110 KiB
110 KiB
| 1 | TimeGenerated [UTC] | DeviceVendor | DeviceProduct | DeviceEventClassID | LogSeverity | Computer | DestinationPort | DestinationIP | DeviceAddress | Message | Protocol | SourceIP | DeviceVersion | Activity | ApplicationProtocol | EventCount | DeviceCustomString1 | DeviceCustomString1Label | DeviceCustomString2 | DeviceCustomString2Label | DeviceCustomString3 | DeviceCustomString3Label | AdditionalExtensions | StartTime [UTC] | EndTime [UTC] | Type |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2 | 4/9/2021, 4:53:39.435 AM | vArmour | AC | 1 | 1 | ac-01 | 1433 | vm-DB-eCom-Orders10_200_3_1 | tcp | Inventory-Management10_21_22_8_vm | 6 | POLICY_VIOLATION | mssql | 50 | PCI-Policy{PCI-Policy_ID150_21} Customer-DB-PCI-Attestation-06-02-2020{Customer-DB-Base_ID146_20,permit},Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-3{AppFunc=;Inventory-Management,AppID=;23422,AppName=;Backoffice,AppOwner=;Rueben_Mckenzie,Criticality=;3,PCI=;Category-3,PII=;No,QualysAgent=;Yes,RTO=;1,Realm=;PROD,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};Category-1a{AppFunc=;DB-eCom-Orders,AppID=;844,AppName=;Customer-DB,AppOwner=;Albie_Garrison,CVE=;High,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;DEV,Region=;Oregon-DC,System=;src_ip=10.21.22.8;dst_ip=10.200.3.1 | CommonSecurityLog | ||||||
| 3 | 4/9/2021, 5:13:30.297 AM | vArmour | AC | 1 | 1 | ac-01 | 50075 | Data_Lake10_100_17_10.prod.acme.com | tcp | Predictive_Pricing10_100_14_6.prod.acme.com | 6 | POLICY_VIOLATION | unknown_tcp | 66 | ActvityFromDecommissionedDevice{Decom_In} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | Any{AppFunc=;Predictive-Pricing,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;3,PCI=;Category-3,PII=;No,QualysAgent=;Yes,RTO=;4,Realm=;PROD,Region=;NewYork-DC,System=;Internal,TaniumAgent=;status=;decommissioned{AppFunc=;Data-Lake,AppID=;2,PCI=;Category-2c,PII=;Yes,status=decommissioned};src_ip=10.100.14.6;dst_ip=10.100.17.10 | CommonSecurityLog | ||||||
| 4 | 4/9/2021, 4:53:39.209 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | vm-Campaign-Mgmt-Frontend10_10_1_2 | tcp | Stephan Lacroix | 6 | POLICY_VIOLATION | https | 31 | Mobile-Banking_Application_Attestation_06-02-2020{Mobile-Banking_A_ID167_52} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | {AppFunc=;Sales,AppName=;Users,Criticality=;5,PCI=;Category-3,PII=;No,Realm=;PROD,Region=;NewYork-DC,SentinalOne=;Yes,System=;Internal,UserManager=Donald_Hernandez};AppName=;Mobile-Banking{AppFunc=;Campaign-Mgmt-Frontend,AppID=;47436,AppName=;Mobile-Banking,AppOwner=;Henna_Daly,Criticality=;4,PCI=;No,QualysAgent=;Yes,RTO=;2,Realm=;MGMT,Region=;Azure-Central-US,System=;Internal,TaniumAgent=Yes};src_ip=10.100.9.8;dst_ip=10.10.1.2 | CommonSecurityLog | ||||||
| 5 | 4/9/2021, 4:53:39.238 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | vm-Campaign-Mgmt-Frontend10_10_1_2 | tcp | Stephan Lacroix | 6 | POLICY_VIOLATION | https | Mobile-Banking_Application_Attestation_06-02-2020{Mobile-Banking_A_ID167_52} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | {AppFunc=;Sales,AppName=;Users,Criticality=;5,PCI=;Category-3,PII=;No,Realm=;PROD,Region=;NewYork-DC,SentinalOne=;Yes,System=;Internal,UserManager=Donald_Hernandez};AppName=;Mobile-Banking{AppFunc=;Campaign-Mgmt-Frontend,AppID=;47436,AppName=;Mobile-Banking,AppOwner=;Henna_Daly,Criticality=;4,PCI=;No,QualysAgent=;Yes,RTO=;2,Realm=;MGMT,Region=;Azure-Central-US,System=;Internal,TaniumAgent=Yes};src_ip=10.100.9.8;dst_ip=10.10.1.2 | CommonSecurityLog | |||||||
| 6 | 4/9/2021, 4:53:39.238 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | vm-Campaign-Mgmt-Frontend10_10_1_2 | tcp | Carlotta Wilhelm | 6 | POLICY_VIOLATION | https | 2 | Mobile-Banking_Application_Attestation_06-02-2020{Mobile-Banking_A_ID167_52} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | {AppFunc=;Sales,AppName=;Users,Criticality=;5,PCI=;Category-3,PII=;No,Realm=;PROD,Region=;NewYork-DC,SentinalOne=;Yes,System=;Internal,UserManager=Donald_Hernandez};AppName=;Mobile-Banking{AppFunc=;Campaign-Mgmt-Frontend,AppID=;47436,AppName=;Mobile-Banking,AppOwner=;Henna_Daly,Criticality=;4,PCI=;No,QualysAgent=;Yes,RTO=;2,Realm=;MGMT,Region=;Azure-Central-US,System=;Internal,TaniumAgent=Yes};src_ip=10.100.9.10;dst_ip=10.10.1.2 | CommonSecurityLog | ||||||
| 7 | 4/9/2021, 4:53:39.238 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | vm-Campaign-Mgmt-Frontend10_10_1_2 | tcp | Stephan Lacroix | 6 | POLICY_VIOLATION | https | 31 | Mobile-Banking_Application_Attestation_06-02-2020{Mobile-Banking_A_ID167_52} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | {AppFunc=;Sales,AppName=;Users,Criticality=;5,PCI=;Category-3,PII=;No,Realm=;PROD,Region=;NewYork-DC,SentinalOne=;Yes,System=;Internal,UserManager=Donald_Hernandez};AppName=;Mobile-Banking{AppFunc=;Campaign-Mgmt-Frontend,AppID=;47436,AppName=;Mobile-Banking,AppOwner=;Henna_Daly,Criticality=;4,PCI=;No,QualysAgent=;Yes,RTO=;2,Realm=;MGMT,Region=;Azure-Central-US,System=;Internal,TaniumAgent=Yes};src_ip=10.100.9.8;dst_ip=10.10.1.2 | CommonSecurityLog | ||||||
| 8 | 4/9/2021, 4:53:39.238 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | vm-Campaign-Mgmt-Frontend10_10_1_2 | tcp | Carlotta Wilhelm | 6 | POLICY_VIOLATION | https | 2 | Mobile-Banking_Application_Attestation_06-02-2020{Mobile-Banking_A_ID167_52} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | {AppFunc=;Sales,AppName=;Users,Criticality=;5,PCI=;Category-3,PII=;No,Realm=;PROD,Region=;NewYork-DC,SentinalOne=;Yes,System=;Internal,UserManager=Donald_Hernandez};AppName=;Mobile-Banking{AppFunc=;Campaign-Mgmt-Frontend,AppID=;47436,AppName=;Mobile-Banking,AppOwner=;Henna_Daly,Criticality=;4,PCI=;No,QualysAgent=;Yes,RTO=;2,Realm=;MGMT,Region=;Azure-Central-US,System=;Internal,TaniumAgent=Yes};src_ip=10.100.9.10;dst_ip=10.10.1.2 | CommonSecurityLog | ||||||
| 9 | 4/9/2021, 4:53:39.238 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | vm-Campaign-Mgmt-Frontend10_10_1_2 | tcp | Katharyn Kovach | 6 | POLICY_VIOLATION | https | 9 | Mobile-Banking_Application_Attestation_06-02-2020{Mobile-Banking_A_ID167_52} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | {AppFunc=;Sales,AppName=;Users,Criticality=;5,PCI=;Category-3,PII=;No,Realm=;PROD,Region=;NewYork-DC,SentinalOne=;Yes,System=;Internal,UserManager=Donald_Hernandez};AppName=;Mobile-Banking{AppFunc=;Campaign-Mgmt-Frontend,AppID=;47436,AppName=;Mobile-Banking,AppOwner=;Henna_Daly,Criticality=;4,PCI=;No,QualysAgent=;Yes,RTO=;2,Realm=;MGMT,Region=;Azure-Central-US,System=;Internal,TaniumAgent=Yes};src_ip=10.100.9.3;dst_ip=10.10.1.2 | CommonSecurityLog | ||||||
| 10 | 4/9/2021, 4:53:39.239 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | vm-Campaign-Mgmt-Frontend10_10_1_1 | tcp | Linn Barth | 6 | POLICY_VIOLATION | https | 50 | Mobile-Banking_Application_Attestation_06-02-2020{Mobile-Banking_A_ID167_52} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | {AppFunc=;Sales,AppName=;Users,Criticality=;5,PCI=;Category-3,PII=;No,Realm=;PROD,Region=;NewYork-DC,SentinalOne=;Yes,System=;Internal,UserManager=Donald_Hernandez};AppName=;Mobile-Banking{AppFunc=;Campaign-Mgmt-Frontend,AppID=;47436,AppName=;Mobile-Banking,AppOwner=;Henna_Daly,Criticality=;4,PCI=;No,QualysAgent=;Yes,RTO=;2,Realm=;MGMT,Region=;Azure-Central-US,System=;Internal,TaniumAgent=Yes};src_ip=10.100.9.7;dst_ip=10.10.1.1 | CommonSecurityLog | ||||||
| 11 | 4/9/2021, 4:53:39.239 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | vm-Campaign-Mgmt-Frontend10_10_1_2 | tcp | Katharyn Kovach | 6 | POLICY_VIOLATION | https | 9 | Mobile-Banking_Application_Attestation_06-02-2020{Mobile-Banking_A_ID167_52} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | {AppFunc=;Sales,AppName=;Users,Criticality=;5,PCI=;Category-3,PII=;No,Realm=;PROD,Region=;NewYork-DC,SentinalOne=;Yes,System=;Internal,UserManager=Donald_Hernandez};AppName=;Mobile-Banking{AppFunc=;Campaign-Mgmt-Frontend,AppID=;47436,AppName=;Mobile-Banking,AppOwner=;Henna_Daly,Criticality=;4,PCI=;No,QualysAgent=;Yes,RTO=;2,Realm=;MGMT,Region=;Azure-Central-US,System=;Internal,TaniumAgent=Yes};src_ip=10.100.9.3;dst_ip=10.10.1.2 | CommonSecurityLog | ||||||
| 12 | 4/9/2021, 4:53:39.239 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | vm-Campaign-Mgmt-Frontend10_10_1_1 | tcp | Sharika Patino | 6 | POLICY_VIOLATION | https | 29 | Mobile-Banking_Application_Attestation_06-02-2020{Mobile-Banking_A_ID167_52} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | {AppFunc=;Sales,AppName=;Users,Criticality=;5,PCI=;Category-3,PII=;No,Realm=;PROD,Region=;NewYork-DC,SentinalOne=;Yes,System=;Internal,UserManager=Donald_Hernandez};AppName=;Mobile-Banking{AppFunc=;Campaign-Mgmt-Frontend,AppID=;47436,AppName=;Mobile-Banking,AppOwner=;Henna_Daly,Criticality=;4,PCI=;No,QualysAgent=;Yes,RTO=;2,Realm=;MGMT,Region=;Azure-Central-US,System=;Internal,TaniumAgent=Yes};src_ip=10.100.9.1;dst_ip=10.10.1.1 | CommonSecurityLog | ||||||
| 13 | 4/9/2021, 4:53:39.278 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Risk_Modeling10_100_13_6.prod.acme.com | tcp | Fraud-Monitoring10_21_14_2_vm | 6 | POLICY_VIOLATION | https | 42 | PCI-Policy{PCI-Policy_ID150_25} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-1a{AppFunc=;Fraud-Monitoring,AppID=;926,AppName=;eCommerce,AppOwner=;Antonina_Moran,CVE=;Low,Criticality=;2,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;3,Realm=;DEV,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};Category-2b{AppFunc=;Risk-Modeling,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;3,PCI=;Category-2b,PII=;No,QualysAgent=;4,Realm=;PROD,Region=;NewYork-DC,System=;src_ip=10.21.14.2;dst_ip=10.100.13.6 | CommonSecurityLog | ||||||
| 14 | 4/9/2021, 4:53:39.278 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Risk_Modeling10_100_13_1.prod.acme.com | tcp | Fraud-Monitoring10_21_14_2_vm | 6 | POLICY_VIOLATION | https | 50 | PCI-Policy{PCI-Policy_ID150_25} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-1a{AppFunc=;Fraud-Monitoring,AppID=;926,AppName=;eCommerce,AppOwner=;Antonina_Moran,CVE=;Low,Criticality=;2,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;3,Realm=;DEV,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};Category-2b{AppFunc=;Risk-Modeling,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;3,PCI=;Category-2b,PII=;No,QualysAgent=;4,Realm=;PROD,Region=;NewYork-DC,System=;src_ip=10.21.14.2;dst_ip=10.100.13.1 | CommonSecurityLog | ||||||
| 15 | 4/9/2021, 4:53:39.278 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Risk_Modeling10_100_13_4.prod.acme.com | tcp | Fraud-Monitoring10_21_14_2_vm | 6 | POLICY_VIOLATION | https | 72 | PCI-Policy{PCI-Policy_ID150_25} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-1a{AppFunc=;Fraud-Monitoring,AppID=;926,AppName=;eCommerce,AppOwner=;Antonina_Moran,CVE=;Low,Criticality=;2,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;3,Realm=;DEV,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};Category-2b{AppFunc=;Risk-Modeling,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;3,PCI=;Category-2b,PII=;No,QualysAgent=;4,Realm=;PROD,Region=;NewYork-DC,System=;src_ip=10.21.14.2;dst_ip=10.100.13.4 | CommonSecurityLog | ||||||
| 16 | 4/9/2021, 4:53:39.278 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Risk_Modeling10_100_13_4.prod.acme.com | tcp | Fraud-Monitoring10_21_14_2_vm | 6 | POLICY_VIOLATION | https | 72 | PCI-Policy{PCI-Policy_ID150_25} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-1a{AppFunc=;Fraud-Monitoring,AppID=;926,AppName=;eCommerce,AppOwner=;Antonina_Moran,CVE=;Low,Criticality=;2,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;3,Realm=;DEV,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};Category-2b{AppFunc=;Risk-Modeling,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;3,PCI=;Category-2b,PII=;No,QualysAgent=;4,Realm=;PROD,Region=;NewYork-DC,System=;src_ip=10.21.14.2;dst_ip=10.100.13.4 | CommonSecurityLog | ||||||
| 17 | 4/9/2021, 4:53:39.279 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Risk_Modeling10_100_13_3.prod.acme.com | tcp | Fraud-Monitoring10_21_14_2_vm | 6 | POLICY_VIOLATION | https | 50 | PCI-Policy{PCI-Policy_ID150_25} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-1a{AppFunc=;Fraud-Monitoring,AppID=;926,AppName=;eCommerce,AppOwner=;Antonina_Moran,CVE=;Low,Criticality=;2,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;3,Realm=;DEV,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};Category-2b{AppFunc=;Risk-Modeling,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;3,PCI=;Category-2b,PII=;No,QualysAgent=;4,Realm=;PROD,Region=;NewYork-DC,System=;src_ip=10.21.14.2;dst_ip=10.100.13.3 | CommonSecurityLog | ||||||
| 18 | 4/9/2021, 4:53:39.279 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Risk_Modeling10_100_13_1.prod.acme.com | tcp | Fraud-Monitoring10_21_14_2_vm | 6 | POLICY_VIOLATION | https | 50 | PCI-Policy{PCI-Policy_ID150_25} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-1a{AppFunc=;Fraud-Monitoring,AppID=;926,AppName=;eCommerce,AppOwner=;Antonina_Moran,CVE=;Low,Criticality=;2,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;3,Realm=;DEV,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};Category-2b{AppFunc=;Risk-Modeling,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;3,PCI=;Category-2b,PII=;No,QualysAgent=;4,Realm=;PROD,Region=;NewYork-DC,System=;src_ip=10.21.14.2;dst_ip=10.100.13.1 | CommonSecurityLog | ||||||
| 19 | 4/9/2021, 4:53:39.279 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Risk_Modeling10_100_13_1.prod.acme.com | tcp | Fraud-Monitoring10_21_14_2_vm | 6 | POLICY_VIOLATION | https | 50 | PCI-Policy{PCI-Policy_ID150_25} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-1a{AppFunc=;Fraud-Monitoring,AppID=;926,AppName=;eCommerce,AppOwner=;Antonina_Moran,CVE=;Low,Criticality=;2,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;3,Realm=;DEV,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};Category-2b{AppFunc=;Risk-Modeling,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;3,PCI=;Category-2b,PII=;No,QualysAgent=;4,Realm=;PROD,Region=;NewYork-DC,System=;src_ip=10.21.14.2;dst_ip=10.100.13.1 | CommonSecurityLog | ||||||
| 20 | 4/9/2021, 4:53:39.279 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Risk_Modeling10_100_13_6.prod.acme.com | tcp | Fraud-Monitoring10_21_14_2_vm | 6 | POLICY_VIOLATION | https | 42 | PCI-Policy{PCI-Policy_ID150_25} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-1a{AppFunc=;Fraud-Monitoring,AppID=;926,AppName=;eCommerce,AppOwner=;Antonina_Moran,CVE=;Low,Criticality=;2,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;3,Realm=;DEV,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};Category-2b{AppFunc=;Risk-Modeling,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;3,PCI=;Category-2b,PII=;No,QualysAgent=;4,Realm=;PROD,Region=;NewYork-DC,System=;src_ip=10.21.14.2;dst_ip=10.100.13.6 | CommonSecurityLog | ||||||
| 21 | 4/9/2021, 4:53:39.279 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Risk_Modeling10_100_13_6.prod.acme.com | tcp | Fraud-Monitoring10_21_14_2_vm | 6 | POLICY_VIOLATION | https | PCI-Policy{PCI-Policy_ID150_25} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-1a{AppFunc=;Fraud-Monitoring,AppID=;926,AppName=;eCommerce,AppOwner=;Antonina_Moran,CVE=;Low,Criticality=;2,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;3,Realm=;DEV,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};Category-2b{AppFunc=;Risk-Modeling,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;3,PCI=;Category-2b,PII=;No,QualysAgent=;4,Realm=;PROD,Region=;NewYork-DC,System=;src_ip=10.21.14.2;dst_ip=10.100.13.6 | CommonSecurityLog | |||||||
| 22 | 4/9/2021, 4:53:39.279 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Risk_Modeling10_100_13_3.prod.acme.com | tcp | Fraud-Monitoring10_21_14_2_vm | 6 | POLICY_VIOLATION | https | 50 | PCI-Policy{PCI-Policy_ID150_25} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-1a{AppFunc=;Fraud-Monitoring,AppID=;926,AppName=;eCommerce,AppOwner=;Antonina_Moran,CVE=;Low,Criticality=;2,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;3,Realm=;DEV,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};Category-2b{AppFunc=;Risk-Modeling,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;3,PCI=;Category-2b,PII=;No,QualysAgent=;4,Realm=;PROD,Region=;NewYork-DC,System=;src_ip=10.21.14.2;dst_ip=10.100.13.3 | CommonSecurityLog | ||||||
| 23 | 4/9/2021, 4:53:39.279 AM | vArmour | AC | 1 | 1 | ac-01 | 1433 | vm-DB-eCom-Orders10_200_3_2 | tcp | Inventory-Management10_21_22_2_vm | 6 | POLICY_VIOLATION | mssql | 12 | PCI-Policy{PCI-Policy_ID150_21} Customer-DB-PCI-Attestation-06-02-2020{Customer-DB-Base_ID146_20,permit},Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-3{AppFunc=;Inventory-Management,AppID=;23422,AppName=;Backoffice,AppOwner=;Rueben_Mckenzie,Criticality=;3,PCI=;Category-3,PII=;No,QualysAgent=;Yes,RTO=;1,Realm=;DEV,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};Category-1a{AppFunc=;DB-eCom-Orders,AppID=;844,AppName=;Customer-DB,AppOwner=;Albie_Garrison,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;PROD,Region=;Oregon-DC,System=;src_ip=10.21.22.2;dst_ip=10.200.3.2 | CommonSecurityLog | ||||||
| 24 | 4/9/2021, 4:53:39.279 AM | vArmour | AC | 1 | 1 | ac-01 | 88 | vm-ActiveDirectory10_10_15_7 | udp | Data_Lake10_100_17_10.prod.acme.com | 6 | POLICY_VIOLATION | krb | 32 | ActvityFromDecommissionedDevice{Decom_Out} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | status=;decommissioned{AppFunc=;Data-Lake,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;2,PCI=;Category-2c,PII=;No,QualysAgent=;Yes,RTO=;4,Realm=;PROD,Region=;NewYork-DC,System=;Internal,TaniumAgent=Yes};Yes,status=decommissioned};Any{AppFunc=;ActiveDirectory,AppID=;65,AppName=;Authentication_Credentials,AppOwner=;Teigan_Matthams,Criticality=;2,Infrastructure=;Yes,PCI=;Category-2a,PII=;Yes,QualysAgent=;1,Realm=;Azure-Central-US,System=;src_ip=10.100.17.10;dst_ip=10.10.15.7 | CommonSecurityLog | ||||||
| 25 | 4/9/2021, 4:53:39.279 AM | vArmour | AC | 1 | 1 | ac-01 | 88 | vm-ActiveDirectory10_10_15_6 | udp | Data_Lake10_100_17_10.prod.acme.com | 6 | POLICY_VIOLATION | krb | 41 | ActvityFromDecommissionedDevice{Decom_Out} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | status=;decommissioned{AppFunc=;Data-Lake,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;2,PCI=;Category-2c,PII=;No,QualysAgent=;Yes,RTO=;4,Realm=;PROD,Region=;NewYork-DC,System=;Internal,TaniumAgent=Yes};Yes,status=decommissioned};Any{AppFunc=;ActiveDirectory,AppID=;65,AppName=;Authentication_Credentials,AppOwner=;Teigan_Matthams,Criticality=;2,Infrastructure=;Yes,PCI=;Category-2a,PII=;Yes,QualysAgent=;1,Realm=;Azure-Central-US,System=;src_ip=10.100.17.10;dst_ip=10.10.15.6 | CommonSecurityLog | ||||||
| 26 | 4/9/2021, 4:53:39.279 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Risk_Modeling10_100_13_3.prod.acme.com | tcp | Fraud-Monitoring10_21_14_2_vm | 6 | POLICY_VIOLATION | https | 50 | PCI-Policy{PCI-Policy_ID150_25} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-1a{AppFunc=;Fraud-Monitoring,AppID=;926,AppName=;eCommerce,AppOwner=;Antonina_Moran,CVE=;Low,Criticality=;2,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;3,Realm=;DEV,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};Category-2b{AppFunc=;Risk-Modeling,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;3,PCI=;Category-2b,PII=;No,QualysAgent=;4,Realm=;PROD,Region=;NewYork-DC,System=;src_ip=10.21.14.2;dst_ip=10.100.13.3 | CommonSecurityLog | ||||||
| 27 | 4/9/2021, 4:53:39.280 AM | vArmour | AC | 1 | 1 | ac-01 | 1433 | vm-DB-eCom-Orders10_200_3_2 | tcp | Inventory-Management10_21_22_2_vm | 6 | POLICY_VIOLATION | mssql | 12 | PCI-Policy{PCI-Policy_ID150_21} Customer-DB-PCI-Attestation-06-02-2020{Customer-DB-Base_ID146_20,permit},Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-3{AppFunc=;Inventory-Management,AppID=;23422,AppName=;Backoffice,AppOwner=;Rueben_Mckenzie,Criticality=;3,PCI=;Category-3,PII=;No,QualysAgent=;Yes,RTO=;1,Realm=;DEV,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};Category-1a{AppFunc=;DB-eCom-Orders,AppID=;844,AppName=;Customer-DB,AppOwner=;Albie_Garrison,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;PROD,Region=;Oregon-DC,System=;src_ip=10.21.22.2;dst_ip=10.200.3.2 | CommonSecurityLog | ||||||
| 28 | 4/9/2021, 4:53:39.280 AM | vArmour | AC | 1 | 1 | ac-01 | 88 | vm-ActiveDirectory10_10_15_7 | udp | Data_Lake10_100_17_10.prod.acme.com | 6 | POLICY_VIOLATION | krb | 32 | ActvityFromDecommissionedDevice{Decom_Out} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | status=;decommissioned{AppFunc=;Data-Lake,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;2,PCI=;Category-2c,PII=;No,QualysAgent=;Yes,RTO=;4,Realm=;PROD,Region=;NewYork-DC,System=;Internal,TaniumAgent=Yes};Yes,status=decommissioned};Any{AppFunc=;ActiveDirectory,AppID=;65,AppName=;Authentication_Credentials,AppOwner=;Teigan_Matthams,Criticality=;2,Infrastructure=;Yes,PCI=;Category-2a,PII=;Yes,QualysAgent=;1,Realm=;Azure-Central-US,System=;src_ip=10.100.17.10;dst_ip=10.10.15.7 | CommonSecurityLog | ||||||
| 29 | 4/9/2021, 4:53:39.280 AM | vArmour | AC | 1 | 1 | ac-01 | 88 | vm-ActiveDirectory10_10_15_6 | udp | Data_Lake10_100_17_10.prod.acme.com | 6 | POLICY_VIOLATION | krb | 41 | ActvityFromDecommissionedDevice{Decom_Out} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | status=;decommissioned{AppFunc=;Data-Lake,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;2,PCI=;Category-2c,PII=;No,QualysAgent=;Yes,RTO=;4,Realm=;PROD,Region=;NewYork-DC,System=;Internal,TaniumAgent=Yes};Yes,status=decommissioned};Any{AppFunc=;ActiveDirectory,AppID=;65,AppName=;Authentication_Credentials,AppOwner=;Teigan_Matthams,Criticality=;2,Infrastructure=;Yes,PCI=;Category-2a,PII=;Yes,QualysAgent=;1,Realm=;Azure-Central-US,System=;src_ip=10.100.17.10;dst_ip=10.10.15.6 | CommonSecurityLog | ||||||
| 30 | 4/9/2021, 4:53:39.280 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Risk_Modeling10_100_13_3.prod.acme.com | tcp | Fraud-Monitoring10_21_14_2_vm | 6 | POLICY_VIOLATION | https | 50 | PCI-Policy{PCI-Policy_ID150_25} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-1a{AppFunc=;Fraud-Monitoring,AppID=;926,AppName=;eCommerce,AppOwner=;Antonina_Moran,CVE=;Low,Criticality=;2,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;3,Realm=;DEV,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};Category-2b{AppFunc=;Risk-Modeling,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;3,PCI=;Category-2b,PII=;No,QualysAgent=;4,Realm=;PROD,Region=;NewYork-DC,System=;src_ip=10.21.14.2;dst_ip=10.100.13.3 | CommonSecurityLog | ||||||
| 31 | 4/9/2021, 4:53:39.280 AM | vArmour | AC | 1 | 1 | ac-01 | 1433 | vm-DB-eCom-Orders10_200_3_2 | tcp | Inventory-Management10_21_22_2_vm | 6 | POLICY_VIOLATION | mssql | 12 | PCI-Policy{PCI-Policy_ID150_21} Customer-DB-PCI-Attestation-06-02-2020{Customer-DB-Base_ID146_20,permit},Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-3{AppFunc=;Inventory-Management,AppID=;23422,AppName=;Backoffice,AppOwner=;Rueben_Mckenzie,Criticality=;3,PCI=;Category-3,PII=;No,QualysAgent=;Yes,RTO=;1,Realm=;DEV,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};Category-1a{AppFunc=;DB-eCom-Orders,AppID=;844,AppName=;Customer-DB,AppOwner=;Albie_Garrison,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;PROD,Region=;Oregon-DC,System=;src_ip=10.21.22.2;dst_ip=10.200.3.2 | CommonSecurityLog | ||||||
| 32 | 4/9/2021, 4:53:39.280 AM | vArmour | AC | 1 | 1 | ac-01 | 88 | vm-ActiveDirectory10_10_15_7 | udp | Data_Lake10_100_17_10.prod.acme.com | 6 | POLICY_VIOLATION | krb | 32 | ActvityFromDecommissionedDevice{Decom_Out} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | status=;decommissioned{AppFunc=;Data-Lake,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;2,PCI=;Category-2c,PII=;No,QualysAgent=;Yes,RTO=;4,Realm=;PROD,Region=;NewYork-DC,System=;Internal,TaniumAgent=Yes};Yes,status=decommissioned};Any{AppFunc=;ActiveDirectory,AppID=;65,AppName=;Authentication_Credentials,AppOwner=;Teigan_Matthams,Criticality=;2,Infrastructure=;Yes,PCI=;Category-2a,PII=;Yes,QualysAgent=;1,Realm=;Azure-Central-US,System=;src_ip=10.100.17.10;dst_ip=10.10.15.7 | CommonSecurityLog | ||||||
| 33 | 4/9/2021, 4:53:39.280 AM | vArmour | AC | 1 | 1 | ac-01 | 88 | vm-ActiveDirectory10_10_15_6 | udp | Data_Lake10_100_17_10.prod.acme.com | 6 | POLICY_VIOLATION | krb | 41 | ActvityFromDecommissionedDevice{Decom_Out} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | status=;decommissioned{AppFunc=;Data-Lake,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;2,PCI=;Category-2c,PII=;No,QualysAgent=;Yes,RTO=;4,Realm=;PROD,Region=;NewYork-DC,System=;Internal,TaniumAgent=Yes};Yes,status=decommissioned};Any{AppFunc=;ActiveDirectory,AppID=;65,AppName=;Authentication_Credentials,AppOwner=;Teigan_Matthams,Criticality=;2,Infrastructure=;Yes,PCI=;Category-2a,PII=;Yes,QualysAgent=;1,Realm=;Azure-Central-US,System=;src_ip=10.100.17.10;dst_ip=10.10.15.6 | CommonSecurityLog | ||||||
| 34 | 4/9/2021, 4:53:39.280 AM | vArmour | AC | 1 | 1 | ac-01 | 1433 | vm-DB-eCom-Orders10_200_3_2 | tcp | Inventory-Management10_21_22_2_vm | 6 | POLICY_VIOLATION | mssql | 12 | PCI-Policy{PCI-Policy_ID150_21} Customer-DB-PCI-Attestation-06-02-2020{Customer-DB-Base_ID146_20,permit},Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-3{AppFunc=;Inventory-Management,AppID=;23422,AppName=;Backoffice,AppOwner=;Rueben_Mckenzie,Criticality=;3,PCI=;Category-3,PII=;No,QualysAgent=;Yes,RTO=;1,Realm=;DEV,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};Category-1a{AppFunc=;DB-eCom-Orders,AppID=;844,AppName=;Customer-DB,AppOwner=;Albie_Garrison,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;PROD,Region=;Oregon-DC,System=;src_ip=10.21.22.2;dst_ip=10.200.3.2 | CommonSecurityLog | ||||||
| 35 | 4/9/2021, 4:53:39.280 AM | vArmour | AC | 1 | 1 | ac-01 | 88 | vm-ActiveDirectory10_10_15_7 | udp | Data_Lake10_100_17_10.prod.acme.com | 6 | POLICY_VIOLATION | krb | 32 | ActvityFromDecommissionedDevice{Decom_Out} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | status=;decommissioned{AppFunc=;Data-Lake,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;2,PCI=;Category-2c,PII=;No,QualysAgent=;Yes,RTO=;4,Realm=;PROD,Region=;NewYork-DC,System=;Internal,TaniumAgent=Yes};Yes,status=decommissioned};Any{AppFunc=;ActiveDirectory,AppID=;65,AppName=;Authentication_Credentials,AppOwner=;Teigan_Matthams,Criticality=;2,Infrastructure=;Yes,PCI=;Category-2a,PII=;Yes,QualysAgent=;1,Realm=;Azure-Central-US,System=;src_ip=10.100.17.10;dst_ip=10.10.15.7 | CommonSecurityLog | ||||||
| 36 | 4/9/2021, 4:53:39.280 AM | vArmour | AC | 1 | 1 | ac-01 | 88 | vm-ActiveDirectory10_10_15_6 | udp | Data_Lake10_100_17_10.prod.acme.com | 6 | POLICY_VIOLATION | krb | 41 | ActvityFromDecommissionedDevice{Decom_Out} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | status=;decommissioned{AppFunc=;Data-Lake,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;2,PCI=;Category-2c,PII=;No,QualysAgent=;Yes,RTO=;4,Realm=;PROD,Region=;NewYork-DC,System=;Internal,TaniumAgent=Yes};Yes,status=decommissioned};Any{AppFunc=;ActiveDirectory,AppID=;65,AppName=;Authentication_Credentials,AppOwner=;Teigan_Matthams,Criticality=;2,Infrastructure=;Yes,PCI=;Category-2a,PII=;Yes,QualysAgent=;1,Realm=;Azure-Central-US,System=;src_ip=10.100.17.10;dst_ip=10.10.15.6 | CommonSecurityLog | ||||||
| 37 | 4/9/2021, 4:53:39.280 AM | vArmour | AC | 1 | 1 | ac-01 | 88 | vm-ActiveDirectory10_10_15_5 | udp | Data_Lake10_100_17_10.prod.acme.com | 6 | POLICY_VIOLATION | krb | 57 | ActvityFromDecommissionedDevice{Decom_Out} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | status=;decommissioned{AppFunc=;Data-Lake,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;2,PCI=;Category-2c,PII=;No,QualysAgent=;Yes,RTO=;4,Realm=;PROD,Region=;NewYork-DC,System=;Internal,TaniumAgent=Yes};Yes,status=decommissioned};Any{AppFunc=;ActiveDirectory,AppID=;65,AppName=;Authentication_Credentials,AppOwner=;Teigan_Matthams,Criticality=;2,Infrastructure=;Yes,PCI=;Category-2a,PII=;Yes,QualysAgent=;1,Realm=;Azure-Central-US,System=;src_ip=10.100.17.10;dst_ip=10.10.15.5 | CommonSecurityLog | ||||||
| 38 | 4/9/2021, 4:53:39.280 AM | vArmour | AC | 1 | 1 | ac-01 | 88 | vm-ActiveDirectory10_10_15_2 | udp | Data_Lake10_100_17_10.prod.acme.com | 6 | POLICY_VIOLATION | krb | 38 | ActvityFromDecommissionedDevice{Decom_Out} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | status=;decommissioned{AppFunc=;Data-Lake,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;2,PCI=;Category-2c,PII=;No,QualysAgent=;Yes,RTO=;4,Realm=;PROD,Region=;NewYork-DC,System=;Internal,TaniumAgent=Yes};Yes,status=decommissioned};Any{AppFunc=;ActiveDirectory,AppID=;65,AppName=;Authentication_Credentials,AppOwner=;Teigan_Matthams,Criticality=;2,Infrastructure=;Yes,PCI=;Category-2a,PII=;Yes,QualysAgent=;1,Realm=;Azure-Central-US,System=;src_ip=10.100.17.10;dst_ip=10.10.15.2 | CommonSecurityLog | ||||||
| 39 | 4/9/2021, 4:53:39.281 AM | vArmour | AC | 1 | 1 | ac-01 | 88 | vm-ActiveDirectory10_10_15_4 | udp | Data_Lake10_100_17_10.prod.acme.com | 6 | POLICY_VIOLATION | krb | 86 | ActvityFromDecommissionedDevice{Decom_Out} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | status=;decommissioned{AppFunc=;Data-Lake,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;2,PCI=;Category-2c,PII=;No,QualysAgent=;Yes,RTO=;4,Realm=;PROD,Region=;NewYork-DC,System=;Internal,TaniumAgent=Yes};Yes,status=decommissioned};Any{AppFunc=;ActiveDirectory,AppID=;65,AppName=;Authentication_Credentials,AppOwner=;Teigan_Matthams,Criticality=;2,Infrastructure=;Yes,PCI=;Category-2a,PII=;Yes,QualysAgent=;1,Realm=;Azure-Central-US,System=;src_ip=10.100.17.10;dst_ip=10.10.15.4 | CommonSecurityLog | ||||||
| 40 | 4/9/2021, 4:53:39.288 AM | vArmour | AC | 1 | 1 | ac-01 | 88 | vm-ActiveDirectory10_10_15_1 | udp | Data_Lake10_100_17_10.prod.acme.com | 6 | POLICY_VIOLATION | krb | 70 | ActvityFromDecommissionedDevice{Decom_Out} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | status=;decommissioned{AppFunc=;Data-Lake,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;2,PCI=;Category-2c,PII=;No,QualysAgent=;Yes,RTO=;4,Realm=;PROD,Region=;NewYork-DC,System=;Internal,TaniumAgent=Yes};Yes,status=decommissioned};Any{AppFunc=;ActiveDirectory,AppID=;65,AppName=;Authentication_Credentials,AppOwner=;Teigan_Matthams,Criticality=;2,Infrastructure=;Yes,PCI=;Category-2a,PII=;Yes,QualysAgent=;1,Realm=;Azure-Central-US,System=;src_ip=10.100.17.10;dst_ip=10.10.15.1 | CommonSecurityLog | ||||||
| 41 | 4/9/2021, 4:53:39.288 AM | vArmour | AC | 1 | 1 | ac-01 | 50075 | Data_Lake10_100_17_10.prod.acme.com | tcp | Hadoop10_100_15_26.prod.acme.com | 6 | POLICY_VIOLATION | unknown_tcp | 43 | ActvityFromDecommissionedDevice{Decom_In} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | Any{AppFunc=;Hadoop,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;3,PCI=;Category-3,PII=;No,QualysAgent=;Yes,RTO=;4,Realm=;TEST,Region=;NewYork-DC,System=;Internal,TaniumAgent=;status=;decommissioned{AppFunc=;Data-Lake,AppID=;2,PCI=;Category-2c,PII=;PROD,Region=;Yes,status=decommissioned};src_ip=10.100.15.26;dst_ip=10.100.17.10 | CommonSecurityLog | ||||||
| 42 | 4/9/2021, 4:53:39.288 AM | vArmour | AC | 1 | 1 | ac-01 | 1433 | vm-DB-eCom-Orders10_200_3_1 | tcp | Inventory-Management10_21_22_2_vm | 6 | POLICY_VIOLATION | mssql | 79 | PCI-Policy{PCI-Policy_ID150_21} Customer-DB-PCI-Attestation-06-02-2020{Customer-DB-Base_ID146_20,permit},Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-3{AppFunc=;Inventory-Management,AppID=;23422,AppName=;Backoffice,AppOwner=;Rueben_Mckenzie,Criticality=;3,PCI=;Category-3,PII=;No,QualysAgent=;Yes,RTO=;1,Realm=;DEV,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};Category-1a{AppFunc=;DB-eCom-Orders,AppID=;844,AppName=;Customer-DB,AppOwner=;Albie_Garrison,CVE=;High,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;Oregon-DC,System=;src_ip=10.21.22.2;dst_ip=10.200.3.1 | CommonSecurityLog | ||||||
| 43 | 4/9/2021, 4:53:39.288 AM | vArmour | AC | 1 | 1 | ac-01 | 88 | vm-ActiveDirectory10_10_15_1 | udp | Data_Lake10_100_17_10.prod.acme.com | 6 | POLICY_VIOLATION | krb | 70 | ActvityFromDecommissionedDevice{Decom_Out} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | status=;decommissioned{AppFunc=;Data-Lake,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;2,PCI=;Category-2c,PII=;No,QualysAgent=;Yes,RTO=;4,Realm=;PROD,Region=;NewYork-DC,System=;Internal,TaniumAgent=Yes};Yes,status=decommissioned};Any{AppFunc=;ActiveDirectory,AppID=;65,AppName=;Authentication_Credentials,AppOwner=;Teigan_Matthams,Criticality=;2,Infrastructure=;Yes,PCI=;Category-2a,PII=;Yes,QualysAgent=;1,Realm=;Azure-Central-US,System=;src_ip=10.100.17.10;dst_ip=10.10.15.1 | CommonSecurityLog | ||||||
| 44 | 4/9/2021, 4:53:39.288 AM | vArmour | AC | 1 | 1 | ac-01 | 50075 | Data_Lake10_100_17_10.prod.acme.com | tcp | Hadoop10_100_15_26.prod.acme.com | 6 | POLICY_VIOLATION | unknown_tcp | 43 | ActvityFromDecommissionedDevice{Decom_In} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | Any{AppFunc=;Hadoop,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;3,PCI=;Category-3,PII=;No,QualysAgent=;Yes,RTO=;4,Realm=;TEST,Region=;NewYork-DC,System=;Internal,TaniumAgent=;status=;decommissioned{AppFunc=;Data-Lake,AppID=;2,PCI=;Category-2c,PII=;PROD,Region=;Yes,status=decommissioned};src_ip=10.100.15.26;dst_ip=10.100.17.10 | CommonSecurityLog | ||||||
| 45 | 4/9/2021, 4:53:39.289 AM | vArmour | AC | 1 | 1 | ac-01 | 1433 | vm-DB-eCom-Orders10_200_3_1 | tcp | Inventory-Management10_21_22_2_vm | 6 | POLICY_VIOLATION | mssql | 79 | PCI-Policy{PCI-Policy_ID150_21} Customer-DB-PCI-Attestation-06-02-2020{Customer-DB-Base_ID146_20,permit},Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-3{AppFunc=;Inventory-Management,AppID=;23422,AppName=;Backoffice,AppOwner=;Rueben_Mckenzie,Criticality=;3,PCI=;Category-3,PII=;No,QualysAgent=;Yes,RTO=;1,Realm=;DEV,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};Category-1a{AppFunc=;DB-eCom-Orders,AppID=;844,AppName=;Customer-DB,AppOwner=;Albie_Garrison,CVE=;High,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;Oregon-DC,System=;src_ip=10.21.22.2;dst_ip=10.200.3.1 | CommonSecurityLog | ||||||
| 46 | 4/9/2021, 4:53:39.289 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Credit_Bureau_110_100_24_1.prod.acme.com | tcp | vm-Credit-Check10_200_4_2 | 6 | POLICY_VIOLATION | https | 56 | PCI-Policy{PCI-Policy_ID150_23} NewYork-DC-Oregon-DC-zero-trust-separation-region{NewYork-DC-Orego_ID2_3,permit},Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-1a{AppFunc=;Credit-Check,AppID=;6875,AppName=;Payments,AppOwner=;Sofija_Harwood,CVE=;Low,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;1,Realm=;PROD,Region=;Oregon-DC,System=;Internal,TaniumAgent=Yes};Category-3{AppFunc=;Credit-Bureau-1,AppID=;1911,AppName=;3rd-Party-Credit-Bureau,AppOwner=;Albie_Garrison,Criticality=;2,PCI=;Category-3,PII=;No,QualysAgent=;4,Realm=;NewYork-DC,System=;src_ip=10.200.4.2;dst_ip=10.100.24.1 | CommonSecurityLog | ||||||
| 47 | 4/9/2021, 4:53:39.289 AM | vArmour | AC | 1 | 1 | ac-01 | 50075 | Data_Lake10_100_17_10.prod.acme.com | tcp | Predictive_Pricing10_100_14_3.prod.acme.com | 6 | POLICY_VIOLATION | unknown_tcp | 41 | ActvityFromDecommissionedDevice{Decom_In} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | Any{AppFunc=;Predictive-Pricing,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,CVE=;Meduim,Criticality=;3,PCI=;Category-3,PII=;No,QualysAgent=;Yes,RTO=;4,Realm=;PROD,Region=;NewYork-DC,System=;Internal,TaniumAgent=;status=;decommissioned{AppFunc=;Data-Lake,AppID=;Tj_Sumner,Criticality=;2,PCI=;Category-2c,PII=;Yes,status=decommissioned};src_ip=10.100.14.3;dst_ip=10.100.17.10 | CommonSecurityLog | ||||||
| 48 | 4/9/2021, 4:53:39.289 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Credit_Bureau_110_100_24_1.prod.acme.com | tcp | vm-Credit-Check10_200_4_2 | 6 | POLICY_VIOLATION | https | 56 | RTO_MISMATCH{RTO1_MISMATCH} NewYork-DC-Oregon-DC-zero-trust-separation-region{NewYork-DC-Orego_ID2_3,permit},Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | RTO=;1{AppFunc=;Credit-Check,AppID=;6875,AppName=;Payments,AppOwner=;Sofija_Harwood,CVE=;Low,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;1,Realm=;PROD,Region=;Oregon-DC,System=;Internal,TaniumAgent=Yes};4{AppFunc=;Credit-Bureau-1,AppID=;1911,AppName=;3rd-Party-Credit-Bureau,AppOwner=;Albie_Garrison,Criticality=;2,PCI=;Category-3,PII=;No,QualysAgent=;4,Realm=;NewYork-DC,System=;src_ip=10.200.4.2;dst_ip=10.100.24.1 | CommonSecurityLog | ||||||
| 49 | 4/9/2021, 4:53:39.289 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Credit_Bureau_110_100_24_1.prod.acme.com | tcp | vm-Credit-Check10_200_4_2 | 6 | POLICY_VIOLATION | https | 56 | PCI-Policy{PCI-Policy_ID150_23} NewYork-DC-Oregon-DC-zero-trust-separation-region{NewYork-DC-Orego_ID2_3,permit},Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-1a{AppFunc=;Credit-Check,AppID=;6875,AppName=;Payments,AppOwner=;Sofija_Harwood,CVE=;Low,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;1,Realm=;PROD,Region=;Oregon-DC,System=;Internal,TaniumAgent=Yes};Category-3{AppFunc=;Credit-Bureau-1,AppID=;1911,AppName=;3rd-Party-Credit-Bureau,AppOwner=;Albie_Garrison,Criticality=;2,PCI=;Category-3,PII=;No,QualysAgent=;4,Realm=;NewYork-DC,System=;src_ip=10.200.4.2;dst_ip=10.100.24.1 | CommonSecurityLog | ||||||
| 50 | 4/9/2021, 4:53:39.316 AM | vArmour | AC | 1 | 1 | ac-01 | 1433 | vm-DB-eCom-Transactions10_200_2_2 | tcp | John Savoy | 6 | POLICY_VIOLATION | mssql | PCI-Policy{PCI-Policy_ID150_21} Default{IntcCatchAll,permit},NewYork-DC-Oregon-DC-zero-trust-separation-region{NewYork-DC-Orego_ID2_1,permit} | policyName | srcLabels | dstLabels | PCI=;Category-3{AppFunc=;Sales,AppName=;Users,Criticality=;5,PCI=;Category-3,PII=;No,Realm=;PROD,Region=;NewYork-DC,SentinalOne=;No,System=;Internal,UserManager=Donald_Hernandez};Category-1a{AppFunc=;DB-eCom-Transactions,AppID=;844,AppName=;Customer-DB,AppOwner=;Albie_Garrison,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;1,Realm=;Oregon-DC,System=;Internal,TaniumAgent=Yes};src_ip=10.100.9.5;dst_ip=10.200.2.2 | CommonSecurityLog | |||||||
| 51 | 4/9/2021, 4:53:39.316 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Credit_Bureau_210_100_25_1.prod.acme.com | tcp | vm-Credit-Check10_200_4_2 | 6 | POLICY_VIOLATION | https | 65 | RTO_MISMATCH{RTO1_MISMATCH} NewYork-DC-Oregon-DC-zero-trust-separation-region{NewYork-DC-Orego_ID2_3,permit},Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | RTO=;1{AppFunc=;Credit-Check,AppID=;6875,AppName=;Payments,AppOwner=;Sofija_Harwood,CVE=;Low,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;1,Realm=;PROD,Region=;Oregon-DC,System=;Internal,TaniumAgent=Yes};4{AppFunc=;Credit-Bureau-2,AppID=;1911,AppName=;3rd-Party-Credit-Bureau,AppOwner=;Albie_Garrison,Criticality=;2,PCI=;Category-3,PII=;No,QualysAgent=;4,Realm=;NewYork-DC,System=;src_ip=10.200.4.2;dst_ip=10.100.25.1 | CommonSecurityLog | ||||||
| 52 | 4/9/2021, 4:53:39.316 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Credit_Bureau_210_100_25_1.prod.acme.com | tcp | vm-Credit-Check10_200_4_2 | 6 | POLICY_VIOLATION | https | 65 | PCI-Policy{PCI-Policy_ID150_23} NewYork-DC-Oregon-DC-zero-trust-separation-region{NewYork-DC-Orego_ID2_3,permit},Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-1a{AppFunc=;Credit-Check,AppID=;6875,AppName=;Payments,AppOwner=;Sofija_Harwood,CVE=;Low,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;1,Realm=;PROD,Region=;Oregon-DC,System=;Internal,TaniumAgent=Yes};Category-3{AppFunc=;Credit-Bureau-2,AppID=;1911,AppName=;3rd-Party-Credit-Bureau,AppOwner=;Albie_Garrison,Criticality=;2,PCI=;Category-3,PII=;No,QualysAgent=;4,Realm=;NewYork-DC,System=;src_ip=10.200.4.2;dst_ip=10.100.25.1 | CommonSecurityLog | ||||||
| 53 | 4/9/2021, 4:53:39.316 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Pick-and-Pack10_21_23_1_vm | tcp | Transaction-Server10_21_13_1_vm | 6 | POLICY_VIOLATION | https | 64 | PCI-Policy{PCI-Policy_ID150_23} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-1a{AppFunc=;Transaction-Server,AppID=;926,AppName=;eCommerce,AppOwner=;Antonina_Moran,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;3,Realm=;PROD,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};Category-3{AppFunc=;Pick-and-Pack,AppID=;23422,AppName=;Backoffice,AppOwner=;Rueben_Mckenzie,Criticality=;3,PCI=;Category-3,PII=;No,QualysAgent=;1,Realm=;TEST,Region=;src_ip=10.21.13.1;dst_ip=10.21.23.1 | CommonSecurityLog | ||||||
| 54 | 4/9/2021, 4:53:39.316 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Credit_Bureau_210_100_25_1.prod.acme.com | tcp | vm-Credit-Check10_200_4_2 | 6 | POLICY_VIOLATION | https | 65 | RTO_MISMATCH{RTO1_MISMATCH} NewYork-DC-Oregon-DC-zero-trust-separation-region{NewYork-DC-Orego_ID2_3,permit},Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | RTO=;1{AppFunc=;Credit-Check,AppID=;6875,AppName=;Payments,AppOwner=;Sofija_Harwood,CVE=;Low,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;1,Realm=;PROD,Region=;Oregon-DC,System=;Internal,TaniumAgent=Yes};4{AppFunc=;Credit-Bureau-2,AppID=;1911,AppName=;3rd-Party-Credit-Bureau,AppOwner=;Albie_Garrison,Criticality=;2,PCI=;Category-3,PII=;No,QualysAgent=;4,Realm=;NewYork-DC,System=;src_ip=10.200.4.2;dst_ip=10.100.25.1 | CommonSecurityLog | ||||||
| 55 | 4/9/2021, 4:53:39.316 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Pick-and-Pack10_21_23_1_vm | tcp | Transaction-Server10_21_13_3_vm | 6 | POLICY_VIOLATION | https | 58 | PCI-Policy{PCI-Policy_ID150_23} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-1a{AppFunc=;Transaction-Server,AppID=;926,AppName=;eCommerce,AppOwner=;Antonina_Moran,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;3,Realm=;PROD,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};Category-3{AppFunc=;Pick-and-Pack,AppID=;23422,AppName=;Backoffice,AppOwner=;Rueben_Mckenzie,Criticality=;3,PCI=;Category-3,PII=;No,QualysAgent=;1,Realm=;TEST,Region=;src_ip=10.21.13.3;dst_ip=10.21.23.1 | CommonSecurityLog | ||||||
| 56 | 4/9/2021, 4:53:39.316 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Credit_Bureau_210_100_25_1.prod.acme.com | tcp | vm-Credit-Check10_200_4_2 | 6 | POLICY_VIOLATION | https | 65 | PCI-Policy{PCI-Policy_ID150_23} NewYork-DC-Oregon-DC-zero-trust-separation-region{NewYork-DC-Orego_ID2_3,permit},Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-1a{AppFunc=;Credit-Check,AppID=;6875,AppName=;Payments,AppOwner=;Sofija_Harwood,CVE=;Low,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;1,Realm=;PROD,Region=;Oregon-DC,System=;Internal,TaniumAgent=Yes};Category-3{AppFunc=;Credit-Bureau-2,AppID=;1911,AppName=;3rd-Party-Credit-Bureau,AppOwner=;Albie_Garrison,Criticality=;2,PCI=;Category-3,PII=;No,QualysAgent=;4,Realm=;NewYork-DC,System=;src_ip=10.200.4.2;dst_ip=10.100.25.1 | CommonSecurityLog | ||||||
| 57 | 4/9/2021, 4:53:39.317 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Pick-and-Pack10_21_23_1_vm | tcp | Transaction-Server10_21_13_1_vm | 6 | POLICY_VIOLATION | https | 64 | PCI-Policy{PCI-Policy_ID150_23} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-1a{AppFunc=;Transaction-Server,AppID=;926,AppName=;eCommerce,AppOwner=;Antonina_Moran,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;3,Realm=;PROD,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};Category-3{AppFunc=;Pick-and-Pack,AppID=;23422,AppName=;Backoffice,AppOwner=;Rueben_Mckenzie,Criticality=;3,PCI=;Category-3,PII=;No,QualysAgent=;1,Realm=;TEST,Region=;src_ip=10.21.13.1;dst_ip=10.21.23.1 | CommonSecurityLog | ||||||
| 58 | 4/9/2021, 4:53:39.322 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Pick-and-Pack10_21_23_1_vm | tcp | Transaction-Server10_21_13_2_vm | 6 | POLICY_VIOLATION | https | 74 | PCI-Policy{PCI-Policy_ID150_23} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-1a{AppFunc=;Transaction-Server,AppID=;926,AppName=;eCommerce,AppOwner=;Antonina_Moran,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;3,Realm=;PROD,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};Category-3{AppFunc=;Pick-and-Pack,AppID=;23422,AppName=;Backoffice,AppOwner=;Rueben_Mckenzie,Criticality=;3,PCI=;Category-3,PII=;No,QualysAgent=;1,Realm=;TEST,Region=;src_ip=10.21.13.2;dst_ip=10.21.23.1 | CommonSecurityLog | ||||||
| 59 | 4/9/2021, 4:53:39.322 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Pick-and-Pack10_21_23_1_vm | tcp | Transaction-Server10_21_13_3_vm | 6 | POLICY_VIOLATION | https | 58 | PCI-Policy{PCI-Policy_ID150_23} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-1a{AppFunc=;Transaction-Server,AppID=;926,AppName=;eCommerce,AppOwner=;Antonina_Moran,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;3,Realm=;PROD,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};Category-3{AppFunc=;Pick-and-Pack,AppID=;23422,AppName=;Backoffice,AppOwner=;Rueben_Mckenzie,Criticality=;3,PCI=;Category-3,PII=;No,QualysAgent=;1,Realm=;TEST,Region=;src_ip=10.21.13.3;dst_ip=10.21.23.1 | CommonSecurityLog | ||||||
| 60 | 4/9/2021, 4:53:39.322 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Credit_Bureau_210_100_25_1.prod.acme.com | tcp | vm-Credit-Check10_200_4_2 | 6 | POLICY_VIOLATION | https | 65 | RTO_MISMATCH{RTO1_MISMATCH} NewYork-DC-Oregon-DC-zero-trust-separation-region{NewYork-DC-Orego_ID2_3,permit},Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | RTO=;1{AppFunc=;Credit-Check,AppID=;6875,AppName=;Payments,AppOwner=;Sofija_Harwood,CVE=;Low,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;1,Realm=;PROD,Region=;Oregon-DC,System=;Internal,TaniumAgent=Yes};4{AppFunc=;Credit-Bureau-2,AppID=;1911,AppName=;3rd-Party-Credit-Bureau,AppOwner=;Albie_Garrison,Criticality=;2,PCI=;Category-3,PII=;No,QualysAgent=;4,Realm=;NewYork-DC,System=;src_ip=10.200.4.2;dst_ip=10.100.25.1 | CommonSecurityLog | ||||||
| 61 | 4/9/2021, 4:53:39.322 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Credit_Bureau_210_100_25_1.prod.acme.com | tcp | vm-Credit-Check10_200_4_2 | 6 | POLICY_VIOLATION | https | 65 | PCI-Policy{PCI-Policy_ID150_23} NewYork-DC-Oregon-DC-zero-trust-separation-region{NewYork-DC-Orego_ID2_3,permit},Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-1a{AppFunc=;Credit-Check,AppID=;6875,AppName=;Payments,AppOwner=;Sofija_Harwood,CVE=;Low,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;1,Realm=;PROD,Region=;Oregon-DC,System=;Internal,TaniumAgent=Yes};Category-3{AppFunc=;Credit-Bureau-2,AppID=;1911,AppName=;3rd-Party-Credit-Bureau,AppOwner=;Albie_Garrison,Criticality=;2,PCI=;Category-3,PII=;No,QualysAgent=;4,Realm=;NewYork-DC,System=;src_ip=10.200.4.2;dst_ip=10.100.25.1 | CommonSecurityLog | ||||||
| 62 | 4/9/2021, 4:53:39.322 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Pick-and-Pack10_21_23_1_vm | tcp | Transaction-Server10_21_13_1_vm | 6 | POLICY_VIOLATION | https | 64 | PCI-Policy{PCI-Policy_ID150_23} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-1a{AppFunc=;Transaction-Server,AppID=;926,AppName=;eCommerce,AppOwner=;Antonina_Moran,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;3,Realm=;PROD,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};Category-3{AppFunc=;Pick-and-Pack,AppID=;23422,AppName=;Backoffice,AppOwner=;Rueben_Mckenzie,Criticality=;3,PCI=;Category-3,PII=;No,QualysAgent=;1,Realm=;TEST,Region=;src_ip=10.21.13.1;dst_ip=10.21.23.1 | CommonSecurityLog | ||||||
| 63 | 4/9/2021, 4:53:39.322 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Pick-and-Pack10_21_23_1_vm | tcp | Transaction-Server10_21_13_3_vm | 6 | POLICY_VIOLATION | https | 58 | PCI-Policy{PCI-Policy_ID150_23} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-1a{AppFunc=;Transaction-Server,AppID=;926,AppName=;eCommerce,AppOwner=;Antonina_Moran,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;3,Realm=;PROD,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};Category-3{AppFunc=;Pick-and-Pack,AppID=;23422,AppName=;Backoffice,AppOwner=;Rueben_Mckenzie,Criticality=;3,PCI=;Category-3,PII=;No,QualysAgent=;1,Realm=;TEST,Region=;src_ip=10.21.13.3;dst_ip=10.21.23.1 | CommonSecurityLog | ||||||
| 64 | 4/9/2021, 4:53:39.323 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Credit_Bureau_210_100_25_1.prod.acme.com | tcp | vm-Credit-Check10_200_4_2 | 6 | POLICY_VIOLATION | https | 65 | RTO_MISMATCH{RTO1_MISMATCH} NewYork-DC-Oregon-DC-zero-trust-separation-region{NewYork-DC-Orego_ID2_3,permit},Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | RTO=;1{AppFunc=;Credit-Check,AppID=;6875,AppName=;Payments,AppOwner=;Sofija_Harwood,CVE=;Low,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;1,Realm=;PROD,Region=;Oregon-DC,System=;Internal,TaniumAgent=Yes};4{AppFunc=;Credit-Bureau-2,AppID=;1911,AppName=;3rd-Party-Credit-Bureau,AppOwner=;Albie_Garrison,Criticality=;2,PCI=;Category-3,PII=;No,QualysAgent=;4,Realm=;NewYork-DC,System=;src_ip=10.200.4.2;dst_ip=10.100.25.1 | CommonSecurityLog | ||||||
| 65 | 4/9/2021, 4:53:39.323 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Credit_Bureau_210_100_25_1.prod.acme.com | tcp | vm-Credit-Check10_200_4_2 | 6 | POLICY_VIOLATION | https | 65 | PCI-Policy{PCI-Policy_ID150_23} NewYork-DC-Oregon-DC-zero-trust-separation-region{NewYork-DC-Orego_ID2_3,permit},Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-1a{AppFunc=;Credit-Check,AppID=;6875,AppName=;Payments,AppOwner=;Sofija_Harwood,CVE=;Low,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;1,Realm=;PROD,Region=;Oregon-DC,System=;Internal,TaniumAgent=Yes};Category-3{AppFunc=;Credit-Bureau-2,AppID=;1911,AppName=;3rd-Party-Credit-Bureau,AppOwner=;Albie_Garrison,Criticality=;2,PCI=;Category-3,PII=;No,QualysAgent=;4,Realm=;NewYork-DC,System=;src_ip=10.200.4.2;dst_ip=10.100.25.1 | CommonSecurityLog | ||||||
| 66 | 4/9/2021, 4:53:39.323 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Pick-and-Pack10_21_23_1_vm | tcp | Transaction-Server10_21_13_1_vm | 6 | POLICY_VIOLATION | https | 64 | PCI-Policy{PCI-Policy_ID150_23} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-1a{AppFunc=;Transaction-Server,AppID=;926,AppName=;eCommerce,AppOwner=;Antonina_Moran,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;3,Realm=;PROD,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};Category-3{AppFunc=;Pick-and-Pack,AppID=;23422,AppName=;Backoffice,AppOwner=;Rueben_Mckenzie,Criticality=;3,PCI=;Category-3,PII=;No,QualysAgent=;1,Realm=;TEST,Region=;src_ip=10.21.13.1;dst_ip=10.21.23.1 | CommonSecurityLog | ||||||
| 67 | 4/9/2021, 4:53:39.323 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Pick-and-Pack10_21_23_1_vm | tcp | Transaction-Server10_21_13_3_vm | 6 | POLICY_VIOLATION | https | 58 | PCI-Policy{PCI-Policy_ID150_23} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-1a{AppFunc=;Transaction-Server,AppID=;926,AppName=;eCommerce,AppOwner=;Antonina_Moran,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;3,Realm=;PROD,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};Category-3{AppFunc=;Pick-and-Pack,AppID=;23422,AppName=;Backoffice,AppOwner=;Rueben_Mckenzie,Criticality=;3,PCI=;Category-3,PII=;No,QualysAgent=;1,Realm=;TEST,Region=;src_ip=10.21.13.3;dst_ip=10.21.23.1 | CommonSecurityLog | ||||||
| 68 | 4/9/2021, 4:53:39.325 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Credit_Bureau_310_100_26_1.prod.acme.com | tcp | vm-Credit-Check10_200_4_2 | 6 | POLICY_VIOLATION | https | 29 | RTO_MISMATCH{RTO1_MISMATCH} NewYork-DC-Oregon-DC-zero-trust-separation-region{NewYork-DC-Orego_ID2_3,permit},Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | RTO=;1{AppFunc=;Credit-Check,AppID=;6875,AppName=;Payments,AppOwner=;Sofija_Harwood,CVE=;Low,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;1,Realm=;PROD,Region=;Oregon-DC,System=;Internal,TaniumAgent=Yes};4{AppFunc=;Credit-Bureau-3,AppID=;1911,AppName=;3rd-Party-Credit-Bureau,AppOwner=;Albie_Garrison,Criticality=;2,PCI=;Category-3,PII=;No,QualysAgent=;4,Realm=;NewYork-DC,System=;src_ip=10.200.4.2;dst_ip=10.100.26.1 | CommonSecurityLog | ||||||
| 69 | 4/9/2021, 4:53:39.325 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Credit_Bureau_310_100_26_1.prod.acme.com | tcp | vm-Credit-Check10_200_4_2 | 6 | POLICY_VIOLATION | https | 29 | PCI-Policy{PCI-Policy_ID150_23} NewYork-DC-Oregon-DC-zero-trust-separation-region{NewYork-DC-Orego_ID2_3,permit},Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-1a{AppFunc=;Credit-Check,AppID=;6875,AppName=;Payments,AppOwner=;Sofija_Harwood,CVE=;Low,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;1,Realm=;PROD,Region=;Oregon-DC,System=;Internal,TaniumAgent=Yes};Category-3{AppFunc=;Credit-Bureau-3,AppID=;1911,AppName=;3rd-Party-Credit-Bureau,AppOwner=;Albie_Garrison,Criticality=;2,PCI=;Category-3,PII=;No,QualysAgent=;4,Realm=;NewYork-DC,System=;src_ip=10.200.4.2;dst_ip=10.100.26.1 | CommonSecurityLog | ||||||
| 70 | 4/9/2021, 4:53:39.325 AM | vArmour | AC | 1 | 1 | ac-01 | 1433 | MSSQL10_100_10_1.prod.acme.com | tcp | Seating-and-Pricing10_20_3_2_vm | 6 | POLICY_VIOLATION | mssql | 47 | CVE_CRITICAL{Outbound} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | CVE=;Critical{AppFunc=;Seating-and-Pricing,AppID=;37624,AppName=;Mobile-OEM-Platforms,AppOwner=;Albie_Garrison,CVE=;Critical,Criticality=;1,PCI=;Category-3,PII=;No,QualysAgent=;Yes,RTO=;3,Realm=;PROD,Region=;AWS-US-East,System=;Internal,TaniumAgent=Yes};Criticality=;1{AppFunc=;MSSQL,AppID=;3444,AppName=;Ref-Databases,AppOwner=;Alissia_Holden,Criticality=;1,Realm=;NewYork-DC,System=;src_ip=10.20.3.2;dst_ip=10.100.10.1 | CommonSecurityLog | ||||||
| 71 | 4/9/2021, 4:53:39.325 AM | vArmour | AC | 1 | 1 | ac-01 | 1433 | MSSQL10_100_10_2.prod.acme.com | tcp | Seating-and-Pricing10_20_3_2_vm | 6 | POLICY_VIOLATION | mssql | 36 | CVE_CRITICAL{Outbound} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | CVE=;Critical{AppFunc=;Seating-and-Pricing,AppID=;37624,AppName=;Mobile-OEM-Platforms,AppOwner=;Albie_Garrison,CVE=;Critical,Criticality=;1,PCI=;Category-3,PII=;No,QualysAgent=;Yes,RTO=;3,Realm=;PROD,Region=;AWS-US-East,System=;Internal,TaniumAgent=Yes};Criticality=;1{AppFunc=;MSSQL,AppID=;3444,AppName=;Ref-Databases,AppOwner=;Alissia_Holden,Criticality=;1,Realm=;NewYork-DC,System=;src_ip=10.20.3.2;dst_ip=10.100.10.2 | CommonSecurityLog | ||||||
| 72 | 4/9/2021, 4:53:39.325 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Credit_Bureau_310_100_26_1.prod.acme.com | tcp | vm-Credit-Check10_200_4_2 | 6 | POLICY_VIOLATION | https | 29 | RTO_MISMATCH{RTO1_MISMATCH} NewYork-DC-Oregon-DC-zero-trust-separation-region{NewYork-DC-Orego_ID2_3,permit},Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | RTO=;1{AppFunc=;Credit-Check,AppID=;6875,AppName=;Payments,AppOwner=;Sofija_Harwood,CVE=;Low,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;1,Realm=;PROD,Region=;Oregon-DC,System=;Internal,TaniumAgent=Yes};4{AppFunc=;Credit-Bureau-3,AppID=;1911,AppName=;3rd-Party-Credit-Bureau,AppOwner=;Albie_Garrison,Criticality=;2,PCI=;Category-3,PII=;No,QualysAgent=;4,Realm=;NewYork-DC,System=;src_ip=10.200.4.2;dst_ip=10.100.26.1 | CommonSecurityLog | ||||||
| 73 | 4/9/2021, 4:53:39.325 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Credit_Bureau_310_100_26_1.prod.acme.com | tcp | vm-Credit-Check10_200_4_2 | 6 | POLICY_VIOLATION | https | 29 | PCI-Policy{PCI-Policy_ID150_23} NewYork-DC-Oregon-DC-zero-trust-separation-region{NewYork-DC-Orego_ID2_3,permit},Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-1a{AppFunc=;Credit-Check,AppID=;6875,AppName=;Payments,AppOwner=;Sofija_Harwood,CVE=;Low,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;1,Realm=;PROD,Region=;Oregon-DC,System=;Internal,TaniumAgent=Yes};Category-3{AppFunc=;Credit-Bureau-3,AppID=;1911,AppName=;3rd-Party-Credit-Bureau,AppOwner=;Albie_Garrison,Criticality=;2,PCI=;Category-3,PII=;No,QualysAgent=;4,Realm=;NewYork-DC,System=;src_ip=10.200.4.2;dst_ip=10.100.26.1 | CommonSecurityLog | ||||||
| 74 | 4/9/2021, 5:06:03.870 AM | vArmour | AC | 1 | 1 | ac-01 | 8020 | Ingest_and_Tokenization10_100_16_4.prod.acme.com | tcp | Web-App-SF-Home10_21_2_9_vm | 6 | POLICY_VIOLATION | unknown_tcp | 37 | PCI-Policy{PCI-Policy_ID150_21} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-3{AppFunc=;Web-App-SF-Home,AppID=;75356,AppName=;eBanking,AppOwner=;Joanna_Lowry,Criticality=;2,PCI=;Category-3,PII=;Yes,QualysAgent=;Yes,RTO=;2,Realm=;PROD,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};Category-1a{AppFunc=;Ingest-and-Tokenization,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;3,PCI=;Category-1a,PII=;4,Realm=;NewYork-DC,System=;src_ip=10.21.2.9;dst_ip=10.100.16.4 | CommonSecurityLog | ||||||
| 75 | 4/9/2021, 5:06:03.872 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Risk_Modeling10_100_13_1.prod.acme.com | tcp | Fraud-Monitoring10_21_14_2_vm | 6 | POLICY_VIOLATION | https | 50 | PCI-Policy{PCI-Policy_ID150_25} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-1a{AppFunc=;Fraud-Monitoring,AppID=;926,AppName=;eCommerce,AppOwner=;Antonina_Moran,CVE=;Low,Criticality=;2,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;3,Realm=;DEV,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};Category-2b{AppFunc=;Risk-Modeling,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;3,PCI=;Category-2b,PII=;No,QualysAgent=;4,Realm=;PROD,Region=;NewYork-DC,System=;src_ip=10.21.14.2;dst_ip=10.100.13.1 | CommonSecurityLog | ||||||
| 76 | 4/9/2021, 5:06:03.872 AM | vArmour | AC | 1 | 1 | ac-01 | 1433 | vm-DB-eCom-Orders10_200_3_2 | tcp | Inventory-Management10_21_22_2_vm | 6 | POLICY_VIOLATION | mssql | 12 | PCI-Policy{PCI-Policy_ID150_21} Customer-DB-PCI-Attestation-06-02-2020{Customer-DB-Base_ID146_20,permit},Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-3{AppFunc=;Inventory-Management,AppID=;23422,AppName=;Backoffice,AppOwner=;Rueben_Mckenzie,Criticality=;3,PCI=;Category-3,PII=;No,QualysAgent=;Yes,RTO=;1,Realm=;DEV,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};Category-1a{AppFunc=;DB-eCom-Orders,AppID=;844,AppName=;Customer-DB,AppOwner=;Albie_Garrison,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;PROD,Region=;Oregon-DC,System=;src_ip=10.21.22.2;dst_ip=10.200.3.2 | CommonSecurityLog | ||||||
| 77 | 4/9/2021, 5:06:03.872 AM | vArmour | AC | 1 | 1 | ac-01 | 1433 | vm-DB-eCom-Orders10_200_3_2 | tcp | Inventory-Management10_21_22_2_vm | 6 | POLICY_VIOLATION | mssql | 12 | PCI-Policy{PCI-Policy_ID150_21} Customer-DB-PCI-Attestation-06-02-2020{Customer-DB-Base_ID146_20,permit},Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-3{AppFunc=;Inventory-Management,AppID=;23422,AppName=;Backoffice,AppOwner=;Rueben_Mckenzie,Criticality=;3,PCI=;Category-3,PII=;No,QualysAgent=;Yes,RTO=;1,Realm=;DEV,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};Category-1a{AppFunc=;DB-eCom-Orders,AppID=;844,AppName=;Customer-DB,AppOwner=;Albie_Garrison,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;PROD,Region=;Oregon-DC,System=;src_ip=10.21.22.2;dst_ip=10.200.3.2 | CommonSecurityLog | ||||||
| 78 | 4/9/2021, 5:06:03.872 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Risk_Modeling10_100_13_6.prod.acme.com | tcp | Fraud-Monitoring10_21_14_2_vm | 6 | POLICY_VIOLATION | https | 42 | PCI-Policy{PCI-Policy_ID150_25} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-1a{AppFunc=;Fraud-Monitoring,AppID=;926,AppName=;eCommerce,AppOwner=;Antonina_Moran,CVE=;Low,Criticality=;2,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;3,Realm=;DEV,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};Category-2b{AppFunc=;Risk-Modeling,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;3,PCI=;Category-2b,PII=;No,QualysAgent=;4,Realm=;PROD,Region=;NewYork-DC,System=;src_ip=10.21.14.2;dst_ip=10.100.13.6 | CommonSecurityLog | ||||||
| 79 | 4/9/2021, 5:06:03.872 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Risk_Modeling10_100_13_6.prod.acme.com | tcp | Fraud-Monitoring10_21_14_2_vm | 6 | POLICY_VIOLATION | https | 42 | PCI-Policy{PCI-Policy_ID150_25} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-1a{AppFunc=;Fraud-Monitoring,AppID=;926,AppName=;eCommerce,AppOwner=;Antonina_Moran,CVE=;Low,Criticality=;2,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;3,Realm=;DEV,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};Category-2b{AppFunc=;Risk-Modeling,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;3,PCI=;Category-2b,PII=;No,QualysAgent=;4,Realm=;PROD,Region=;NewYork-DC,System=;src_ip=10.21.14.2;dst_ip=10.100.13.6 | CommonSecurityLog | ||||||
| 80 | 4/9/2021, 5:06:03.873 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Risk_Modeling10_100_13_3.prod.acme.com | tcp | Fraud-Monitoring10_21_14_2_vm | 6 | POLICY_VIOLATION | https | 50 | PCI-Policy{PCI-Policy_ID150_25} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-1a{AppFunc=;Fraud-Monitoring,AppID=;926,AppName=;eCommerce,AppOwner=;Antonina_Moran,CVE=;Low,Criticality=;2,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;3,Realm=;DEV,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};Category-2b{AppFunc=;Risk-Modeling,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;3,PCI=;Category-2b,PII=;No,QualysAgent=;4,Realm=;PROD,Region=;NewYork-DC,System=;src_ip=10.21.14.2;dst_ip=10.100.13.3 | CommonSecurityLog | ||||||
| 81 | 4/9/2021, 5:06:03.873 AM | vArmour | AC | 1 | 1 | ac-01 | 1433 | vm-DB-eCom-Orders10_200_3_2 | tcp | Inventory-Management10_21_22_2_vm | 6 | POLICY_VIOLATION | mssql | 12 | PCI-Policy{PCI-Policy_ID150_21} Customer-DB-PCI-Attestation-06-02-2020{Customer-DB-Base_ID146_20,permit},Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-3{AppFunc=;Inventory-Management,AppID=;23422,AppName=;Backoffice,AppOwner=;Rueben_Mckenzie,Criticality=;3,PCI=;Category-3,PII=;No,QualysAgent=;Yes,RTO=;1,Realm=;DEV,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};Category-1a{AppFunc=;DB-eCom-Orders,AppID=;844,AppName=;Customer-DB,AppOwner=;Albie_Garrison,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;PROD,Region=;Oregon-DC,System=;src_ip=10.21.22.2;dst_ip=10.200.3.2 | CommonSecurityLog | ||||||
| 82 | 4/9/2021, 5:06:03.873 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Risk_Modeling10_100_13_3.prod.acme.com | tcp | Fraud-Monitoring10_21_14_2_vm | 6 | POLICY_VIOLATION | https | 50 | PCI-Policy{PCI-Policy_ID150_25} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-1a{AppFunc=;Fraud-Monitoring,AppID=;926,AppName=;eCommerce,AppOwner=;Antonina_Moran,CVE=;Low,Criticality=;2,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;3,Realm=;DEV,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};Category-2b{AppFunc=;Risk-Modeling,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;3,PCI=;Category-2b,PII=;No,QualysAgent=;4,Realm=;PROD,Region=;NewYork-DC,System=;src_ip=10.21.14.2;dst_ip=10.100.13.3 | CommonSecurityLog | ||||||
| 83 | 4/9/2021, 5:06:03.873 AM | vArmour | AC | 1 | 1 | ac-01 | 88 | vm-ActiveDirectory10_10_15_7 | udp | Data_Lake10_100_17_10.prod.acme.com | 6 | POLICY_VIOLATION | krb | 32 | ActvityFromDecommissionedDevice{Decom_Out} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | status=;decommissioned{AppFunc=;Data-Lake,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;2,PCI=;Category-2c,PII=;No,QualysAgent=;Yes,RTO=;4,Realm=;PROD,Region=;NewYork-DC,System=;Internal,TaniumAgent=Yes};Yes,status=decommissioned};Any{AppFunc=;ActiveDirectory,AppID=;65,AppName=;Authentication_Credentials,AppOwner=;Teigan_Matthams,Criticality=;2,Infrastructure=;Yes,PCI=;Category-2a,PII=;Yes,QualysAgent=;1,Realm=;Azure-Central-US,System=;src_ip=10.100.17.10;dst_ip=10.10.15.7 | CommonSecurityLog | ||||||
| 84 | 4/9/2021, 5:06:03.873 AM | vArmour | AC | 1 | 1 | ac-01 | 1433 | vm-DB-eCom-Orders10_200_3_2 | tcp | Inventory-Management10_21_22_2_vm | 6 | POLICY_VIOLATION | mssql | 12 | PCI-Policy{PCI-Policy_ID150_21} Customer-DB-PCI-Attestation-06-02-2020{Customer-DB-Base_ID146_20,permit},Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-3{AppFunc=;Inventory-Management,AppID=;23422,AppName=;Backoffice,AppOwner=;Rueben_Mckenzie,Criticality=;3,PCI=;Category-3,PII=;No,QualysAgent=;Yes,RTO=;1,Realm=;DEV,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};Category-1a{AppFunc=;DB-eCom-Orders,AppID=;844,AppName=;Customer-DB,AppOwner=;Albie_Garrison,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;PROD,Region=;Oregon-DC,System=;src_ip=10.21.22.2;dst_ip=10.200.3.2 | CommonSecurityLog | ||||||
| 85 | 4/9/2021, 5:06:03.873 AM | vArmour | AC | 1 | 1 | ac-01 | 88 | vm-ActiveDirectory10_10_15_7 | udp | Data_Lake10_100_17_10.prod.acme.com | 6 | POLICY_VIOLATION | krb | 32 | ActvityFromDecommissionedDevice{Decom_Out} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | status=;decommissioned{AppFunc=;Data-Lake,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;2,PCI=;Category-2c,PII=;No,QualysAgent=;Yes,RTO=;4,Realm=;PROD,Region=;NewYork-DC,System=;Internal,TaniumAgent=Yes};Yes,status=decommissioned};Any{AppFunc=;ActiveDirectory,AppID=;65,AppName=;Authentication_Credentials,AppOwner=;Teigan_Matthams,Criticality=;2,Infrastructure=;Yes,PCI=;Category-2a,PII=;Yes,QualysAgent=;1,Realm=;Azure-Central-US,System=;src_ip=10.100.17.10;dst_ip=10.10.15.7 | CommonSecurityLog | ||||||
| 86 | 4/9/2021, 5:06:03.873 AM | vArmour | AC | 1 | 1 | ac-01 | 88 | vm-ActiveDirectory10_10_15_7 | udp | Data_Lake10_100_17_10.prod.acme.com | 6 | POLICY_VIOLATION | krb | 32 | ActvityFromDecommissionedDevice{Decom_Out} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | status=;decommissioned{AppFunc=;Data-Lake,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;2,PCI=;Category-2c,PII=;No,QualysAgent=;Yes,RTO=;4,Realm=;PROD,Region=;NewYork-DC,System=;Internal,TaniumAgent=Yes};Yes,status=decommissioned};Any{AppFunc=;ActiveDirectory,AppID=;65,AppName=;Authentication_Credentials,AppOwner=;Teigan_Matthams,Criticality=;2,Infrastructure=;Yes,PCI=;Category-2a,PII=;Yes,QualysAgent=;1,Realm=;Azure-Central-US,System=;src_ip=10.100.17.10;dst_ip=10.10.15.7 | CommonSecurityLog | ||||||
| 87 | 4/9/2021, 5:06:03.879 AM | vArmour | AC | 1 | 1 | ac-01 | 88 | vm-ActiveDirectory10_10_15_6 | udp | Data_Lake10_100_17_10.prod.acme.com | 6 | POLICY_VIOLATION | krb | 41 | ActvityFromDecommissionedDevice{Decom_Out} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | status=;decommissioned{AppFunc=;Data-Lake,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;2,PCI=;Category-2c,PII=;No,QualysAgent=;Yes,RTO=;4,Realm=;PROD,Region=;NewYork-DC,System=;Internal,TaniumAgent=Yes};Yes,status=decommissioned};Any{AppFunc=;ActiveDirectory,AppID=;65,AppName=;Authentication_Credentials,AppOwner=;Teigan_Matthams,Criticality=;2,Infrastructure=;Yes,PCI=;Category-2a,PII=;Yes,QualysAgent=;1,Realm=;Azure-Central-US,System=;src_ip=10.100.17.10;dst_ip=10.10.15.6 | CommonSecurityLog | ||||||
| 88 | 4/9/2021, 5:06:03.881 AM | vArmour | AC | 1 | 1 | ac-01 | 88 | vm-ActiveDirectory10_10_15_8 | udp | Data_Lake10_100_17_10.prod.acme.com | 6 | POLICY_VIOLATION | krb | 84 | ActvityFromDecommissionedDevice{Decom_Out} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | status=;decommissioned{AppFunc=;Data-Lake,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;2,PCI=;Category-2c,PII=;No,QualysAgent=;Yes,RTO=;4,Realm=;PROD,Region=;NewYork-DC,System=;Internal,TaniumAgent=Yes};Yes,status=decommissioned};Any{AppFunc=;ActiveDirectory,AppID=;65,AppName=;Authentication_Credentials,AppOwner=;Teigan_Matthams,Criticality=;2,Infrastructure=;Yes,PCI=;Category-2a,PII=;Yes,QualysAgent=;1,Realm=;Azure-Central-US,System=;src_ip=10.100.17.10;dst_ip=10.10.15.8 | CommonSecurityLog | ||||||
| 89 | 4/9/2021, 5:06:03.881 AM | vArmour | AC | 1 | 1 | ac-01 | 88 | vm-ActiveDirectory10_10_15_1 | udp | Data_Lake10_100_17_10.prod.acme.com | 6 | POLICY_VIOLATION | krb | 70 | ActvityFromDecommissionedDevice{Decom_Out} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | status=;decommissioned{AppFunc=;Data-Lake,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;2,PCI=;Category-2c,PII=;No,QualysAgent=;Yes,RTO=;4,Realm=;PROD,Region=;NewYork-DC,System=;Internal,TaniumAgent=Yes};Yes,status=decommissioned};Any{AppFunc=;ActiveDirectory,AppID=;65,AppName=;Authentication_Credentials,AppOwner=;Teigan_Matthams,Criticality=;2,Infrastructure=;Yes,PCI=;Category-2a,PII=;Yes,QualysAgent=;1,Realm=;Azure-Central-US,System=;src_ip=10.100.17.10;dst_ip=10.10.15.1 | CommonSecurityLog | ||||||
| 90 | 4/9/2021, 5:06:03.881 AM | vArmour | AC | 1 | 1 | ac-01 | 50075 | Data_Lake10_100_17_10.prod.acme.com | tcp | Hadoop10_100_15_26.prod.acme.com | 6 | POLICY_VIOLATION | unknown_tcp | 43 | ActvityFromDecommissionedDevice{Decom_In} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | Any{AppFunc=;Hadoop,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;3,PCI=;Category-3,PII=;No,QualysAgent=;Yes,RTO=;4,Realm=;TEST,Region=;NewYork-DC,System=;Internal,TaniumAgent=;status=;decommissioned{AppFunc=;Data-Lake,AppID=;2,PCI=;Category-2c,PII=;PROD,Region=;Yes,status=decommissioned};src_ip=10.100.15.26;dst_ip=10.100.17.10 | CommonSecurityLog | ||||||
| 91 | 4/9/2021, 5:06:03.882 AM | vArmour | AC | 1 | 1 | ac-01 | 88 | vm-ActiveDirectory10_10_15_4 | udp | Data_Lake10_100_17_10.prod.acme.com | 6 | POLICY_VIOLATION | krb | 86 | ActvityFromDecommissionedDevice{Decom_Out} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | status=;decommissioned{AppFunc=;Data-Lake,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;2,PCI=;Category-2c,PII=;No,QualysAgent=;Yes,RTO=;4,Realm=;PROD,Region=;NewYork-DC,System=;Internal,TaniumAgent=Yes};Yes,status=decommissioned};Any{AppFunc=;ActiveDirectory,AppID=;65,AppName=;Authentication_Credentials,AppOwner=;Teigan_Matthams,Criticality=;2,Infrastructure=;Yes,PCI=;Category-2a,PII=;Yes,QualysAgent=;1,Realm=;Azure-Central-US,System=;src_ip=10.100.17.10;dst_ip=10.10.15.4 | CommonSecurityLog | ||||||
| 92 | 4/9/2021, 5:06:03.882 AM | vArmour | AC | 1 | 1 | ac-01 | 88 | vm-ActiveDirectory10_10_15_8 | udp | Data_Lake10_100_17_10.prod.acme.com | 6 | POLICY_VIOLATION | krb | 84 | ActvityFromDecommissionedDevice{Decom_Out} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | status=;decommissioned{AppFunc=;Data-Lake,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;2,PCI=;Category-2c,PII=;No,QualysAgent=;Yes,RTO=;4,Realm=;PROD,Region=;NewYork-DC,System=;Internal,TaniumAgent=Yes};Yes,status=decommissioned};Any{AppFunc=;ActiveDirectory,AppID=;65,AppName=;Authentication_Credentials,AppOwner=;Teigan_Matthams,Criticality=;2,Infrastructure=;Yes,PCI=;Category-2a,PII=;Yes,QualysAgent=;1,Realm=;Azure-Central-US,System=;src_ip=10.100.17.10;dst_ip=10.10.15.8 | CommonSecurityLog | ||||||
| 93 | 4/9/2021, 5:06:03.882 AM | vArmour | AC | 1 | 1 | ac-01 | 88 | vm-ActiveDirectory10_10_15_1 | udp | Data_Lake10_100_17_10.prod.acme.com | 6 | POLICY_VIOLATION | krb | 70 | ActvityFromDecommissionedDevice{Decom_Out} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | status=;decommissioned{AppFunc=;Data-Lake,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;2,PCI=;Category-2c,PII=;No,QualysAgent=;Yes,RTO=;4,Realm=;PROD,Region=;NewYork-DC,System=;Internal,TaniumAgent=Yes};Yes,status=decommissioned};Any{AppFunc=;ActiveDirectory,AppID=;65,AppName=;Authentication_Credentials,AppOwner=;Teigan_Matthams,Criticality=;2,Infrastructure=;Yes,PCI=;Category-2a,PII=;Yes,QualysAgent=;1,Realm=;Azure-Central-US,System=;src_ip=10.100.17.10;dst_ip=10.10.15.1 | CommonSecurityLog | ||||||
| 94 | 4/9/2021, 5:06:03.882 AM | vArmour | AC | 1 | 1 | ac-01 | 50075 | Data_Lake10_100_17_10.prod.acme.com | tcp | Hadoop10_100_15_26.prod.acme.com | 6 | POLICY_VIOLATION | unknown_tcp | 43 | ActvityFromDecommissionedDevice{Decom_In} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | Any{AppFunc=;Hadoop,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;3,PCI=;Category-3,PII=;No,QualysAgent=;Yes,RTO=;4,Realm=;TEST,Region=;NewYork-DC,System=;Internal,TaniumAgent=;status=;decommissioned{AppFunc=;Data-Lake,AppID=;2,PCI=;Category-2c,PII=;PROD,Region=;Yes,status=decommissioned};src_ip=10.100.15.26;dst_ip=10.100.17.10 | CommonSecurityLog | ||||||
| 95 | 4/9/2021, 5:06:03.882 AM | vArmour | AC | 1 | 1 | ac-01 | 50075 | Data_Lake10_100_17_10.prod.acme.com | tcp | Hadoop10_100_15_26.prod.acme.com | 6 | POLICY_VIOLATION | unknown_tcp | 43 | ActvityFromDecommissionedDevice{Decom_In} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | Any{AppFunc=;Hadoop,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;3,PCI=;Category-3,PII=;No,QualysAgent=;Yes,RTO=;4,Realm=;TEST,Region=;NewYork-DC,System=;Internal,TaniumAgent=;status=;decommissioned{AppFunc=;Data-Lake,AppID=;2,PCI=;Category-2c,PII=;PROD,Region=;Yes,status=decommissioned};src_ip=10.100.15.26;dst_ip=10.100.17.10 | CommonSecurityLog | ||||||
| 96 | 4/9/2021, 5:06:03.882 AM | vArmour | AC | 1 | 1 | ac-01 | 1433 | vm-DB-eCom-Orders10_200_3_1 | tcp | Inventory-Management10_21_22_2_vm | 6 | POLICY_VIOLATION | mssql | 79 | PCI-Policy{PCI-Policy_ID150_21} Customer-DB-PCI-Attestation-06-02-2020{Customer-DB-Base_ID146_20,permit},Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-3{AppFunc=;Inventory-Management,AppID=;23422,AppName=;Backoffice,AppOwner=;Rueben_Mckenzie,Criticality=;3,PCI=;Category-3,PII=;No,QualysAgent=;Yes,RTO=;1,Realm=;DEV,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};Category-1a{AppFunc=;DB-eCom-Orders,AppID=;844,AppName=;Customer-DB,AppOwner=;Albie_Garrison,CVE=;High,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;Oregon-DC,System=;src_ip=10.21.22.2;dst_ip=10.200.3.1 | CommonSecurityLog | ||||||
| 97 | 4/9/2021, 5:06:03.882 AM | vArmour | AC | 1 | 1 | ac-01 | 50075 | Data_Lake10_100_17_10.prod.acme.com | tcp | Hadoop10_100_15_26.prod.acme.com | 6 | POLICY_VIOLATION | unknown_tcp | 43 | ActvityFromDecommissionedDevice{Decom_In} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | Any{AppFunc=;Hadoop,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;3,PCI=;Category-3,PII=;No,QualysAgent=;Yes,RTO=;4,Realm=;TEST,Region=;NewYork-DC,System=;Internal,TaniumAgent=;status=;decommissioned{AppFunc=;Data-Lake,AppID=;2,PCI=;Category-2c,PII=;PROD,Region=;Yes,status=decommissioned};src_ip=10.100.15.26;dst_ip=10.100.17.10 | CommonSecurityLog | ||||||
| 98 | 4/9/2021, 5:06:03.882 AM | vArmour | AC | 1 | 1 | ac-01 | 1433 | vm-DB-eCom-Orders10_200_3_1 | tcp | Inventory-Management10_21_22_2_vm | 6 | POLICY_VIOLATION | mssql | 79 | PCI-Policy{PCI-Policy_ID150_21} Customer-DB-PCI-Attestation-06-02-2020{Customer-DB-Base_ID146_20,permit},Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-3{AppFunc=;Inventory-Management,AppID=;23422,AppName=;Backoffice,AppOwner=;Rueben_Mckenzie,Criticality=;3,PCI=;Category-3,PII=;No,QualysAgent=;Yes,RTO=;1,Realm=;DEV,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};Category-1a{AppFunc=;DB-eCom-Orders,AppID=;844,AppName=;Customer-DB,AppOwner=;Albie_Garrison,CVE=;High,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;Oregon-DC,System=;src_ip=10.21.22.2;dst_ip=10.200.3.1 | CommonSecurityLog | ||||||
| 99 | 4/9/2021, 5:06:03.882 AM | vArmour | AC | 1 | 1 | ac-01 | 1433 | vm-DB-eCom-Orders10_200_3_1 | tcp | Inventory-Management10_21_22_2_vm | 6 | POLICY_VIOLATION | mssql | 79 | PCI-Policy{PCI-Policy_ID150_21} Customer-DB-PCI-Attestation-06-02-2020{Customer-DB-Base_ID146_20,permit},Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-3{AppFunc=;Inventory-Management,AppID=;23422,AppName=;Backoffice,AppOwner=;Rueben_Mckenzie,Criticality=;3,PCI=;Category-3,PII=;No,QualysAgent=;Yes,RTO=;1,Realm=;DEV,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};Category-1a{AppFunc=;DB-eCom-Orders,AppID=;844,AppName=;Customer-DB,AppOwner=;Albie_Garrison,CVE=;High,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;Oregon-DC,System=;src_ip=10.21.22.2;dst_ip=10.200.3.1 | CommonSecurityLog | ||||||
| 100 | 4/9/2021, 5:06:03.882 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Credit_Bureau_110_100_24_1.prod.acme.com | tcp | vm-Credit-Check10_200_4_2 | 6 | POLICY_VIOLATION | https | 56 | RTO_MISMATCH{RTO1_MISMATCH} NewYork-DC-Oregon-DC-zero-trust-separation-region{NewYork-DC-Orego_ID2_3,permit},Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | RTO=;1{AppFunc=;Credit-Check,AppID=;6875,AppName=;Payments,AppOwner=;Sofija_Harwood,CVE=;Low,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;1,Realm=;PROD,Region=;Oregon-DC,System=;Internal,TaniumAgent=Yes};4{AppFunc=;Credit-Bureau-1,AppID=;1911,AppName=;3rd-Party-Credit-Bureau,AppOwner=;Albie_Garrison,Criticality=;2,PCI=;Category-3,PII=;No,QualysAgent=;4,Realm=;NewYork-DC,System=;src_ip=10.200.4.2;dst_ip=10.100.24.1 | CommonSecurityLog | ||||||
| 101 | 4/9/2021, 5:06:03.882 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Credit_Bureau_110_100_24_1.prod.acme.com | tcp | vm-Credit-Check10_200_4_2 | 6 | POLICY_VIOLATION | https | 56 | PCI-Policy{PCI-Policy_ID150_23} NewYork-DC-Oregon-DC-zero-trust-separation-region{NewYork-DC-Orego_ID2_3,permit},Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-1a{AppFunc=;Credit-Check,AppID=;6875,AppName=;Payments,AppOwner=;Sofija_Harwood,CVE=;Low,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;1,Realm=;PROD,Region=;Oregon-DC,System=;Internal,TaniumAgent=Yes};Category-3{AppFunc=;Credit-Bureau-1,AppID=;1911,AppName=;3rd-Party-Credit-Bureau,AppOwner=;Albie_Garrison,Criticality=;2,PCI=;Category-3,PII=;No,QualysAgent=;4,Realm=;NewYork-DC,System=;src_ip=10.200.4.2;dst_ip=10.100.24.1 | CommonSecurityLog | ||||||
| 102 | 4/9/2021, 5:06:03.883 AM | vArmour | AC | 1 | 1 | ac-01 | 50075 | Data_Lake10_100_17_10.prod.acme.com | tcp | Predictive_Pricing10_100_14_3.prod.acme.com | 6 | POLICY_VIOLATION | unknown_tcp | 41 | ActvityFromDecommissionedDevice{Decom_In} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | Any{AppFunc=;Predictive-Pricing,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,CVE=;Meduim,Criticality=;3,PCI=;Category-3,PII=;No,QualysAgent=;Yes,RTO=;4,Realm=;PROD,Region=;NewYork-DC,System=;Internal,TaniumAgent=;status=;decommissioned{AppFunc=;Data-Lake,AppID=;Tj_Sumner,Criticality=;2,PCI=;Category-2c,PII=;Yes,status=decommissioned};src_ip=10.100.14.3;dst_ip=10.100.17.10 | CommonSecurityLog | ||||||
| 103 | 4/9/2021, 5:06:03.883 AM | vArmour | AC | 1 | 1 | ac-01 | 1433 | vm-DB-eCom-Orders10_200_3_1 | tcp | Inventory-Management10_21_22_2_vm | 6 | POLICY_VIOLATION | mssql | 79 | PCI-Policy{PCI-Policy_ID150_21} Customer-DB-PCI-Attestation-06-02-2020{Customer-DB-Base_ID146_20,permit},Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-3{AppFunc=;Inventory-Management,AppID=;23422,AppName=;Backoffice,AppOwner=;Rueben_Mckenzie,Criticality=;3,PCI=;Category-3,PII=;No,QualysAgent=;Yes,RTO=;1,Realm=;DEV,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};Category-1a{AppFunc=;DB-eCom-Orders,AppID=;844,AppName=;Customer-DB,AppOwner=;Albie_Garrison,CVE=;High,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;Oregon-DC,System=;src_ip=10.21.22.2;dst_ip=10.200.3.1 | CommonSecurityLog | ||||||
| 104 | 4/9/2021, 5:06:03.883 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Credit_Bureau_110_100_24_1.prod.acme.com | tcp | vm-Credit-Check10_200_4_2 | 6 | POLICY_VIOLATION | https | 56 | RTO_MISMATCH{RTO1_MISMATCH} NewYork-DC-Oregon-DC-zero-trust-separation-region{NewYork-DC-Orego_ID2_3,permit},Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | RTO=;1{AppFunc=;Credit-Check,AppID=;6875,AppName=;Payments,AppOwner=;Sofija_Harwood,CVE=;Low,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;1,Realm=;PROD,Region=;Oregon-DC,System=;Internal,TaniumAgent=Yes};4{AppFunc=;Credit-Bureau-1,AppID=;1911,AppName=;3rd-Party-Credit-Bureau,AppOwner=;Albie_Garrison,Criticality=;2,PCI=;Category-3,PII=;No,QualysAgent=;4,Realm=;NewYork-DC,System=;src_ip=10.200.4.2;dst_ip=10.100.24.1 | CommonSecurityLog | ||||||
| 105 | 4/9/2021, 5:06:03.883 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Credit_Bureau_110_100_24_1.prod.acme.com | tcp | vm-Credit-Check10_200_4_2 | 6 | POLICY_VIOLATION | https | 56 | PCI-Policy{PCI-Policy_ID150_23} NewYork-DC-Oregon-DC-zero-trust-separation-region{NewYork-DC-Orego_ID2_3,permit},Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-1a{AppFunc=;Credit-Check,AppID=;6875,AppName=;Payments,AppOwner=;Sofija_Harwood,CVE=;Low,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;1,Realm=;PROD,Region=;Oregon-DC,System=;Internal,TaniumAgent=Yes};Category-3{AppFunc=;Credit-Bureau-1,AppID=;1911,AppName=;3rd-Party-Credit-Bureau,AppOwner=;Albie_Garrison,Criticality=;2,PCI=;Category-3,PII=;No,QualysAgent=;4,Realm=;NewYork-DC,System=;src_ip=10.200.4.2;dst_ip=10.100.24.1 | CommonSecurityLog | ||||||
| 106 | 4/9/2021, 5:06:03.883 AM | vArmour | AC | 1 | 1 | ac-01 | 50075 | Data_Lake10_100_17_10.prod.acme.com | tcp | Predictive_Pricing10_100_14_3.prod.acme.com | 6 | POLICY_VIOLATION | unknown_tcp | 41 | ActvityFromDecommissionedDevice{Decom_In} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | Any{AppFunc=;Predictive-Pricing,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,CVE=;Meduim,Criticality=;3,PCI=;Category-3,PII=;No,QualysAgent=;Yes,RTO=;4,Realm=;PROD,Region=;NewYork-DC,System=;Internal,TaniumAgent=;status=;decommissioned{AppFunc=;Data-Lake,AppID=;Tj_Sumner,Criticality=;2,PCI=;Category-2c,PII=;Yes,status=decommissioned};src_ip=10.100.14.3;dst_ip=10.100.17.10 | CommonSecurityLog | ||||||
| 107 | 4/9/2021, 5:06:03.883 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Credit_Bureau_110_100_24_1.prod.acme.com | tcp | vm-Credit-Check10_200_4_2 | 6 | POLICY_VIOLATION | https | 56 | RTO_MISMATCH{RTO1_MISMATCH} NewYork-DC-Oregon-DC-zero-trust-separation-region{NewYork-DC-Orego_ID2_3,permit},Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | RTO=;1{AppFunc=;Credit-Check,AppID=;6875,AppName=;Payments,AppOwner=;Sofija_Harwood,CVE=;Low,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;1,Realm=;PROD,Region=;Oregon-DC,System=;Internal,TaniumAgent=Yes};4{AppFunc=;Credit-Bureau-1,AppID=;1911,AppName=;3rd-Party-Credit-Bureau,AppOwner=;Albie_Garrison,Criticality=;2,PCI=;Category-3,PII=;No,QualysAgent=;4,Realm=;NewYork-DC,System=;src_ip=10.200.4.2;dst_ip=10.100.24.1 | CommonSecurityLog | ||||||
| 108 | 4/9/2021, 5:06:03.883 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Credit_Bureau_110_100_24_1.prod.acme.com | tcp | vm-Credit-Check10_200_4_2 | 6 | POLICY_VIOLATION | https | 56 | PCI-Policy{PCI-Policy_ID150_23} NewYork-DC-Oregon-DC-zero-trust-separation-region{NewYork-DC-Orego_ID2_3,permit},Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-1a{AppFunc=;Credit-Check,AppID=;6875,AppName=;Payments,AppOwner=;Sofija_Harwood,CVE=;Low,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;1,Realm=;PROD,Region=;Oregon-DC,System=;Internal,TaniumAgent=Yes};Category-3{AppFunc=;Credit-Bureau-1,AppID=;1911,AppName=;3rd-Party-Credit-Bureau,AppOwner=;Albie_Garrison,Criticality=;2,PCI=;Category-3,PII=;No,QualysAgent=;4,Realm=;NewYork-DC,System=;src_ip=10.200.4.2;dst_ip=10.100.24.1 | CommonSecurityLog | ||||||
| 109 | 4/9/2021, 5:06:03.890 AM | vArmour | AC | 1 | 1 | ac-01 | 50075 | Data_Lake10_100_17_10.prod.acme.com | tcp | Predictive_Pricing10_100_14_3.prod.acme.com | 6 | POLICY_VIOLATION | unknown_tcp | 41 | ActvityFromDecommissionedDevice{Decom_In} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | Any{AppFunc=;Predictive-Pricing,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,CVE=;Meduim,Criticality=;3,PCI=;Category-3,PII=;No,QualysAgent=;Yes,RTO=;4,Realm=;PROD,Region=;NewYork-DC,System=;Internal,TaniumAgent=;status=;decommissioned{AppFunc=;Data-Lake,AppID=;Tj_Sumner,Criticality=;2,PCI=;Category-2c,PII=;Yes,status=decommissioned};src_ip=10.100.14.3;dst_ip=10.100.17.10 | CommonSecurityLog | ||||||
| 110 | 4/9/2021, 5:06:03.890 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Credit_Bureau_110_100_24_1.prod.acme.com | tcp | vm-Credit-Check10_200_4_2 | 6 | POLICY_VIOLATION | https | 56 | RTO_MISMATCH{RTO1_MISMATCH} NewYork-DC-Oregon-DC-zero-trust-separation-region{NewYork-DC-Orego_ID2_3,permit},Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | RTO=;1{AppFunc=;Credit-Check,AppID=;6875,AppName=;Payments,AppOwner=;Sofija_Harwood,CVE=;Low,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;1,Realm=;PROD,Region=;Oregon-DC,System=;Internal,TaniumAgent=Yes};4{AppFunc=;Credit-Bureau-1,AppID=;1911,AppName=;3rd-Party-Credit-Bureau,AppOwner=;Albie_Garrison,Criticality=;2,PCI=;Category-3,PII=;No,QualysAgent=;4,Realm=;NewYork-DC,System=;src_ip=10.200.4.2;dst_ip=10.100.24.1 | CommonSecurityLog | ||||||
| 111 | 4/9/2021, 5:06:03.890 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Credit_Bureau_110_100_24_1.prod.acme.com | tcp | vm-Credit-Check10_200_4_2 | 6 | POLICY_VIOLATION | https | 56 | PCI-Policy{PCI-Policy_ID150_23} NewYork-DC-Oregon-DC-zero-trust-separation-region{NewYork-DC-Orego_ID2_3,permit},Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-1a{AppFunc=;Credit-Check,AppID=;6875,AppName=;Payments,AppOwner=;Sofija_Harwood,CVE=;Low,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;1,Realm=;PROD,Region=;Oregon-DC,System=;Internal,TaniumAgent=Yes};Category-3{AppFunc=;Credit-Bureau-1,AppID=;1911,AppName=;3rd-Party-Credit-Bureau,AppOwner=;Albie_Garrison,Criticality=;2,PCI=;Category-3,PII=;No,QualysAgent=;4,Realm=;NewYork-DC,System=;src_ip=10.200.4.2;dst_ip=10.100.24.1 | CommonSecurityLog | ||||||
| 112 | 4/9/2021, 5:06:03.890 AM | vArmour | AC | 1 | 1 | ac-01 | 50075 | Data_Lake10_100_17_10.prod.acme.com | tcp | Predictive_Pricing10_100_14_3.prod.acme.com | 6 | POLICY_VIOLATION | unknown_tcp | 41 | ActvityFromDecommissionedDevice{Decom_In} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | Any{AppFunc=;Predictive-Pricing,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,CVE=;Meduim,Criticality=;3,PCI=;Category-3,PII=;No,QualysAgent=;Yes,RTO=;4,Realm=;PROD,Region=;NewYork-DC,System=;Internal,TaniumAgent=;status=;decommissioned{AppFunc=;Data-Lake,AppID=;Tj_Sumner,Criticality=;2,PCI=;Category-2c,PII=;Yes,status=decommissioned};src_ip=10.100.14.3;dst_ip=10.100.17.10 | CommonSecurityLog | ||||||
| 113 | 4/9/2021, 5:06:03.890 AM | vArmour | AC | 1 | 1 | ac-01 | 50075 | Data_Lake10_100_17_10.prod.acme.com | tcp | Predictive_Pricing10_100_14_10.prod.acme.com | 6 | POLICY_VIOLATION | unknown_tcp | 75 | ActvityFromDecommissionedDevice{Decom_In} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | Any{AppFunc=;Predictive-Pricing,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,CVE=;Meduim,Criticality=;3,PCI=;Category-3,PII=;No,QualysAgent=;Yes,RTO=;4,Realm=;PROD,Region=;NewYork-DC,System=;Internal,TaniumAgent=;status=;decommissioned{AppFunc=;Data-Lake,AppID=;Tj_Sumner,Criticality=;2,PCI=;Category-2c,PII=;Yes,status=decommissioned};src_ip=10.100.14.10;dst_ip=10.100.17.10 | CommonSecurityLog | ||||||
| 114 | 4/9/2021, 5:06:03.890 AM | vArmour | AC | 1 | 1 | ac-01 | 50075 | Data_Lake10_100_17_10.prod.acme.com | tcp | Predictive_Pricing10_100_14_10.prod.acme.com | 6 | POLICY_VIOLATION | unknown_tcp | 75 | ActvityFromDecommissionedDevice{Decom_In} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | Any{AppFunc=;Predictive-Pricing,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,CVE=;Meduim,Criticality=;3,PCI=;Category-3,PII=;No,QualysAgent=;Yes,RTO=;4,Realm=;PROD,Region=;NewYork-DC,System=;Internal,TaniumAgent=;status=;decommissioned{AppFunc=;Data-Lake,AppID=;Tj_Sumner,Criticality=;2,PCI=;Category-2c,PII=;Yes,status=decommissioned};src_ip=10.100.14.10;dst_ip=10.100.17.10 | CommonSecurityLog | ||||||
| 115 | 4/9/2021, 5:06:03.891 AM | vArmour | AC | 1 | 1 | ac-01 | 80 | vm-Campaign-Mgmt-Frontend10_10_1_2 | tcp | Katharyn Kovach | 6 | POLICY_VIOLATION | https | 16 | Mobile-Banking_Application_Attestation_06-02-2020{Mobile-Banking_A_ID167_52} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | {AppFunc=;Sales,AppName=;Users,Criticality=;5,PCI=;Category-3,PII=;No,Realm=;PROD,Region=;NewYork-DC,SentinalOne=;Yes,System=;Internal,UserManager=Donald_Hernandez};AppName=;Mobile-Banking{AppFunc=;Campaign-Mgmt-Frontend,AppID=;47436,AppName=;Mobile-Banking,AppOwner=;Henna_Daly,Criticality=;4,PCI=;No,QualysAgent=;Yes,RTO=;2,Realm=;MGMT,Region=;Azure-Central-US,System=;Internal,TaniumAgent=Yes};src_ip=10.100.9.3;dst_ip=10.10.1.2 | CommonSecurityLog | ||||||
| 116 | 4/9/2021, 5:06:03.892 AM | vArmour | AC | 1 | 1 | ac-01 | 80 | vm-Campaign-Mgmt-Frontend10_10_1_2 | tcp | Katharyn Kovach | 6 | POLICY_VIOLATION | https | 16 | Mobile-Banking_Application_Attestation_06-02-2020{Mobile-Banking_A_ID167_52} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | {AppFunc=;Sales,AppName=;Users,Criticality=;5,PCI=;Category-3,PII=;No,Realm=;PROD,Region=;NewYork-DC,SentinalOne=;Yes,System=;Internal,UserManager=Donald_Hernandez};AppName=;Mobile-Banking{AppFunc=;Campaign-Mgmt-Frontend,AppID=;47436,AppName=;Mobile-Banking,AppOwner=;Henna_Daly,Criticality=;4,PCI=;No,QualysAgent=;Yes,RTO=;2,Realm=;MGMT,Region=;Azure-Central-US,System=;Internal,TaniumAgent=Yes};src_ip=10.100.9.3;dst_ip=10.10.1.2 | CommonSecurityLog | ||||||
| 117 | 4/9/2021, 5:06:03.892 AM | vArmour | AC | 1 | 1 | ac-01 | 80 | vm-Campaign-Mgmt-Frontend10_10_1_2 | tcp | Katharyn Kovach | 6 | POLICY_VIOLATION | https | Mobile-Banking_Application_Attestation_06-02-2020{Mobile-Banking_A_ID167_52} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | {AppFunc=;Sales,AppName=;Users,Criticality=;5,PCI=;Category-3,PII=;No,Realm=;PROD,Region=;NewYork-DC,SentinalOne=;Yes,System=;Internal,UserManager=Donald_Hernandez};AppName=;Mobile-Banking{AppFunc=;Campaign-Mgmt-Frontend,AppID=;47436,AppName=;Mobile-Banking,AppOwner=;Henna_Daly,Criticality=;4,PCI=;No,QualysAgent=;Yes,RTO=;2,Realm=;MGMT,Region=;Azure-Central-US,System=;Internal,TaniumAgent=Yes};src_ip=10.100.9.3;dst_ip=10.10.1.2 | CommonSecurityLog | |||||||
| 118 | 4/9/2021, 5:06:03.910 AM | vArmour | AC | 1 | 1 | ac-01 | Credit_Bureau_210_100_25_1.prod.acme.com | vm-Credit-Check10_200_4_2 | 6 | POLICY_VIOLATION | PCI-Policy{PCI-Policy_ID150_23} NewYork-DC-Oregon-DC-zero-trust-separation-region{NewYork-DC-Orego_ID2_3,permit},Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-1a{AppFunc=;Credit-Check,AppID=;6875,AppName=;Payments,AppOwner=;Sofija_Harwood,CVE=;Low,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;1,Realm=;PROD,Region=;Oregon-DC,System=;Internal,TaniumAgent=Yes};Category-3{AppFunc=;Credit-Bureau-2,AppID=;1911,AppName=;3rd-Party-Credit-Bureau,AppOwner=;Albie_Garrison,Criticality=;2,PCI=;Category-3,PII=;No,QualysAgent=;4,Realm=;NewYork-DC,System=;src_ip=10.200.4.2;dst_ip=1] | CommonSecurityLog | ||||||||||
| 119 | 4/9/2021, 5:06:03.911 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Pick-and-Pack10_21_23_1_vm | tcp | Transaction-Server10_21_13_1_vm | 6 | POLICY_VIOLATION | https | 64 | PCI-Policy{PCI-Policy_ID150_23} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-1a{AppFunc=;Transaction-Server,AppID=;926,AppName=;eCommerce,AppOwner=;Antonina_Moran,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;3,Realm=;PROD,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};Category-3{AppFunc=;Pick-and-Pack,AppID=;23422,AppName=;Backoffice,AppOwner=;Rueben_Mckenzie,Criticality=;3,PCI=;Category-3,PII=;No,QualysAgent=;1,Realm=;TEST,Region=;src_ip=10.21.13.1;dst_ip=10.21.23.1 | CommonSecurityLog | ||||||
| 120 | 4/9/2021, 5:06:03.911 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Pick-and-Pack10_21_23_1_vm | tcp | Transaction-Server10_21_13_1_vm | 6 | POLICY_VIOLATION | https | PCI-Policy{PCI-Policy_ID150_23} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-1a{AppFunc=;Transaction-Server,AppID=;926,AppName=;eCommerce,AppOwner=;Antonina_Moran,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;3,Realm=;PROD,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};Category-3{AppFunc=;Pick-and-Pack,AppID=;23422,AppName=;Backoffice,AppOwner=;Rueben_Mckenzie,Criticality=;3,PCI=;Category-3,PII=;No,QualysAgent=;1,Realm=;TEST,Region=;src_ip=10.21.13.1;dst_ip=10.21.23.1 | CommonSecurityLog | |||||||
| 121 | 4/9/2021, 5:06:03.911 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Pick-and-Pack10_21_23_1_vm | tcp | Transaction-Server10_21_13_3_vm | 6 | POLICY_VIOLATION | https | 58 | PCI-Policy{PCI-Policy_ID150_23} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-1a{AppFunc=;Transaction-Server,AppID=;926,AppName=;eCommerce,AppOwner=;Antonina_Moran,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;3,Realm=;PROD,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};Category-3{AppFunc=;Pick-and-Pack,AppID=;23422,AppName=;Backoffice,AppOwner=;Rueben_Mckenzie,Criticality=;3,PCI=;Category-3,PII=;No,QualysAgent=;1,Realm=;TEST,Region=;src_ip=10.21.13.3;dst_ip=10.21.23.1 | CommonSecurityLog | ||||||
| 122 | 4/9/2021, 5:06:03.913 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | vm-Campaign-Mgmt-Frontend10_10_1_1 | tcp | John Savoy | 6 | POLICY_VIOLATION | http | 3 | Mobile-Banking_Application_Attestation_06-02-2020{Mobile-Banking_A_ID167_52} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | {AppFunc=;Sales,AppName=;Users,Criticality=;5,PCI=;Category-3,PII=;No,Realm=;PROD,Region=;NewYork-DC,SentinalOne=;No,System=;Internal,UserManager=Donald_Hernandez};AppName=;Mobile-Banking{AppFunc=;Campaign-Mgmt-Frontend,AppID=;47436,AppName=;Mobile-Banking,AppOwner=;Henna_Daly,Criticality=;4,PCI=;No,QualysAgent=;Yes,RTO=;2,Realm=;MGMT,Region=;Azure-Central-US,System=;Internal,TaniumAgent=Yes};src_ip=10.100.9.5;dst_ip=10.10.1.1 | CommonSecurityLog | ||||||
| 123 | 4/9/2021, 5:06:03.918 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Risk_Modeling10_100_13_5.prod.acme.com | tcp | Fraud-Monitoring10_21_14_1_vm | 6 | POLICY_VIOLATION | https | 45 | PCI-Policy{PCI-Policy_ID150_25} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-1a{AppFunc=;Fraud-Monitoring,AppID=;926,AppName=;eCommerce,AppOwner=;Antonina_Moran,Criticality=;2,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;3,Realm=;PROD,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};Category-2b{AppFunc=;Risk-Modeling,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;3,PCI=;Category-2b,PII=;No,QualysAgent=;4,Realm=;TEST,Region=;NewYork-DC,System=;src_ip=10.21.14.1;dst_ip=10.100.13.5 | CommonSecurityLog | ||||||
| 124 | 4/9/2021, 5:06:03.919 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | vm-Campaign-Mgmt-Frontend10_10_1_1 | tcp | John Savoy | 6 | POLICY_VIOLATION | http | 3 | Mobile-Banking_Application_Attestation_06-02-2020{Mobile-Banking_A_ID167_52} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | {AppFunc=;Sales,AppName=;Users,Criticality=;5,PCI=;Category-3,PII=;No,Realm=;PROD,Region=;NewYork-DC,SentinalOne=;No,System=;Internal,UserManager=Donald_Hernandez};AppName=;Mobile-Banking{AppFunc=;Campaign-Mgmt-Frontend,AppID=;47436,AppName=;Mobile-Banking,AppOwner=;Henna_Daly,Criticality=;4,PCI=;No,QualysAgent=;Yes,RTO=;2,Realm=;MGMT,Region=;Azure-Central-US,System=;Internal,TaniumAgent=Yes};src_ip=10.100.9.5;dst_ip=10.10.1.1 | CommonSecurityLog | ||||||
| 125 | 4/9/2021, 5:06:03.919 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | vm-Campaign-Mgmt-Frontend10_10_1_2 | tcp | John Savoy | 6 | POLICY_VIOLATION | http | 40 | Mobile-Banking_Application_Attestation_06-02-2020{Mobile-Banking_A_ID167_52} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | {AppFunc=;Sales,AppName=;Users,Criticality=;5,PCI=;Category-3,PII=;No,Realm=;PROD,Region=;NewYork-DC,SentinalOne=;No,System=;Internal,UserManager=Donald_Hernandez};AppName=;Mobile-Banking{AppFunc=;Campaign-Mgmt-Frontend,AppID=;47436,AppName=;Mobile-Banking,AppOwner=;Henna_Daly,Criticality=;4,PCI=;No,QualysAgent=;Yes,RTO=;2,Realm=;MGMT,Region=;Azure-Central-US,System=;Internal,TaniumAgent=Yes};src_ip=10.100.9.5;dst_ip=10.10.1.2 | CommonSecurityLog | ||||||
| 126 | 4/9/2021, 5:06:03.919 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Credit_Bureau_310_100_26_1.prod.acme.com | tcp | vm-Credit-Check10_200_4_2 | 6 | POLICY_VIOLATION | https | 29 | RTO_MISMATCH{RTO1_MISMATCH} NewYork-DC-Oregon-DC-zero-trust-separation-region{NewYork-DC-Orego_ID2_3,permit},Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | RTO=;1{AppFunc=;Credit-Check,AppID=;6875,AppName=;Payments,AppOwner=;Sofija_Harwood,CVE=;Low,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;1,Realm=;PROD,Region=;Oregon-DC,System=;Internal,TaniumAgent=Yes};4{AppFunc=;Credit-Bureau-3,AppID=;1911,AppName=;3rd-Party-Credit-Bureau,AppOwner=;Albie_Garrison,Criticality=;2,PCI=;Category-3,PII=;No,QualysAgent=;4,Realm=;NewYork-DC,System=;src_ip=10.200.4.2;dst_ip=10.100.26.1 | CommonSecurityLog | ||||||
| 127 | 4/9/2021, 5:06:03.919 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | vm-Campaign-Mgmt-Frontend10_10_1_2 | tcp | John Savoy | 6 | POLICY_VIOLATION | http | 40 | Mobile-Banking_Application_Attestation_06-02-2020{Mobile-Banking_A_ID167_52} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | {AppFunc=;Sales,AppName=;Users,Criticality=;5,PCI=;Category-3,PII=;No,Realm=;PROD,Region=;NewYork-DC,SentinalOne=;No,System=;Internal,UserManager=Donald_Hernandez};AppName=;Mobile-Banking{AppFunc=;Campaign-Mgmt-Frontend,AppID=;47436,AppName=;Mobile-Banking,AppOwner=;Henna_Daly,Criticality=;4,PCI=;No,QualysAgent=;Yes,RTO=;2,Realm=;MGMT,Region=;Azure-Central-US,System=;Internal,TaniumAgent=Yes};src_ip=10.100.9.5;dst_ip=10.10.1.2 | CommonSecurityLog | ||||||
| 128 | 4/9/2021, 5:06:03.919 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Credit_Bureau_310_100_26_1.prod.acme.com | tcp | vm-Credit-Check10_200_4_2 | 6 | POLICY_VIOLATION | https | 29 | RTO_MISMATCH{RTO1_MISMATCH} NewYork-DC-Oregon-DC-zero-trust-separation-region{NewYork-DC-Orego_ID2_3,permit},Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | RTO=;1{AppFunc=;Credit-Check,AppID=;6875,AppName=;Payments,AppOwner=;Sofija_Harwood,CVE=;Low,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;1,Realm=;PROD,Region=;Oregon-DC,System=;Internal,TaniumAgent=Yes};4{AppFunc=;Credit-Bureau-3,AppID=;1911,AppName=;3rd-Party-Credit-Bureau,AppOwner=;Albie_Garrison,Criticality=;2,PCI=;Category-3,PII=;No,QualysAgent=;4,Realm=;NewYork-DC,System=;src_ip=10.200.4.2;dst_ip=10.100.26.1 | CommonSecurityLog | ||||||
| 129 | 4/9/2021, 5:06:03.919 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Credit_Bureau_310_100_26_1.prod.acme.com | tcp | vm-Credit-Check10_200_4_2 | 6 | POLICY_VIOLATION | https | 29 | PCI-Policy{PCI-Policy_ID150_23} NewYork-DC-Oregon-DC-zero-trust-separation-region{NewYork-DC-Orego_ID2_3,permit},Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-1a{AppFunc=;Credit-Check,AppID=;6875,AppName=;Payments,AppOwner=;Sofija_Harwood,CVE=;Low,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;1,Realm=;PROD,Region=;Oregon-DC,System=;Internal,TaniumAgent=Yes};Category-3{AppFunc=;Credit-Bureau-3,AppID=;1911,AppName=;3rd-Party-Credit-Bureau,AppOwner=;Albie_Garrison,Criticality=;2,PCI=;Category-3,PII=;No,QualysAgent=;4,Realm=;NewYork-DC,System=;src_ip=10.200.4.2;dst_ip=10.100.26.1 | CommonSecurityLog | ||||||
| 130 | 4/9/2021, 5:06:03.919 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Credit_Bureau_310_100_26_1.prod.acme.com | tcp | vm-Credit-Check10_200_4_2 | 6 | POLICY_VIOLATION | https | 29 | PCI-Policy{PCI-Policy_ID150_23} NewYork-DC-Oregon-DC-zero-trust-separation-region{NewYork-DC-Orego_ID2_3,permit},Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-1a{AppFunc=;Credit-Check,AppID=;6875,AppName=;Payments,AppOwner=;Sofija_Harwood,CVE=;Low,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;1,Realm=;PROD,Region=;Oregon-DC,System=;Internal,TaniumAgent=Yes};Category-3{AppFunc=;Credit-Bureau-3,AppID=;1911,AppName=;3rd-Party-Credit-Bureau,AppOwner=;Albie_Garrison,Criticality=;2,PCI=;Category-3,PII=;No,QualysAgent=;4,Realm=;NewYork-DC,System=;src_ip=10.200.4.2;dst_ip=10.100.26.1 | CommonSecurityLog | ||||||
| 131 | 4/9/2021, 5:06:03.920 AM | vArmour | AC | 1 | 1 | ac-01 | 1433 | MSSQL10_100_10_1.prod.acme.com | tcp | Seating-and-Pricing10_20_3_2_vm | 6 | POLICY_VIOLATION | mssql | 47 | CVE_CRITICAL{Outbound} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | CVE=;Critical{AppFunc=;Seating-and-Pricing,AppID=;37624,AppName=;Mobile-OEM-Platforms,AppOwner=;Albie_Garrison,CVE=;Critical,Criticality=;1,PCI=;Category-3,PII=;No,QualysAgent=;Yes,RTO=;3,Realm=;PROD,Region=;AWS-US-East,System=;Internal,TaniumAgent=Yes};Criticality=;1{AppFunc=;MSSQL,AppID=;3444,AppName=;Ref-Databases,AppOwner=;Alissia_Holden,Criticality=;1,Realm=;NewYork-DC,System=;src_ip=10.20.3.2;dst_ip=10.100.10.1 | CommonSecurityLog | ||||||
| 132 | 4/9/2021, 5:06:03.920 AM | vArmour | AC | 1 | 1 | ac-01 | 1433 | MSSQL10_100_10_1.prod.acme.com | tcp | Seating-and-Pricing10_20_3_2_vm | 6 | POLICY_VIOLATION | mssql | 47 | CVE_CRITICAL{Outbound} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | CVE=;Critical{AppFunc=;Seating-and-Pricing,AppID=;37624,AppName=;Mobile-OEM-Platforms,AppOwner=;Albie_Garrison,CVE=;Critical,Criticality=;1,PCI=;Category-3,PII=;No,QualysAgent=;Yes,RTO=;3,Realm=;PROD,Region=;AWS-US-East,System=;Internal,TaniumAgent=Yes};Criticality=;1{AppFunc=;MSSQL,AppID=;3444,AppName=;Ref-Databases,AppOwner=;Alissia_Holden,Criticality=;1,Realm=;NewYork-DC,System=;src_ip=10.20.3.2;dst_ip=10.100.10.1 | CommonSecurityLog | ||||||
| 133 | 4/9/2021, 5:06:03.920 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Credit_Bureau_310_100_26_1.prod.acme.com | tcp | vm-Credit-Check10_200_4_2 | 6 | POLICY_VIOLATION | https | 29 | PCI-Policy{PCI-Policy_ID150_23} NewYork-DC-Oregon-DC-zero-trust-separation-region{NewYork-DC-Orego_ID2_3,permit},Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-1a{AppFunc=;Credit-Check,AppID=;6875,AppName=;Payments,AppOwner=;Sofija_Harwood,CVE=;Low,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;1,Realm=;PROD,Region=;Oregon-DC,System=;Internal,TaniumAgent=Yes};Category-3{AppFunc=;Credit-Bureau-3,AppID=;1911,AppName=;3rd-Party-Credit-Bureau,AppOwner=;Albie_Garrison,Criticality=;2,PCI=;Category-3,PII=;No,QualysAgent=;4,Realm=;NewYork-DC,System=;src_ip=10.200.4.2;dst_ip=10.100.26.1 | CommonSecurityLog | ||||||
| 134 | 4/9/2021, 5:06:03.920 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Credit_Bureau_310_100_26_1.prod.acme.com | tcp | vm-Credit-Check10_200_4_2 | 6 | POLICY_VIOLATION | https | 29 | PCI-Policy{PCI-Policy_ID150_23} NewYork-DC-Oregon-DC-zero-trust-separation-region{NewYork-DC-Orego_ID2_3,permit},Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | PCI=;Category-1a{AppFunc=;Credit-Check,AppID=;6875,AppName=;Payments,AppOwner=;Sofija_Harwood,CVE=;Low,Criticality=;1,PCI=;Category-1a,PII=;Yes,QualysAgent=;Yes,RTO=;1,Realm=;PROD,Region=;Oregon-DC,System=;Internal,TaniumAgent=Yes};Category-3{AppFunc=;Credit-Bureau-3,AppID=;1911,AppName=;3rd-Party-Credit-Bureau,AppOwner=;Albie_Garrison,Criticality=;2,PCI=;Category-3,PII=;No,QualysAgent=;4,Realm=;NewYork-DC,System=;src_ip=10.200.4.2;dst_ip=10.100.26.1 | CommonSecurityLog | ||||||
| 135 | 4/9/2021, 5:06:03.920 AM | vArmour | AC | 1 | 1 | ac-01 | 1433 | MSSQL10_100_10_1.prod.acme.com | tcp | Seating-and-Pricing10_20_3_2_vm | 6 | POLICY_VIOLATION | mssql | 47 | CVE_CRITICAL{Outbound} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | CVE=;Critical{AppFunc=;Seating-and-Pricing,AppID=;37624,AppName=;Mobile-OEM-Platforms,AppOwner=;Albie_Garrison,CVE=;Critical,Criticality=;1,PCI=;Category-3,PII=;No,QualysAgent=;Yes,RTO=;3,Realm=;PROD,Region=;AWS-US-East,System=;Internal,TaniumAgent=Yes};Criticality=;1{AppFunc=;MSSQL,AppID=;3444,AppName=;Ref-Databases,AppOwner=;Alissia_Holden,Criticality=;1,Realm=;NewYork-DC,System=;src_ip=10.20.3.2;dst_ip=10.100.10.1 | CommonSecurityLog | ||||||
| 136 | 4/9/2021, 5:06:03.920 AM | vArmour | AC | 1 | 1 | ac-01 | 1433 | MSSQL10_100_10_2.prod.acme.com | tcp | Seating-and-Pricing10_20_3_2_vm | 6 | POLICY_VIOLATION | mssql | 36 | CVE_CRITICAL{Outbound} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | CVE=;Critical{AppFunc=;Seating-and-Pricing,AppID=;37624,AppName=;Mobile-OEM-Platforms,AppOwner=;Albie_Garrison,CVE=;Critical,Criticality=;1,PCI=;Category-3,PII=;No,QualysAgent=;Yes,RTO=;3,Realm=;PROD,Region=;AWS-US-East,System=;Internal,TaniumAgent=Yes};Criticality=;1{AppFunc=;MSSQL,AppID=;3444,AppName=;Ref-Databases,AppOwner=;Alissia_Holden,Criticality=;1,Realm=;NewYork-DC,System=;src_ip=10.20.3.2;dst_ip=10.100.10.2 | CommonSecurityLog | ||||||
| 137 | 4/9/2021, 5:06:03.920 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Predictive_Pricing10_100_14_2.prod.acme.com | tcp | 10.21.21.2 | 6 | POLICY_VIOLATION | https | 21 | RTO_MISMATCH{RTO1_MISMATCH} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | RTO=;1{AppFunc=;Realtime-Pricing,AppID=;23422,AppName=;Backoffice,AppOwner=;Rueben_Mckenzie,Criticality=;3,PCI=;Category-3,PII=;No,QualysAgent=;Yes,RTO=;1,Realm=;PROD,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};4{AppFunc=;Predictive-Pricing,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;4,Realm=;NewYork-DC,System=;src_ip=10.21.21.2;dst_ip=10.100.14.2 | CommonSecurityLog | ||||||
| 138 | 4/9/2021, 5:06:03.920 AM | vArmour | AC | 1 | 1 | ac-01 | 1433 | MSSQL10_100_10_2.prod.acme.com | tcp | Seating-and-Pricing10_20_3_2_vm | 6 | POLICY_VIOLATION | mssql | 36 | CVE_CRITICAL{Outbound} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | CVE=;Critical{AppFunc=;Seating-and-Pricing,AppID=;37624,AppName=;Mobile-OEM-Platforms,AppOwner=;Albie_Garrison,CVE=;Critical,Criticality=;1,PCI=;Category-3,PII=;No,QualysAgent=;Yes,RTO=;3,Realm=;PROD,Region=;AWS-US-East,System=;Internal,TaniumAgent=Yes};Criticality=;1{AppFunc=;MSSQL,AppID=;3444,AppName=;Ref-Databases,AppOwner=;Alissia_Holden,Criticality=;1,Realm=;NewYork-DC,System=;src_ip=10.20.3.2;dst_ip=10.100.10.2 | CommonSecurityLog | ||||||
| 139 | 4/9/2021, 5:06:03.920 AM | vArmour | AC | 1 | 1 | ac-01 | 1433 | MSSQL10_100_10_1.prod.acme.com | tcp | Seating-and-Pricing10_20_3_2_vm | 6 | POLICY_VIOLATION | mssql | 47 | CVE_CRITICAL{Outbound} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | CVE=;Critical{AppFunc=;Seating-and-Pricing,AppID=;37624,AppName=;Mobile-OEM-Platforms,AppOwner=;Albie_Garrison,CVE=;Critical,Criticality=;1,PCI=;Category-3,PII=;No,QualysAgent=;Yes,RTO=;3,Realm=;PROD,Region=;AWS-US-East,System=;Internal,TaniumAgent=Yes};Criticality=;1{AppFunc=;MSSQL,AppID=;3444,AppName=;Ref-Databases,AppOwner=;Alissia_Holden,Criticality=;1,Realm=;NewYork-DC,System=;src_ip=10.20.3.2;dst_ip=10.100.10.1 | CommonSecurityLog | ||||||
| 140 | 4/9/2021, 5:06:03.920 AM | vArmour | AC | 1 | 1 | ac-01 | 1433 | MSSQL10_100_10_2.prod.acme.com | tcp | Seating-and-Pricing10_20_3_2_vm | 6 | POLICY_VIOLATION | mssql | 36 | CVE_CRITICAL{Outbound} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | CVE=;Critical{AppFunc=;Seating-and-Pricing,AppID=;37624,AppName=;Mobile-OEM-Platforms,AppOwner=;Albie_Garrison,CVE=;Critical,Criticality=;1,PCI=;Category-3,PII=;No,QualysAgent=;Yes,RTO=;3,Realm=;PROD,Region=;AWS-US-East,System=;Internal,TaniumAgent=Yes};Criticality=;1{AppFunc=;MSSQL,AppID=;3444,AppName=;Ref-Databases,AppOwner=;Alissia_Holden,Criticality=;1,Realm=;NewYork-DC,System=;src_ip=10.20.3.2;dst_ip=10.100.10.2 | CommonSecurityLog | ||||||
| 141 | 4/9/2021, 5:06:03.920 AM | vArmour | AC | 1 | 1 | ac-01 | 1433 | MSSQL10_100_10_2.prod.acme.com | tcp | Seating-and-Pricing10_20_3_2_vm | 6 | POLICY_VIOLATION | mssql | 36 | CVE_CRITICAL{Outbound} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | CVE=;Critical{AppFunc=;Seating-and-Pricing,AppID=;37624,AppName=;Mobile-OEM-Platforms,AppOwner=;Albie_Garrison,CVE=;Critical,Criticality=;1,PCI=;Category-3,PII=;No,QualysAgent=;Yes,RTO=;3,Realm=;PROD,Region=;AWS-US-East,System=;Internal,TaniumAgent=Yes};Criticality=;1{AppFunc=;MSSQL,AppID=;3444,AppName=;Ref-Databases,AppOwner=;Alissia_Holden,Criticality=;1,Realm=;NewYork-DC,System=;src_ip=10.20.3.2;dst_ip=10.100.10.2 | CommonSecurityLog | ||||||
| 142 | 4/9/2021, 5:06:03.921 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Predictive_Pricing10_100_14_2.prod.acme.com | tcp | 10.21.21.2 | 6 | POLICY_VIOLATION | https | 21 | RTO_MISMATCH{RTO1_MISMATCH} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | RTO=;1{AppFunc=;Realtime-Pricing,AppID=;23422,AppName=;Backoffice,AppOwner=;Rueben_Mckenzie,Criticality=;3,PCI=;Category-3,PII=;No,QualysAgent=;Yes,RTO=;1,Realm=;PROD,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};4{AppFunc=;Predictive-Pricing,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;4,Realm=;NewYork-DC,System=;src_ip=10.21.21.2;dst_ip=10.100.14.2 | CommonSecurityLog | ||||||
| 143 | 4/9/2021, 5:06:03.932 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Predictive_Pricing10_100_14_5.prod.acme.com | tcp | 10.21.21.1 | 6 | POLICY_VIOLATION | https | 34 | RTO_MISMATCH{RTO1_MISMATCH} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | RTO=;1{AppFunc=;Realtime-Pricing,AppID=;23422,AppName=;Backoffice,AppOwner=;Rueben_Mckenzie,Criticality=;3,PCI=;Category-3,PII=;No,QualysAgent=;Yes,RTO=;1,Realm=;PROD,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};4{AppFunc=;Predictive-Pricing,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;4,Realm=;NewYork-DC,System=;src_ip=10.21.21.1;dst_ip=10.100.14.5 | CommonSecurityLog | ||||||
| 144 | 4/9/2021, 5:06:03.938 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Predictive_Pricing10_100_14_5.prod.acme.com | tcp | 10.21.21.2 | 6 | POLICY_VIOLATION | https | 41 | RTO_MISMATCH{RTO1_MISMATCH} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | RTO=;1{AppFunc=;Realtime-Pricing,AppID=;23422,AppName=;Backoffice,AppOwner=;Rueben_Mckenzie,Criticality=;3,PCI=;Category-3,PII=;No,QualysAgent=;Yes,RTO=;1,Realm=;PROD,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};4{AppFunc=;Predictive-Pricing,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;4,Realm=;NewYork-DC,System=;src_ip=10.21.21.2;dst_ip=10.100.14.5 | CommonSecurityLog | ||||||
| 145 | 4/9/2021, 5:06:03.938 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Predictive_Pricing10_100_14_7.prod.acme.com | tcp | Realtime-Pricing10_21_21_4_vm | 6 | POLICY_VIOLATION | https | 87 | RTO_MISMATCH{RTO1_MISMATCH} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | RTO=;1{AppFunc=;Realtime-Pricing,AppID=;23422,AppName=;Backoffice,AppOwner=;Rueben_Mckenzie,Criticality=;3,PCI=;Category-3,PII=;No,QualysAgent=;Yes,RTO=;1,Realm=;PROD,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};4{AppFunc=;Predictive-Pricing,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;4,Realm=;NewYork-DC,System=;src_ip=10.21.21.4;dst_ip=10.100.14.7 | CommonSecurityLog | ||||||
| 146 | 4/9/2021, 5:06:03.938 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | Predictive_Pricing10_100_14_7.prod.acme.com | tcp | 10.21.21.1 | 6 | POLICY_VIOLATION | https | 68 | RTO_MISMATCH{RTO1_MISMATCH} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | RTO=;1{AppFunc=;Realtime-Pricing,AppID=;23422,AppName=;Backoffice,AppOwner=;Rueben_Mckenzie,Criticality=;3,PCI=;Category-3,PII=;No,QualysAgent=;Yes,RTO=;1,Realm=;PROD,Region=;AWS-US-West,System=;Internal,TaniumAgent=Yes};4{AppFunc=;Predictive-Pricing,AppID=;2014,AppName=;Risk-Calcs,AppOwner=;Tj_Sumner,Criticality=;4,Realm=;NewYork-DC,System=;src_ip=10.21.21.1;dst_ip=10.100.14.7 | CommonSecurityLog | ||||||
| 147 | 4/9/2021, 5:06:03.961 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | vm-Campaign-Mgmt-Frontend10_10_1_1 | tcp | Sharika Patino | 6 | POLICY_VIOLATION | http | 29 | Mobile-Banking_Application_Attestation_06-02-2020{Mobile-Banking_A_ID167_52} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | {AppFunc=;Sales,AppName=;Users,Criticality=;5,PCI=;Category-3,PII=;No,Realm=;PROD,Region=;NewYork-DC,SentinalOne=;Yes,System=;Internal,UserManager=Donald_Hernandez};AppName=;Mobile-Banking{AppFunc=;Campaign-Mgmt-Frontend,AppID=;47436,AppName=;Mobile-Banking,AppOwner=;Henna_Daly,Criticality=;4,PCI=;No,QualysAgent=;Yes,RTO=;2,Realm=;MGMT,Region=;Azure-Central-US,System=;Internal,TaniumAgent=Yes};src_ip=10.100.9.1;dst_ip=10.10.1.1 | CommonSecurityLog | ||||||
| 148 | 4/9/2021, 5:06:03.961 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | vm-Campaign-Mgmt-Frontend10_10_1_2 | tcp | Sharika Patino | 6 | POLICY_VIOLATION | http | 48 | Mobile-Banking_Application_Attestation_06-02-2020{Mobile-Banking_A_ID167_52} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | {AppFunc=;Sales,AppName=;Users,Criticality=;5,PCI=;Category-3,PII=;No,Realm=;PROD,Region=;NewYork-DC,SentinalOne=;Yes,System=;Internal,UserManager=Donald_Hernandez};AppName=;Mobile-Banking{AppFunc=;Campaign-Mgmt-Frontend,AppID=;47436,AppName=;Mobile-Banking,AppOwner=;Henna_Daly,Criticality=;4,PCI=;No,QualysAgent=;Yes,RTO=;2,Realm=;MGMT,Region=;Azure-Central-US,System=;Internal,TaniumAgent=Yes};src_ip=10.100.9.1;dst_ip=10.10.1.2 | CommonSecurityLog | ||||||
| 149 | 4/9/2021, 5:06:03.961 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | vm-Campaign-Mgmt-Frontend10_10_1_2 | tcp | Sharika Patino | 6 | POLICY_VIOLATION | http | 48 | Mobile-Banking_Application_Attestation_06-02-2020{Mobile-Banking_A_ID167_52} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | {AppFunc=;Sales,AppName=;Users,Criticality=;5,PCI=;Category-3,PII=;No,Realm=;PROD,Region=;NewYork-DC,SentinalOne=;Yes,System=;Internal,UserManager=Donald_Hernandez};AppName=;Mobile-Banking{AppFunc=;Campaign-Mgmt-Frontend,AppID=;47436,AppName=;Mobile-Banking,AppOwner=;Henna_Daly,Criticality=;4,PCI=;No,QualysAgent=;Yes,RTO=;2,Realm=;MGMT,Region=;Azure-Central-US,System=;Internal,TaniumAgent=Yes};src_ip=10.100.9.1;dst_ip=10.10.1.2 | CommonSecurityLog | ||||||
| 150 | 4/9/2021, 5:06:03.961 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | vm-Campaign-Mgmt-Frontend10_10_1_1 | tcp | Stephan Lacroix | 6 | POLICY_VIOLATION | http | 5 | Mobile-Banking_Application_Attestation_06-02-2020{Mobile-Banking_A_ID167_52} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | {AppFunc=;Sales,AppName=;Users,Criticality=;5,PCI=;Category-3,PII=;No,Realm=;PROD,Region=;NewYork-DC,SentinalOne=;Yes,System=;Internal,UserManager=Donald_Hernandez};AppName=;Mobile-Banking{AppFunc=;Campaign-Mgmt-Frontend,AppID=;47436,AppName=;Mobile-Banking,AppOwner=;Henna_Daly,Criticality=;4,PCI=;No,QualysAgent=;Yes,RTO=;2,Realm=;MGMT,Region=;Azure-Central-US,System=;Internal,TaniumAgent=Yes};src_ip=10.100.9.8;dst_ip=10.10.1.1 | CommonSecurityLog | ||||||
| 151 | 4/9/2021, 5:06:03.961 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | vm-Campaign-Mgmt-Frontend10_10_1_2 | tcp | Stephan Lacroix | 6 | POLICY_VIOLATION | http | 24 | Mobile-Banking_Application_Attestation_06-02-2020{Mobile-Banking_A_ID167_52} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | {AppFunc=;Sales,AppName=;Users,Criticality=;5,PCI=;Category-3,PII=;No,Realm=;PROD,Region=;NewYork-DC,SentinalOne=;Yes,System=;Internal,UserManager=Donald_Hernandez};AppName=;Mobile-Banking{AppFunc=;Campaign-Mgmt-Frontend,AppID=;47436,AppName=;Mobile-Banking,AppOwner=;Henna_Daly,Criticality=;4,PCI=;No,QualysAgent=;Yes,RTO=;2,Realm=;MGMT,Region=;Azure-Central-US,System=;Internal,TaniumAgent=Yes};src_ip=10.100.9.8;dst_ip=10.10.1.2 | CommonSecurityLog | ||||||
| 152 | 4/9/2021, 5:06:03.961 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | vm-Campaign-Mgmt-Frontend10_10_1_1 | tcp | Stephan Lacroix | 6 | POLICY_VIOLATION | http | 5 | Mobile-Banking_Application_Attestation_06-02-2020{Mobile-Banking_A_ID167_52} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | {AppFunc=;Sales,AppName=;Users,Criticality=;5,PCI=;Category-3,PII=;No,Realm=;PROD,Region=;NewYork-DC,SentinalOne=;Yes,System=;Internal,UserManager=Donald_Hernandez};AppName=;Mobile-Banking{AppFunc=;Campaign-Mgmt-Frontend,AppID=;47436,AppName=;Mobile-Banking,AppOwner=;Henna_Daly,Criticality=;4,PCI=;No,QualysAgent=;Yes,RTO=;2,Realm=;MGMT,Region=;Azure-Central-US,System=;Internal,TaniumAgent=Yes};src_ip=10.100.9.8;dst_ip=10.10.1.1 | CommonSecurityLog | ||||||
| 153 | 4/9/2021, 5:06:03.961 AM | vArmour | AC | 1 | 1 | ac-01 | 443 | vm-Campaign-Mgmt-Frontend10_10_1_2 | tcp | Stephan Lacroix | 6 | POLICY_VIOLATION | http | 24 | Mobile-Banking_Application_Attestation_06-02-2020{Mobile-Banking_A_ID167_52} Default{IntcCatchAll,permit} | policyName | srcLabels | dstLabels | {AppFunc=;Sales,AppName=;Users,Criticality=;5,PCI=;Category-3,PII=;No,Realm=;PROD,Region=;NewYork-DC,SentinalOne=;Yes,System=;Internal,UserManager=Donald_Hernandez};AppName=;Mobile-Banking{AppFunc=;Campaign-Mgmt-Frontend,AppID=;47436,AppName=;Mobile-Banking,AppOwner=;Henna_Daly,Criticality=;4,PCI=;No,QualysAgent=;Yes,RTO=;2,Realm=;MGMT,Region=;Azure-Central-US,System=;Internal,TaniumAgent=Yes};src_ip=10.100.9.8;dst_ip=10.10.1.2 | CommonSecurityLog |