonUser\='null', logonUserPreWindows2003\='null', objectSid\='null'} BaseEntity{dateCreated\=2020-05-17 11:53:26.894, lastUpdated\=2020-05-17 11:53:26.894}, operationType\=INCLUDE},TargetEntities{directoryEntity\=DirectoryEntity{commonName\='Avi Nimni', distinguishedName\='CN\=Avi Nimni,CN\=Users,dc\=PreedatTestEnv,dc\=com', objectClass\=User, childrenEntities\=null, members\=null, logonUser\='null', logonUserPreWindows2003\='null', objectSid\='null'} BaseEntity{dateCreated\=2020-05-17 11:53:26.894, lastUpdated\=2020-05-17 11:53:26.894}, operationType\=INCLUDE},TargetEntities{directoryEntity\=DirectoryEntity{commonName\='Eran Zehavi', distinguishedName\='CN\=Eran Zehavi,CN\=Users,dc\=PreedatTestEnv,dc\=com', objectClass\=User, childrenEntities\=null, members\=null, logonUser\='null', logonUserPreWindows2003\='null', objectSid\='null'} BaseEntity{dateCreated\=2020-05-17 11:53:26.894, lastUpdated\=2020-05-17 11:53:26.894}, operationType\=INCLUDE}'}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:change;outcome=SUCCESS	null	null	CommonSecurityLog
441	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T18:56:24.85Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: User:Avi Nimni and User:Moshe Levi. and Group:Users and User:Eran Zehavi and User:Haim Cohen and User:Tal Ben Haim		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint3-pc.preedattestenv.com						null	null				preedattestenv.com\\user3	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	User name: 'preedattestenv\\user3' has session in state 'Disconnected'. Session id: '1', Logon ids: '1084102,1084046', Logon type: 'Interactive', first logon time: 'May 17 2020 12:17:39 AM', last logon time: 'May 17 2020 12:17:39 AM', last active time: 'May 17 2020 12:26:14 AM'	Collection details	UserSession	Collection source													null		null							null	null	CommonSecurityLog
442	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T18:56:24.867Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: Group:Enterprise Admins and Group:Domain Admins and Group:Schema Admins and Group:DnsAdmins		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint5-pc.preedattestenv.com						null	null				preedattestenv.com\\administrator	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	Profile name: 'S-1-5-21-2619870177-3502509152-1737558779-1125' has connection to: 'Domain:interactive\=PreedatTestEnv.com\\Administrator' with username: 'PreedatTestEnv.com\\Administrator' and last modification time: 'Jun 12 2017 7:59:33 PM'	Collection details	Vault	Collection source													null		null							null	null	CommonSecurityLog
443	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T18:56:24.87Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: User:Avi Nimni and User:Moshe Levi. and Group:Users and User:Eran Zehavi and User:Haim Cohen and User:Tal Ben Haim		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint5-pc.preedattestenv.com						null	null				preedattestenv.com\\user5	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	User name: 'preedattestenv\\user5' has session in state 'Active'. Session id: '1', Logon ids: '517304', Logon type: 'Interactive', first logon time: 'May 17 2020 12:16:55 AM', last logon time: 'May 17 2020 12:16:55 AM'	Collection details	UserSession	Collection source													null		null							null	null	CommonSecurityLog
444	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T18:56:24.87Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: User:Avi Nimni and User:Moshe Levi. and Group:Users and User:Eran Zehavi and User:Haim Cohen and User:Tal Ben Haim		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint2-pc.preedattestenv.com						null	null				preedattestenv.com\\user2	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	User name: 'preedattestenv\\user2' has session in state 'Active'. Session id: '1', Logon ids: '486262,486308', Logon type: 'Interactive', first logon time: 'May 17 2020 12:16:03 AM', last logon time: 'May 17 2020 12:16:03 AM'	Collection details	UserSession	Collection source													null		null							null	null	CommonSecurityLog
445	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T18:56:24.87Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: User:Avi Nimni and User:Moshe Levi. and Group:Users and User:Eran Zehavi and User:Haim Cohen and User:Tal Ben Haim		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint2-pc.preedattestenv.com						null	null				preedattestenv.com\\user4	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	Profile name: 'S-1-5-21-2619870177-3502509152-1737558779-1109' has connection to: 'LegacyGeneric:target\=PREEDATTESTENV\\user4' with username: 'PREEDATTESTENV\\user4' and last modification time: 'Nov 13 2019 7:44:17 AM'	Collection details	Vault	Collection source													null		null							null	null	CommonSecurityLog
446	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T18:56:24.87Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: Group:Enterprise Admins and Group:Domain Admins and Group:Schema Admins and Group:DnsAdmins		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint2-pc.preedattestenv.com						null	null				preedattestenv.com\\administrator	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	Profile name: 'S-1-5-21-2619870177-3502509152-1737558779-1109' has connection to: 'Domain:interactive\=PreedatTestEnv.com\\Administrator' with username: 'PreedatTestEnv.com\\Administrator' and last modification time: 'Nov 13 2019 7:44:17 AM'	Collection details	Vault	Collection source													null		null							null	null	CommonSecurityLog
447	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T18:56:24.87Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: User:Avi Nimni and User:Moshe Levi. and Group:Users and User:Eran Zehavi and User:Haim Cohen and User:Tal Ben Haim		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint5-pc.preedattestenv.com						null	null				preedattestenv.com\\user2	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	Profile name: 'S-1-5-21-2619870177-3502509152-1737558779-1125' has connection to: 'LegacyGeneric:target\=PREEDATTESTENV\\User2' with username: 'PREEDATTESTENV\\User2' and last modification time: 'Sep 15 2019 11:30:30 AM'	Collection details	Vault	Collection source													null		null							null	null	CommonSecurityLog
448	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T18:56:30.127Z	1.58974E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com update attack surface rule{Rule Name\=Discover instances of standard privileged groups credentials on all deployed machines #1} full details {Should Notify Siem changed from 'false' to 'true'}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:change;outcome=SUCCESS	null	null	CommonSecurityLog
449	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:01:25.037Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: Group:Enterprise Admins and Group:Domain Admins and Group:Schema Admins and Group:DnsAdmins		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint5-pc.preedattestenv.com						null	null				preedattestenv.com\\administrator	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	Profile name: 'S-1-5-21-2619870177-3502509152-1737558779-1125' has connection to: 'Domain:interactive\=PreedatTestEnv.com\\Administrator' with username: 'PreedatTestEnv.com\\Administrator' and last modification time: 'Jun 12 2017 7:59:33 PM'	Collection details	Vault	Collection source													null		null							null	null	CommonSecurityLog
450	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:01:25.05Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: User:Avi Nimni and User:Moshe Levi. and Group:Users and User:Eran Zehavi and User:Haim Cohen and User:Tal Ben Haim		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint5-pc.preedattestenv.com						null	null				preedattestenv.com\\user5	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	User name: 'preedattestenv\\user5' has session in state 'Active'. Session id: '1', Logon ids: '517304', Logon type: 'Interactive', first logon time: 'May 17 2020 12:16:55 AM', last logon time: 'May 17 2020 12:16:55 AM'	Collection details	UserSession	Collection source													null		null							null	null	CommonSecurityLog
451	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:01:25.05Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: Group:Enterprise Admins and Group:Domain Admins and Group:Schema Admins and Group:DnsAdmins		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint2-pc.preedattestenv.com						null	null				preedattestenv.com\\administrator	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	Profile name: 'S-1-5-21-2619870177-3502509152-1737558779-1109' has connection to: 'Domain:interactive\=PreedatTestEnv.com\\Administrator' with username: 'PreedatTestEnv.com\\Administrator' and last modification time: 'Nov 13 2019 7:44:17 AM'	Collection details	Vault	Collection source													null		null							null	null	CommonSecurityLog
452	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:01:25.05Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: User:Avi Nimni and User:Moshe Levi. and Group:Users and User:Eran Zehavi and User:Haim Cohen and User:Tal Ben Haim		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint2-pc.preedattestenv.com						null	null				preedattestenv.com\\user4	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	Profile name: 'S-1-5-21-2619870177-3502509152-1737558779-1109' has connection to: 'LegacyGeneric:target\=PREEDATTESTENV\\user4' with username: 'PREEDATTESTENV\\user4' and last modification time: 'Nov 13 2019 7:44:17 AM'	Collection details	Vault	Collection source													null		null							null	null	CommonSecurityLog
453	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:01:25.05Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: User:Avi Nimni and User:Moshe Levi. and Group:Users and User:Eran Zehavi and User:Haim Cohen and User:Tal Ben Haim		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint3-pc.preedattestenv.com						null	null				preedattestenv.com\\user3	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	User name: 'preedattestenv\\user3' has session in state 'Disconnected'. Session id: '1', Logon ids: '1084102,1084046', Logon type: 'Interactive', first logon time: 'May 17 2020 12:17:39 AM', last logon time: 'May 17 2020 12:17:39 AM', last active time: 'May 17 2020 12:26:14 AM'	Collection details	UserSession	Collection source													null		null							null	null	CommonSecurityLog
454	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:01:25.05Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: User:Avi Nimni and User:Moshe Levi. and Group:Users and User:Eran Zehavi and User:Haim Cohen and User:Tal Ben Haim		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint2-pc.preedattestenv.com						null	null				preedattestenv.com\\user2	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	User name: 'preedattestenv\\user2' has session in state 'Active'. Session id: '1', Logon ids: '486262,486308', Logon type: 'Interactive', first logon time: 'May 17 2020 12:16:03 AM', last logon time: 'May 17 2020 12:16:03 AM'	Collection details	UserSession	Collection source													null		null							null	null	CommonSecurityLog
455	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:01:25.05Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: User:Avi Nimni and User:Moshe Levi. and Group:Users and User:Eran Zehavi and User:Haim Cohen and User:Tal Ben Haim		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint5-pc.preedattestenv.com						null	null				preedattestenv.com\\user2	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	Profile name: 'S-1-5-21-2619870177-3502509152-1737558779-1125' has connection to: 'LegacyGeneric:target\=PREEDATTESTENV\\User2' with username: 'PREEDATTESTENV\\User2' and last modification time: 'Sep 15 2019 11:30:30 AM'	Collection details	Vault	Collection source													null		null							null	null	CommonSecurityLog
456	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:07:25.287Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: User:Avi Nimni and User:Moshe Levi. and Group:Users and User:Eran Zehavi and User:Haim Cohen and User:Tal Ben Haim		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint5-pc.preedattestenv.com						null	null				preedattestenv.com\\user2	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	Profile name: 'S-1-5-21-2619870177-3502509152-1737558779-1125' has connection to: 'LegacyGeneric:target\=PREEDATTESTENV\\User2' with username: 'PREEDATTESTENV\\User2' and last modification time: 'Sep 15 2019 11:30:30 AM'	Collection details	Vault	Collection source													null		null							null	null	CommonSecurityLog
457	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:07:25.307Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: User:Avi Nimni and User:Moshe Levi. and Group:Users and User:Eran Zehavi and User:Haim Cohen and User:Tal Ben Haim		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint2-pc.preedattestenv.com						null	null				preedattestenv.com\\user2	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	User name: 'preedattestenv\\user2' has session in state 'Active'. Session id: '1', Logon ids: '486262,486308', Logon type: 'Interactive', first logon time: 'May 17 2020 12:16:03 AM', last logon time: 'May 17 2020 12:16:03 AM'	Collection details	UserSession	Collection source													null		null							null	null	CommonSecurityLog
458	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:07:25.307Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: Group:Enterprise Admins and Group:Domain Admins and Group:Schema Admins and Group:DnsAdmins		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint2-pc.preedattestenv.com						null	null				preedattestenv.com\\administrator	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	Profile name: 'S-1-5-21-2619870177-3502509152-1737558779-1109' has connection to: 'Domain:interactive\=PreedatTestEnv.com\\Administrator' with username: 'PreedatTestEnv.com\\Administrator' and last modification time: 'Nov 13 2019 7:44:17 AM'	Collection details	Vault	Collection source													null		null							null	null	CommonSecurityLog
459	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:07:25.307Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: User:Avi Nimni and User:Moshe Levi. and Group:Users and User:Eran Zehavi and User:Haim Cohen and User:Tal Ben Haim		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint5-pc.preedattestenv.com						null	null				preedattestenv.com\\user5	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	User name: 'preedattestenv\\user5' has session in state 'Active'. Session id: '1', Logon ids: '517304', Logon type: 'Interactive', first logon time: 'May 17 2020 12:16:55 AM', last logon time: 'May 17 2020 12:16:55 AM'	Collection details	UserSession	Collection source													null		null							null	null	CommonSecurityLog
460	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:07:25.307Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: Group:Enterprise Admins and Group:Domain Admins and Group:Schema Admins and Group:DnsAdmins		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint5-pc.preedattestenv.com						null	null				preedattestenv.com\\administrator	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	Profile name: 'S-1-5-21-2619870177-3502509152-1737558779-1125' has connection to: 'Domain:interactive\=PreedatTestEnv.com\\Administrator' with username: 'PreedatTestEnv.com\\Administrator' and last modification time: 'Jun 12 2017 7:59:33 PM'	Collection details	Vault	Collection source													null		null							null	null	CommonSecurityLog
461	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:07:25.307Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: User:Avi Nimni and User:Moshe Levi. and Group:Users and User:Eran Zehavi and User:Haim Cohen and User:Tal Ben Haim		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint2-pc.preedattestenv.com						null	null				preedattestenv.com\\user4	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	Profile name: 'S-1-5-21-2619870177-3502509152-1737558779-1109' has connection to: 'LegacyGeneric:target\=PREEDATTESTENV\\user4' with username: 'PREEDATTESTENV\\user4' and last modification time: 'Nov 13 2019 7:44:17 AM'	Collection details	Vault	Collection source													null		null							null	null	CommonSecurityLog
462	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:07:25.307Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: User:Avi Nimni and User:Moshe Levi. and Group:Users and User:Eran Zehavi and User:Haim Cohen and User:Tal Ben Haim		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint3-pc.preedattestenv.com						null	null				preedattestenv.com\\user3	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	User name: 'preedattestenv\\user3' has session in state 'Disconnected'. Session id: '1', Logon ids: '1084102,1084046', Logon type: 'Interactive', first logon time: 'May 17 2020 12:17:39 AM', last logon time: 'May 17 2020 12:17:39 AM', last active time: 'May 17 2020 12:26:14 AM'	Collection details	UserSession	Collection source													null		null							null	null	CommonSecurityLog
463	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:08:10.687Z	1.58974E+12	illusive	illusive	illusive:heartbeat	0							null		10.1.2.72				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
464	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:08:10.687Z	1.58974E+12	illusive	illusive	illusive:heartbeat	0							null		192.168.77.78				null					null					null	null		3.1.127.1613	Heartbeat		null				null												null							null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:SYS	null	null	CommonSecurityLog
465	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:10:25.427Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored Crown Jewel credentials of type DevOps (AD) in application of the following services SSH		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint3-pc.preedattestenv.com						null	null					null									null		null		null		null		null		null		null		CROWN_JEWEL_CREDENTIALS	Rule Type	Profile name: 'User3' has connection to: 'win-euuezzttfsw.preedattestenv.com' with username: 'test'	Collection details	win-euuezzttfsw.preedattestenv.com	Crown Jewel Host	SSH	Service Type	MRemoteNG	Collection source	DevOps (AD)	Crown Jewel Type							null		null							null	null	CommonSecurityLog
466	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:10:25.427Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: Group:Enterprise Admins and Group:Domain Admins and Group:Schema Admins and Group:DnsAdmins		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint2-pc.preedattestenv.com						null	null				preedattestenv.com\\administrator	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	Profile name: 'S-1-5-21-2619870177-3502509152-1737558779-1109' has connection to: 'Domain:interactive\=PreedatTestEnv.com\\Administrator' with username: 'PreedatTestEnv.com\\Administrator' and last modification time: 'Nov 13 2019 7:44:17 AM'	Collection details	Vault	Collection source													null		null							null	null	CommonSecurityLog
467	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:10:25.427Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored Crown Jewel credentials of type Management (Management PC) in application of the following services RDP		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint2-pc.preedattestenv.com						null	null					null									null		null		null		null		null		null		null		CROWN_JEWEL_CREDENTIALS	Rule Type	Profile name: 'S-1-5-21-2619870177-3502509152-1737558779-1109' has connection to: 'EndPoint3-PC' with username: 'PREEDATTESTENV\\User3' and last modification time: 'Mar 1 2020 12:45:04 PM'	Collection details	endpoint3-pc.preedattestenv.com	Crown Jewel Host	RDP	Service Type	RdpRegistry	Collection source	Management (Management PC)	Crown Jewel Type							null		null							null	null	CommonSecurityLog
468	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:10:25.43Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored Crown Jewel credentials of type Management (Management PC) in application of the following services RDP		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint2-pc.preedattestenv.com						null	null					null									null		null		null		null		null		null		null		CROWN_JEWEL_CREDENTIALS	Rule Type	Profile name: 'User2' has connection to: 'EndPoint3-PC' and last modification time: 'Mar 1 2020 12:45:10 PM' and path: 'C:\\Users\\User2\\Documents\\Default.rdp'	Collection details	endpoint3-pc.preedattestenv.com	Crown Jewel Host	RDP	Service Type	RdpFile	Collection source	Management (Management PC)	Crown Jewel Type							null		null							null	null	CommonSecurityLog
469	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:10:25.43Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: User:Avi Nimni and User:Moshe Levi. and Group:Users and User:Eran Zehavi and User:Haim Cohen and User:Tal Ben Haim		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint2-pc.preedattestenv.com						null	null				preedattestenv.com\\user2	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	User name: 'preedattestenv\\user2' has session in state 'Active'. Session id: '1', Logon ids: '486262,486308', Logon type: 'Interactive', first logon time: 'May 17 2020 12:16:03 AM', last logon time: 'May 17 2020 12:16:03 AM'	Collection details	UserSession	Collection source													null		null							null	null	CommonSecurityLog
470	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:10:25.43Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: User:Avi Nimni and User:Moshe Levi. and Group:Users and User:Eran Zehavi and User:Haim Cohen and User:Tal Ben Haim		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint5-pc.preedattestenv.com						null	null				preedattestenv.com\\user2	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	Profile name: 'S-1-5-21-2619870177-3502509152-1737558779-1125' has connection to: 'LegacyGeneric:target\=PREEDATTESTENV\\User2' with username: 'PREEDATTESTENV\\User2' and last modification time: 'Sep 15 2019 11:30:30 AM'	Collection details	Vault	Collection source													null		null							null	null	CommonSecurityLog
471	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:10:25.43Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: Group:Enterprise Admins and Group:Domain Admins and Group:Schema Admins and Group:DnsAdmins		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint5-pc.preedattestenv.com						null	null				preedattestenv.com\\administrator	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	Profile name: 'S-1-5-21-2619870177-3502509152-1737558779-1125' has connection to: 'Domain:interactive\=PreedatTestEnv.com\\Administrator' with username: 'PreedatTestEnv.com\\Administrator' and last modification time: 'Jun 12 2017 7:59:33 PM'	Collection details	Vault	Collection source													null		null							null	null	CommonSecurityLog
472	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:10:25.43Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored Crown Jewel credentials of type Management (Management PC) in application of the following services Share		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint2-pc.preedattestenv.com						null	null					null									null		null		null		null		null		null		null		CROWN_JEWEL_CREDENTIALS	Rule Type	Profile name: 'S-1-5-21-2619870177-3502509152-1737558779-1109' has connection to: '\\\\endpoint5-pc.preedattestenv.com\\c$' with username: 'preedattestenv\\user5'	Collection details	endpoint5-pc.preedattestenv.com	Crown Jewel Host	Share	Service Type	ActiveShare	Collection source	Management (Management PC)	Crown Jewel Type							null		null							null	null	CommonSecurityLog
473	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:10:25.43Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored Crown Jewel credentials of type DevOps (AD) in application of the following services FTP		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint3-pc.preedattestenv.com						null	null					null									null		null		null		null		null		null		null		CROWN_JEWEL_CREDENTIALS	Rule Type	Profile name: 'S-1-5-21-2619870177-3502509152-1737558779-1110' has connection to: 'win-euuezzttfsw.preedattestenv.com' with username: 'test' and last modification time: 'May 17 2020 12:05:15 PM'	Collection details	win-euuezzttfsw.preedattestenv.com	Crown Jewel Host	FTP	Service Type	WinSCP	Collection source	DevOps (AD)	Crown Jewel Type							null		null							null	null	CommonSecurityLog
474	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:10:25.43Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: User:Avi Nimni and User:Moshe Levi. and Group:Users and User:Eran Zehavi and User:Haim Cohen and User:Tal Ben Haim		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint5-pc.preedattestenv.com						null	null				preedattestenv.com\\user5	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	User name: 'preedattestenv\\user5' has session in state 'Active'. Session id: '1', Logon ids: '517304', Logon type: 'Interactive', first logon time: 'May 17 2020 12:16:55 AM', last logon time: 'May 17 2020 12:16:55 AM'	Collection details	UserSession	Collection source													null		null							null	null	CommonSecurityLog
475	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:10:25.43Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored Crown Jewel credentials of type DevOps (AD) in application of the following services FTP		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint2-pc.preedattestenv.com						null	null					null									null		null		null		null		null		null		null		CROWN_JEWEL_CREDENTIALS	Rule Type	Profile name: 'S-1-5-21-2619870177-3502509152-1737558779-1109' has connection to: 'win-euuezzttfsw.preedattestenv.com' with username: 'bla' and last modification time: 'Mar 9 2020 12:41:18 PM'	Collection details	win-euuezzttfsw.preedattestenv.com	Crown Jewel Host	FTP	Service Type	WinSCP	Collection source	DevOps (AD)	Crown Jewel Type							null		null							null	null	CommonSecurityLog
476	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:10:25.43Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: User:Avi Nimni and User:Moshe Levi. and Group:Users and User:Eran Zehavi and User:Haim Cohen and User:Tal Ben Haim		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint3-pc.preedattestenv.com						null	null				preedattestenv.com\\user3	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	User name: 'preedattestenv\\user3' has session in state 'Active'. Session id: '1', Logon ids: '1084102,1084046', Logon type: 'Interactive', first logon time: 'May 17 2020 12:17:39 AM', last logon time: 'May 17 2020 12:17:39 AM', last active time: 'May 17 2020 11:55:24 AM'	Collection details	UserSession	Collection source													null		null							null	null	CommonSecurityLog
477	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:10:25.43Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: User:Avi Nimni and User:Moshe Levi. and Group:Users and User:Eran Zehavi and User:Haim Cohen and User:Tal Ben Haim		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint2-pc.preedattestenv.com						null	null				preedattestenv.com\\user4	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	Profile name: 'S-1-5-21-2619870177-3502509152-1737558779-1109' has connection to: 'LegacyGeneric:target\=PREEDATTESTENV\\user4' with username: 'PREEDATTESTENV\\user4' and last modification time: 'Nov 13 2019 7:44:17 AM'	Collection details	Vault	Collection source													null		null							null	null	CommonSecurityLog
478	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:10:25.43Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored Crown Jewel credentials of type DevOps (AD) in application of the following services RDP		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint2-pc.preedattestenv.com						null	null					null									null		null		null		null		null		null		null		CROWN_JEWEL_CREDENTIALS	Rule Type	Profile name: 'S-1-5-21-2619870177-3502509152-1737558779-1109' has connection to: 'LegacyGeneric:target\=TERMSRV/win-euuezzttfsw.preedattestenv.com' with username: 'mgmt' and last modification time: 'Mar 9 2020 12:36:39 PM'	Collection details	win-euuezzttfsw.preedattestenv.com	Crown Jewel Host	RDP	Service Type	Vault	Collection source	DevOps (AD)	Crown Jewel Type							null		null							null	null	CommonSecurityLog
479	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:10:25.43Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored Crown Jewel credentials of type DevOps (AD) in application of the following services RDP		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint2-pc.preedattestenv.com						null	null					null									null		null		null		null		null		null		null		CROWN_JEWEL_CREDENTIALS	Rule Type	Profile name: 'S-1-5-21-2619870177-3502509152-1737558779-1109' has connection to: 'win-euuezzttfsw.preedattestenv.com' with username: 'mgmt' and last modification time: 'Mar 9 2020 12:36:40 PM'	Collection details	win-euuezzttfsw.preedattestenv.com	Crown Jewel Host	RDP	Service Type	RdpRegistry	Collection source	DevOps (AD)	Crown Jewel Type							null		null							null	null	CommonSecurityLog
480	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:10:25.43Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored Crown Jewel credentials of type HR (HR Servers) in application of the following services SSH		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint3-pc.preedattestenv.com						null	null					null									null		null		null		null		null		null		null		CROWN_JEWEL_CREDENTIALS	Rule Type	Profile name: 'User3' has connection to: 'hrserver.preedattestenv.com' with username: 'test'	Collection details	hrserver.preedattestenv.com	Crown Jewel Host	SSH	Service Type	MRemoteNG	Collection source	HR (HR Servers)	Crown Jewel Type							null		null							null	null	CommonSecurityLog
481	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:10:25.43Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored Crown Jewel credentials of type Management (Management PC) in application of the following services Share		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint2-pc.preedattestenv.com						null	null					null									null		null		null		null		null		null		null		CROWN_JEWEL_CREDENTIALS	Rule Type	Profile name: 'S-1-5-21-2619870177-3502509152-1737558779-1109' has connection to: '\\\\endpoint3-pc.preedattestenv.com\\c$' with username: 'preedattestenv\\user3'	Collection details	endpoint3-pc.preedattestenv.com	Crown Jewel Host	Share	Service Type	ActiveShare	Collection source	Management (Management PC)	Crown Jewel Type							null		null							null	null	CommonSecurityLog
482	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:10:30.317Z	1.58974E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com started attacker view collection		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:info;outcome=SUCCESS	null	null	CommonSecurityLog
483	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:10:30.357Z	1.58974E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com add attack surface rule{Rule Name\=Discover saved connections to Crown Jewels #1} full details {Sub Types\=MachineSubTag{id\=a4d462dd-81ff-455f-bb2d-abcd879477de, machineTag\=MachineTag{id\=ef69a94a-1052-4103-9ed9-72ae789c3e56, name\='Manual'}, name\='MACHINE', defaultCriticalityLevel\=HIGH},MachineSubTag{id\=6b1e1d85-9c12-47d3-ac96-a225f54d22c6, machineTag\=MachineTag{id\=2ab7d944-809c-47f7-a058-30545e61860c, name\='HR'}, name\='HR Servers', defaultCriticalityLevel\=HIGH},MachineSubTag{id\=c33af919-9e47-4897-b4aa-3a184a29420a, machineTag\=MachineTag{id\=1d3a3fad-8c0a-4d38-b572-289b48a66e14, name\='Management'}, name\='Management PC', defaultCriticalityLevel\=HIGH},MachineSubTag{id\=65f11027-886c-4119-b732-f1a450aec323, machineTag\=MachineTag{id\=cdba6545-558b-41b7-8b18-8ce2b1689c1b, name\='DevOps'}, name\='Management Servers', defaultCriticalityLevel\=HIGH},MachineSubTag{id\=806923ae-14d4-444b-9aec-b1bf2e2290bd, machineTag\=MachineTag{id\=cdba6545-558b-41b7-8b18-8ce2b1689c1b, name\='DevOps'}, name\='AD', defaultCriticalityLevel\=HIGH} Should Notify Siem\=true Rule Name\=Discover saved connections to Crown Jewels #1 Should Run on all Network\=true Service Types\=WEB,SAAS,SSH,DB,SHARE,RDP,FTP Should Send Mail Notification\=false}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:change;outcome=SUCCESS	null	null	CommonSecurityLog
484	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:11:25.367Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: User:Avi Nimni and User:Moshe Levi. and Group:Users and User:Eran Zehavi and User:Haim Cohen and User:Tal Ben Haim		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint5-pc.preedattestenv.com						null	null				preedattestenv.com\\user2	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	Profile name: 'S-1-5-21-2619870177-3502509152-1737558779-1125' has connection to: 'LegacyGeneric:target\=PREEDATTESTENV\\User2' with username: 'PREEDATTESTENV\\User2' and last modification time: 'Sep 15 2019 11:30:30 AM'	Collection details	Vault	Collection source													null		null							null	null	CommonSecurityLog
485	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:11:25.387Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: User:Avi Nimni and User:Moshe Levi. and Group:Users and User:Eran Zehavi and User:Haim Cohen and User:Tal Ben Haim		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint5-pc.preedattestenv.com						null	null				preedattestenv.com\\user5	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	User name: 'preedattestenv\\user5' has session in state 'Active'. Session id: '1', Logon ids: '517304', Logon type: 'Interactive', first logon time: 'May 17 2020 12:16:55 AM', last logon time: 'May 17 2020 12:16:55 AM'	Collection details	UserSession	Collection source													null		null							null	null	CommonSecurityLog
486	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:11:25.387Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: Group:Enterprise Admins and Group:Domain Admins and Group:Schema Admins and Group:DnsAdmins		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint5-pc.preedattestenv.com						null	null				preedattestenv.com\\administrator	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	Profile name: 'S-1-5-21-2619870177-3502509152-1737558779-1125' has connection to: 'Domain:interactive\=PreedatTestEnv.com\\Administrator' with username: 'PreedatTestEnv.com\\Administrator' and last modification time: 'Jun 12 2017 7:59:33 PM'	Collection details	Vault	Collection source													null		null							null	null	CommonSecurityLog
487	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:12:25.527Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored Crown Jewel credentials of type DevOps (AD) in application of the following services SSH		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint3-pc.preedattestenv.com						null	null					null									null		null		null		null		null		null		null		CROWN_JEWEL_CREDENTIALS	Rule Type	Profile name: 'User3' has connection to: 'win-euuezzttfsw.preedattestenv.com' with username: 'test'	Collection details	win-euuezzttfsw.preedattestenv.com	Crown Jewel Host	SSH	Service Type	MRemoteNG	Collection source	DevOps (AD)	Crown Jewel Type							null		null							null	null	CommonSecurityLog
488	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:12:25.527Z		illusive	illusive	illusive:violation	10							null				No Local User administrators should have stored credentials to the following target: except OrganizationalUnit:Groups		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint5-pc.preedattestenv.com						null	null				test	null									null		null		null		null		null		null		null		LOCAL_USER_ADMINISTRATORS	Rule Type																	null		null							null	null	CommonSecurityLog
489	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:12:25.527Z		illusive	illusive	illusive:violation	10							null				No Local User administrators should have stored credentials to the following target: except OrganizationalUnit:Groups		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint3-pc.preedattestenv.com						null	null				endpoint1	null									null		null		null		null		null		null		null		LOCAL_USER_ADMINISTRATORS	Rule Type																	null		null							null	null	CommonSecurityLog
490	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:12:25.527Z		illusive	illusive	illusive:violation	10							null				No Local User administrators should have stored credentials to the following target: except OrganizationalUnit:Groups		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint2-pc.preedattestenv.com						null	null				endpoint1	null									null		null		null		null		null		null		null		LOCAL_USER_ADMINISTRATORS	Rule Type																	null		null							null	null	CommonSecurityLog
491	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:12:25.527Z		illusive	illusive	illusive:violation	10							null				No Local User administrators should have stored credentials to the following target: except OrganizationalUnit:Groups		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint5-pc.preedattestenv.com						null	null				admin	null									null		null		null		null		null		null		null		LOCAL_USER_ADMINISTRATORS	Rule Type																	null		null							null	null	CommonSecurityLog
492	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:12:25.527Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: Group:Enterprise Admins and Group:Domain Admins and Group:Schema Admins and Group:DnsAdmins		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint2-pc.preedattestenv.com						null	null				preedattestenv.com\\administrator	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	Profile name: 'S-1-5-21-2619870177-3502509152-1737558779-1109' has connection to: 'Domain:interactive\=PreedatTestEnv.com\\Administrator' with username: 'PreedatTestEnv.com\\Administrator' and last modification time: 'Nov 13 2019 7:44:17 AM'	Collection details	Vault	Collection source													null		null							null	null	CommonSecurityLog
493	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:12:25.527Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: User:Avi Nimni and User:Moshe Levi. and Group:Users and User:Eran Zehavi and User:Haim Cohen and User:Tal Ben Haim		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint3-pc.preedattestenv.com						null	null				preedattestenv.com\\user3	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	User name: 'preedattestenv\\user3' has session in state 'Active'. Session id: '1', Logon ids: '1084102,1084046', Logon type: 'Interactive', first logon time: 'May 17 2020 12:17:39 AM', last logon time: 'May 17 2020 12:17:39 AM', last active time: 'May 17 2020 11:55:24 AM'	Collection details	UserSession	Collection source													null		null							null	null	CommonSecurityLog
494	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:12:25.527Z		illusive	illusive	illusive:violation	10							null				No Local User administrators should have stored credentials to the following target: except OrganizationalUnit:Groups		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint3-pc.preedattestenv.com						null	null				user1	null									null		null		null		null		null		null		null		LOCAL_USER_ADMINISTRATORS	Rule Type																	null		null							null	null	CommonSecurityLog
495	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:12:25.53Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: User:Avi Nimni and User:Moshe Levi. and Group:Users and User:Eran Zehavi and User:Haim Cohen and User:Tal Ben Haim		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint5-pc.preedattestenv.com						null	null				preedattestenv.com\\user2	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	Profile name: 'S-1-5-21-2619870177-3502509152-1737558779-1125' has connection to: 'LegacyGeneric:target\=PREEDATTESTENV\\User2' with username: 'PREEDATTESTENV\\User2' and last modification time: 'Sep 15 2019 11:30:30 AM'	Collection details	Vault	Collection source													null		null							null	null	CommonSecurityLog
496	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:12:25.53Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored Crown Jewel credentials of type DevOps (AD) in application of the following services RDP		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint2-pc.preedattestenv.com						null	null					null									null		null		null		null		null		null		null		CROWN_JEWEL_CREDENTIALS	Rule Type	Profile name: 'S-1-5-21-2619870177-3502509152-1737558779-1109' has connection to: 'LegacyGeneric:target\=TERMSRV/win-euuezzttfsw.preedattestenv.com' with username: 'mgmt' and last modification time: 'Mar 9 2020 12:36:39 PM'	Collection details	win-euuezzttfsw.preedattestenv.com	Crown Jewel Host	RDP	Service Type	Vault	Collection source	DevOps (AD)	Crown Jewel Type							null		null							null	null	CommonSecurityLog
497	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:12:25.53Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored Crown Jewel credentials of type DevOps (AD) in application of the following services FTP		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint3-pc.preedattestenv.com						null	null					null									null		null		null		null		null		null		null		CROWN_JEWEL_CREDENTIALS	Rule Type	Profile name: 'S-1-5-21-2619870177-3502509152-1737558779-1110' has connection to: 'win-euuezzttfsw.preedattestenv.com' with username: 'test' and last modification time: 'May 17 2020 12:05:15 PM'	Collection details	win-euuezzttfsw.preedattestenv.com	Crown Jewel Host	FTP	Service Type	WinSCP	Collection source	DevOps (AD)	Crown Jewel Type							null		null							null	null	CommonSecurityLog
498	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:12:25.53Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: User:Avi Nimni and User:Moshe Levi. and Group:Users and User:Eran Zehavi and User:Haim Cohen and User:Tal Ben Haim		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint2-pc.preedattestenv.com						null	null				preedattestenv.com\\user2	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	User name: 'preedattestenv\\user2' has session in state 'Active'. Session id: '1', Logon ids: '486262,486308', Logon type: 'Interactive', first logon time: 'May 17 2020 12:16:03 AM', last logon time: 'May 17 2020 12:16:03 AM'	Collection details	UserSession	Collection source													null		null							null	null	CommonSecurityLog
499	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:12:25.53Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: Group:Enterprise Admins and Group:Domain Admins and Group:Schema Admins and Group:DnsAdmins		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint5-pc.preedattestenv.com						null	null				preedattestenv.com\\administrator	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	Profile name: 'S-1-5-21-2619870177-3502509152-1737558779-1125' has connection to: 'Domain:interactive\=PreedatTestEnv.com\\Administrator' with username: 'PreedatTestEnv.com\\Administrator' and last modification time: 'Jun 12 2017 7:59:33 PM'	Collection details	Vault	Collection source													null		null							null	null	CommonSecurityLog
500	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:12:25.53Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored Crown Jewel credentials of type DevOps (AD) in application of the following services FTP		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint2-pc.preedattestenv.com						null	null					null									null		null		null		null		null		null		null		CROWN_JEWEL_CREDENTIALS	Rule Type	Profile name: 'S-1-5-21-2619870177-3502509152-1737558779-1109' has connection to: 'win-euuezzttfsw.preedattestenv.com' with username: 'bla' and last modification time: 'Mar 9 2020 12:41:18 PM'	Collection details	win-euuezzttfsw.preedattestenv.com	Crown Jewel Host	FTP	Service Type	WinSCP	Collection source	DevOps (AD)	Crown Jewel Type							null		null							null	null	CommonSecurityLog
501	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:12:25.53Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored Crown Jewel credentials of type DevOps (AD) in application of the following services RDP		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint2-pc.preedattestenv.com						null	null					null									null		null		null		null		null		null		null		CROWN_JEWEL_CREDENTIALS	Rule Type	Profile name: 'S-1-5-21-2619870177-3502509152-1737558779-1109' has connection to: 'win-euuezzttfsw.preedattestenv.com' with username: 'mgmt' and last modification time: 'Mar 9 2020 12:36:40 PM'	Collection details	win-euuezzttfsw.preedattestenv.com	Crown Jewel Host	RDP	Service Type	RdpRegistry	Collection source	DevOps (AD)	Crown Jewel Type							null		null							null	null	CommonSecurityLog
502	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:12:25.53Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored Crown Jewel credentials of type HR (HR Servers) in application of the following services SSH		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint3-pc.preedattestenv.com						null	null					null									null		null		null		null		null		null		null		CROWN_JEWEL_CREDENTIALS	Rule Type	Profile name: 'User3' has connection to: 'hrserver.preedattestenv.com' with username: 'test'	Collection details	hrserver.preedattestenv.com	Crown Jewel Host	SSH	Service Type	MRemoteNG	Collection source	HR (HR Servers)	Crown Jewel Type							null		null							null	null	CommonSecurityLog
503	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:12:25.53Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored Crown Jewel credentials of type Management (Management PC) in application of the following services Share		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint2-pc.preedattestenv.com						null	null					null									null		null		null		null		null		null		null		CROWN_JEWEL_CREDENTIALS	Rule Type	Profile name: 'S-1-5-21-2619870177-3502509152-1737558779-1109' has connection to: '\\\\endpoint3-pc.preedattestenv.com\\c$' with username: 'preedattestenv\\user3'	Collection details	endpoint3-pc.preedattestenv.com	Crown Jewel Host	Share	Service Type	ActiveShare	Collection source	Management (Management PC)	Crown Jewel Type							null		null							null	null	CommonSecurityLog
504	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:12:25.53Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: User:Avi Nimni and User:Moshe Levi. and Group:Users and User:Eran Zehavi and User:Haim Cohen and User:Tal Ben Haim		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint2-pc.preedattestenv.com						null	null				preedattestenv.com\\user4	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	Profile name: 'S-1-5-21-2619870177-3502509152-1737558779-1109' has connection to: 'LegacyGeneric:target\=PREEDATTESTENV\\user4' with username: 'PREEDATTESTENV\\user4' and last modification time: 'Nov 13 2019 7:44:17 AM'	Collection details	Vault	Collection source													null		null							null	null	CommonSecurityLog
505	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:12:25.53Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored Crown Jewel credentials of type Management (Management PC) in application of the following services RDP		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint2-pc.preedattestenv.com						null	null					null									null		null		null		null		null		null		null		CROWN_JEWEL_CREDENTIALS	Rule Type	Profile name: 'User2' has connection to: 'EndPoint3-PC' and last modification time: 'Mar 1 2020 12:45:10 PM' and path: 'C:\\Users\\User2\\Documents\\Default.rdp'	Collection details	endpoint3-pc.preedattestenv.com	Crown Jewel Host	RDP	Service Type	RdpFile	Collection source	Management (Management PC)	Crown Jewel Type							null		null							null	null	CommonSecurityLog
506	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:12:25.53Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: User:Avi Nimni and User:Moshe Levi. and Group:Users and User:Eran Zehavi and User:Haim Cohen and User:Tal Ben Haim		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint5-pc.preedattestenv.com						null	null				preedattestenv.com\\user5	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	User name: 'preedattestenv\\user5' has session in state 'Active'. Session id: '1', Logon ids: '517304', Logon type: 'Interactive', first logon time: 'May 17 2020 12:16:55 AM', last logon time: 'May 17 2020 12:16:55 AM'	Collection details	UserSession	Collection source													null		null							null	null	CommonSecurityLog
507	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:12:25.53Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored Crown Jewel credentials of type Management (Management PC) in application of the following services Share		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint2-pc.preedattestenv.com						null	null					null									null		null		null		null		null		null		null		CROWN_JEWEL_CREDENTIALS	Rule Type	Profile name: 'S-1-5-21-2619870177-3502509152-1737558779-1109' has connection to: '\\\\endpoint5-pc.preedattestenv.com\\c$' with username: 'preedattestenv\\user5'	Collection details	endpoint5-pc.preedattestenv.com	Crown Jewel Host	Share	Service Type	ActiveShare	Collection source	Management (Management PC)	Crown Jewel Type							null		null							null	null	CommonSecurityLog
508	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:12:25.53Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored Crown Jewel credentials of type Management (Management PC) in application of the following services RDP		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint2-pc.preedattestenv.com						null	null					null									null		null		null		null		null		null		null		CROWN_JEWEL_CREDENTIALS	Rule Type	Profile name: 'S-1-5-21-2619870177-3502509152-1737558779-1109' has connection to: 'EndPoint3-PC' with username: 'PREEDATTESTENV\\User3' and last modification time: 'Mar 1 2020 12:45:04 PM'	Collection details	endpoint3-pc.preedattestenv.com	Crown Jewel Host	RDP	Service Type	RdpRegistry	Collection source	Management (Management PC)	Crown Jewel Type							null		null							null	null	CommonSecurityLog
509	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:12:30.427Z	1.58974E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com update attack surface rule{Rule Name\=Discover all instances of local admins #1} full details {Should Notify Siem changed from 'false' to 'true'}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:change;outcome=SUCCESS	null	null	CommonSecurityLog
510	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:12:30.46Z	1.58974E+12	illusive	illusive	illusive:audit	5							null		192.168.77.78		mgmt@PreedatTestEnv.com update attack surface rule{Rule Name\=Discover all instances of local admins #1} full details { EXCLUDE: Entity type\=OrganizationalUnit Entity name\=Groups}		null					null					null	null		3.1.127.1613	Audit		null				null												null					mgmt@PreedatTestEnv.com		null	null									null	null								null		null												null	null					null									null		null		null		null		null		null		null																				null		null						cat=illusive:change;outcome=SUCCESS	null	null	CommonSecurityLog
511	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:13:25.557Z		illusive	illusive	illusive:violation	10							null				No Local User administrators should have stored credentials to the following target: except OrganizationalUnit:Groups		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint3-pc.preedattestenv.com						null	null				user1	null									null		null		null		null		null		null		null		LOCAL_USER_ADMINISTRATORS	Rule Type																	null		null							null	null	CommonSecurityLog
512	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:13:25.557Z		illusive	illusive	illusive:violation	10							null				No Local User administrators should have stored credentials to the following target: except OrganizationalUnit:Groups		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint2-pc.preedattestenv.com						null	null				endpoint1	null									null		null		null		null		null		null		null		LOCAL_USER_ADMINISTRATORS	Rule Type																	null		null							null	null	CommonSecurityLog
513	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:13:25.56Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: Group:Enterprise Admins and Group:Domain Admins and Group:Schema Admins and Group:DnsAdmins		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint2-pc.preedattestenv.com						null	null				preedattestenv.com\\administrator	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	Profile name: 'S-1-5-21-2619870177-3502509152-1737558779-1109' has connection to: 'Domain:interactive\=PreedatTestEnv.com\\Administrator' with username: 'PreedatTestEnv.com\\Administrator' and last modification time: 'Nov 13 2019 7:44:17 AM'	Collection details	Vault	Collection source													null		null							null	null	CommonSecurityLog
514	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:13:25.56Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored Crown Jewel credentials of type Management (Management PC) in application of the following services Share		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint2-pc.preedattestenv.com						null	null					null									null		null		null		null		null		null		null		CROWN_JEWEL_CREDENTIALS	Rule Type	Profile name: 'S-1-5-21-2619870177-3502509152-1737558779-1109' has connection to: '\\\\endpoint5-pc.preedattestenv.com\\c$' with username: 'preedattestenv\\user5'	Collection details	endpoint5-pc.preedattestenv.com	Crown Jewel Host	Share	Service Type	ActiveShare	Collection source	Management (Management PC)	Crown Jewel Type							null		null							null	null	CommonSecurityLog
515	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:13:25.56Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored Crown Jewel credentials of type DevOps (AD) in application of the following services SSH		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint3-pc.preedattestenv.com						null	null					null									null		null		null		null		null		null		null		CROWN_JEWEL_CREDENTIALS	Rule Type	Profile name: 'User3' has connection to: 'win-euuezzttfsw.preedattestenv.com' with username: 'test'	Collection details	win-euuezzttfsw.preedattestenv.com	Crown Jewel Host	SSH	Service Type	MRemoteNG	Collection source	DevOps (AD)	Crown Jewel Type							null		null							null	null	CommonSecurityLog
516	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:13:25.56Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: Group:Enterprise Admins and Group:Domain Admins and Group:Schema Admins and Group:DnsAdmins		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint5-pc.preedattestenv.com						null	null				preedattestenv.com\\administrator	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	Profile name: 'S-1-5-21-2619870177-3502509152-1737558779-1125' has connection to: 'Domain:interactive\=PreedatTestEnv.com\\Administrator' with username: 'PreedatTestEnv.com\\Administrator' and last modification time: 'Jun 12 2017 7:59:33 PM'	Collection details	Vault	Collection source													null		null							null	null	CommonSecurityLog
517	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:13:25.56Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: User:Avi Nimni and User:Moshe Levi. and Group:Users and User:Eran Zehavi and User:Haim Cohen and User:Tal Ben Haim		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint2-pc.preedattestenv.com						null	null				preedattestenv.com\\user2	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	User name: 'preedattestenv\\user2' has session in state 'Active'. Session id: '1', Logon ids: '486262,486308', Logon type: 'Interactive', first logon time: 'May 17 2020 12:16:03 AM', last logon time: 'May 17 2020 12:16:03 AM'	Collection details	UserSession	Collection source													null		null							null	null	CommonSecurityLog
518	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:13:25.56Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored Crown Jewel credentials of type Management (Management PC) in application of the following services Share		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint2-pc.preedattestenv.com						null	null					null									null		null		null		null		null		null		null		CROWN_JEWEL_CREDENTIALS	Rule Type	Profile name: 'S-1-5-21-2619870177-3502509152-1737558779-1109' has connection to: '\\\\endpoint3-pc.preedattestenv.com\\c$' with username: 'preedattestenv\\user3'	Collection details	endpoint3-pc.preedattestenv.com	Crown Jewel Host	Share	Service Type	ActiveShare	Collection source	Management (Management PC)	Crown Jewel Type							null		null							null	null	CommonSecurityLog
519	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:13:25.56Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: User:Avi Nimni and User:Moshe Levi. and Group:Users and User:Eran Zehavi and User:Haim Cohen and User:Tal Ben Haim		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint3-pc.preedattestenv.com						null	null				preedattestenv.com\\user3	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	User name: 'preedattestenv\\user3' has session in state 'Active'. Session id: '1', Logon ids: '1084102,1084046', Logon type: 'Interactive', first logon time: 'May 17 2020 12:17:39 AM', last logon time: 'May 17 2020 12:17:39 AM', last active time: 'May 17 2020 11:55:24 AM'	Collection details	UserSession	Collection source													null		null							null	null	CommonSecurityLog
520	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:13:25.56Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: User:Avi Nimni and User:Moshe Levi. and Group:Users and User:Eran Zehavi and User:Haim Cohen and User:Tal Ben Haim		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint5-pc.preedattestenv.com						null	null				preedattestenv.com\\user5	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	User name: 'preedattestenv\\user5' has session in state 'Active'. Session id: '1', Logon ids: '517304', Logon type: 'Interactive', first logon time: 'May 17 2020 12:16:55 AM', last logon time: 'May 17 2020 12:16:55 AM'	Collection details	UserSession	Collection source													null		null							null	null	CommonSecurityLog
521	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:13:25.56Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored Crown Jewel credentials of type DevOps (AD) in application of the following services RDP		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint2-pc.preedattestenv.com						null	null					null									null		null		null		null		null		null		null		CROWN_JEWEL_CREDENTIALS	Rule Type	Profile name: 'S-1-5-21-2619870177-3502509152-1737558779-1109' has connection to: 'win-euuezzttfsw.preedattestenv.com' with username: 'mgmt' and last modification time: 'Mar 9 2020 12:36:40 PM'	Collection details	win-euuezzttfsw.preedattestenv.com	Crown Jewel Host	RDP	Service Type	RdpRegistry	Collection source	DevOps (AD)	Crown Jewel Type							null		null							null	null	CommonSecurityLog
522	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:13:25.56Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored Crown Jewel credentials of type DevOps (AD) in application of the following services FTP		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint2-pc.preedattestenv.com						null	null					null									null		null		null		null		null		null		null		CROWN_JEWEL_CREDENTIALS	Rule Type	Profile name: 'S-1-5-21-2619870177-3502509152-1737558779-1109' has connection to: 'win-euuezzttfsw.preedattestenv.com' with username: 'bla' and last modification time: 'Mar 9 2020 12:41:18 PM'	Collection details	win-euuezzttfsw.preedattestenv.com	Crown Jewel Host	FTP	Service Type	WinSCP	Collection source	DevOps (AD)	Crown Jewel Type							null		null							null	null	CommonSecurityLog
523	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:13:25.56Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored Crown Jewel credentials of type HR (HR Servers) in application of the following services SSH		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint3-pc.preedattestenv.com						null	null					null									null		null		null		null		null		null		null		CROWN_JEWEL_CREDENTIALS	Rule Type	Profile name: 'User3' has connection to: 'hrserver.preedattestenv.com' with username: 'test'	Collection details	hrserver.preedattestenv.com	Crown Jewel Host	SSH	Service Type	MRemoteNG	Collection source	HR (HR Servers)	Crown Jewel Type							null		null							null	null	CommonSecurityLog
524	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:13:25.56Z		illusive	illusive	illusive:violation	10							null				No Local User administrators should have stored credentials to the following target: except OrganizationalUnit:Groups		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint5-pc.preedattestenv.com						null	null				test	null									null		null		null		null		null		null		null		LOCAL_USER_ADMINISTRATORS	Rule Type																	null		null							null	null	CommonSecurityLog
525	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:13:25.56Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored Crown Jewel credentials of type Management (Management PC) in application of the following services RDP		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint2-pc.preedattestenv.com						null	null					null									null		null		null		null		null		null		null		CROWN_JEWEL_CREDENTIALS	Rule Type	Profile name: 'User2' has connection to: 'EndPoint3-PC' and last modification time: 'Mar 1 2020 12:45:10 PM' and path: 'C:\\Users\\User2\\Documents\\Default.rdp'	Collection details	endpoint3-pc.preedattestenv.com	Crown Jewel Host	RDP	Service Type	RdpFile	Collection source	Management (Management PC)	Crown Jewel Type							null		null							null	null	CommonSecurityLog
526	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:13:25.56Z		illusive	illusive	illusive:violation	10							null				No Local User administrators should have stored credentials to the following target: except OrganizationalUnit:Groups		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint5-pc.preedattestenv.com						null	null				admin	null									null		null		null		null		null		null		null		LOCAL_USER_ADMINISTRATORS	Rule Type																	null		null							null	null	CommonSecurityLog
527	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:13:25.56Z		illusive	illusive	illusive:violation	10							null				No Local User administrators should have stored credentials to the following target: except OrganizationalUnit:Groups		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint3-pc.preedattestenv.com						null	null				endpoint1	null									null		null		null		null		null		null		null		LOCAL_USER_ADMINISTRATORS	Rule Type																	null		null							null	null	CommonSecurityLog
528	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:13:25.56Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: User:Avi Nimni and User:Moshe Levi. and Group:Users and User:Eran Zehavi and User:Haim Cohen and User:Tal Ben Haim		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint5-pc.preedattestenv.com						null	null				preedattestenv.com\\user2	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	Profile name: 'S-1-5-21-2619870177-3502509152-1737558779-1125' has connection to: 'LegacyGeneric:target\=PREEDATTESTENV\\User2' with username: 'PREEDATTESTENV\\User2' and last modification time: 'Sep 15 2019 11:30:30 AM'	Collection details	Vault	Collection source													null		null							null	null	CommonSecurityLog
529	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:13:25.56Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored credentials from the following groups: User:Avi Nimni and User:Moshe Levi. and Group:Users and User:Eran Zehavi and User:Haim Cohen and User:Tal Ben Haim		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint2-pc.preedattestenv.com						null	null				preedattestenv.com\\user4	null									null		null		null		null		null		null		null		USER_CREDENTIALS	Rule Type	Profile name: 'S-1-5-21-2619870177-3502509152-1737558779-1109' has connection to: 'LegacyGeneric:target\=PREEDATTESTENV\\user4' with username: 'PREEDATTESTENV\\user4' and last modification time: 'Nov 13 2019 7:44:17 AM'	Collection details	Vault	Collection source													null		null							null	null	CommonSecurityLog
530	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:13:25.56Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored Crown Jewel credentials of type DevOps (AD) in application of the following services RDP		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint2-pc.preedattestenv.com						null	null					null									null		null		null		null		null		null		null		CROWN_JEWEL_CREDENTIALS	Rule Type	Profile name: 'S-1-5-21-2619870177-3502509152-1737558779-1109' has connection to: 'LegacyGeneric:target\=TERMSRV/win-euuezzttfsw.preedattestenv.com' with username: 'mgmt' and last modification time: 'Mar 9 2020 12:36:39 PM'	Collection details	win-euuezzttfsw.preedattestenv.com	Crown Jewel Host	RDP	Service Type	Vault	Collection source	DevOps (AD)	Crown Jewel Type							null		null							null	null	CommonSecurityLog
531	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:13:25.56Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored Crown Jewel credentials of type Management (Management PC) in application of the following services RDP		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint2-pc.preedattestenv.com						null	null					null									null		null		null		null		null		null		null		CROWN_JEWEL_CREDENTIALS	Rule Type	Profile name: 'S-1-5-21-2619870177-3502509152-1737558779-1109' has connection to: 'EndPoint3-PC' with username: 'PREEDATTESTENV\\User3' and last modification time: 'Mar 1 2020 12:45:04 PM'	Collection details	endpoint3-pc.preedattestenv.com	Crown Jewel Host	RDP	Service Type	RdpRegistry	Collection source	Management (Management PC)	Crown Jewel Type							null		null							null	null	CommonSecurityLog
532	16af70b6-66b1-48c8-a563-caa8245b97d3	OpsManager	2020-05-17T19:13:25.56Z		illusive	illusive	illusive:violation	10							null				No Hosts from should have stored Crown Jewel credentials of type DevOps (AD) in application of the following services FTP		null					null					null	null		3.1.127.1613	Violation		null				null												null							null	null									null	null								null		null						endpoint3-pc.preedattestenv.com						null	null					null									null		null		null		null		null		null		null		CROWN_JEWEL_CREDENTIALS	Rule Type	Profile name: 'S-1-5-21-2619870177-3502509152-1737558779-1110' has connection to: 'win-euuezzttfsw.preedattestenv.com' with username: 'test' and last modification time: 'May 17 2020 12:05:15 PM'	Collection details	win-euuezzttfsw.preedattestenv.com	Crown Jewel Host	FTP	Service Type	WinSCP	Collection source	DevOps (AD)	Crown Jewel Type							null		null							null	null	CommonSecurityLog