Azure
/
Azure-Sentinel
зеркало из
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
Azure-Sentinel/Sample Data/Custom/ZNAccessOrchestratorAudit_C...

3335 строки
252 KiB
JSON
Исходник Ответственный История

[
{
"TimeGenerated [UTC]": "3/26/2022, 9:30:01.200 PM",
"timestamp_d": 1648330149983,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/26/2022, 9:30:01.200 PM",
"timestamp_d": 1648330149874,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/27/2022, 5:30:01.799 AM",
"timestamp_d": 1648358950378,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/27/2022, 5:30:01.799 AM",
"timestamp_d": 1648358950272,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/27/2022, 1:30:01.892 PM",
"timestamp_d": 1648387750543,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/27/2022, 1:30:01.892 PM",
"timestamp_d": 1648387750437,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/25/2022, 2:40:01.967 PM",
"timestamp_d": 1648219110093,
"auditType_d": 20,
"enforcementSource_d": 1,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:9ebab20f\",\r\n \"name\": \"SHARE\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:Y5UYoaWk\",\"name\":\"USER2-SURFACE\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1648233510070,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:G0yb2Cjg\",\"name\":\"User2 Name2\"},\"enforcementSource\":1,\"createdAt\":1648219110074}}",
"reportedObjectId_g": "dee861c0-0229-4d4a-b4ff-46befab9c8be",
"performedBy_id_s": "u:a:G0yb2Cjg",
"performedBy_name_s": "User2 Name2",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/25/2022, 6:40:02.239 PM",
"timestamp_d": 1648233510097,
"auditType_d": 22,
"enforcementSource_d": 2,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:9ebab20f\",\r\n \"name\": \"SHARE\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:Y5UYoaWk\",\"name\":\"USER2-SURFACE\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1648233510070,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:G0yb2Cjg\",\"name\":\"User2 Name2\"},\"enforcementSource\":1,\"createdAt\":1648219110074}}",
"reportedObjectId_g": "dee861c0-0229-4d4a-b4ff-46befab9c8be",
"performedBy_id_s": "u:a:G0yb2Cjg",
"performedBy_name_s": "User2 Name2",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/25/2022, 9:30:01.411 PM",
"timestamp_d": 1648243747743,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/25/2022, 9:30:01.411 PM",
"timestamp_d": 1648243747623,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/26/2022, 1:30:02.266 PM",
"timestamp_d": 1648301349552,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/26/2022, 1:30:02.266 PM",
"timestamp_d": 1648301349428,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/25/2022, 3:50:01.693 PM",
"timestamp_d": 1648223228662,
"auditType_d": 8,
"enforcementSource_d": 4,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:5362681b\",\r\n \"name\": \"AnotherTestMachine\"\r\n }\r\n]",
"details_s": "",
"reportedObjectId_g": "",
"performedBy_id_s": "u:a:ZMLGbhRk",
"performedBy_name_s": "User Name",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/25/2022, 3:50:01.693 PM",
"timestamp_d": 1648223220410,
"auditType_d": 7,
"enforcementSource_d": 4,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:T4R2ttYl\",\r\n \"name\": \"OFC-SCVMM\"\r\n }\r\n]",
"details_s": "",
"reportedObjectId_g": "",
"performedBy_id_s": "u:a:ZMLGbhRk",
"performedBy_name_s": "User Name",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/25/2022, 3:50:01.693 PM",
"timestamp_d": 1648223220238,
"auditType_d": 7,
"enforcementSource_d": 4,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:fHHUnkpi\",\r\n \"name\": \"OFC-RDP\"\r\n }\r\n]",
"details_s": "",
"reportedObjectId_g": "",
"performedBy_id_s": "u:a:ZMLGbhRk",
"performedBy_name_s": "User Name",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/25/2022, 3:50:01.693 PM",
"timestamp_d": 1648223220137,
"auditType_d": 7,
"enforcementSource_d": 4,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:ERNnLg93\",\r\n \"name\": \"OFC-HYPERV\"\r\n }\r\n]",
"details_s": "",
"reportedObjectId_g": "",
"performedBy_id_s": "u:a:ZMLGbhRk",
"performedBy_name_s": "User Name",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/25/2022, 8:05:01.189 PM",
"timestamp_d": 1648238586231,
"auditType_d": 22,
"enforcementSource_d": 2,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:3e8c791b\",\r\n \"name\": \"OFFICE-TLV-DC16\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:hSqW1uJ4\",\"name\":\"USER-SL\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1648238586202,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":1,\"createdAt\":1648224186205}}",
"reportedObjectId_g": "72769b11-d2c9-4bf4-b0d9-3ce7ac2653c7",
"performedBy_id_s": "u:a:ZMLGbhRk",
"performedBy_name_s": "User Name",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/26/2022, 5:30:01.213 AM",
"timestamp_d": 1648272549042,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/26/2022, 5:30:01.213 AM",
"timestamp_d": 1648272548929,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/25/2022, 4:05:01.337 PM",
"timestamp_d": 1648224186225,
"auditType_d": 20,
"enforcementSource_d": 1,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:3e8c791b\",\r\n \"name\": \"OFFICE-TLV-DC16\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:hSqW1uJ4\",\"name\":\"USER-SL\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1648238586202,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":1,\"createdAt\":1648224186205}}",
"reportedObjectId_g": "72769b11-d2c9-4bf4-b0d9-3ce7ac2653c7",
"performedBy_id_s": "u:a:ZMLGbhRk",
"performedBy_name_s": "User Name",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/27/2022, 9:30:01.845 PM",
"timestamp_d": 1648416551662,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/27/2022, 9:30:01.845 PM",
"timestamp_d": 1648416551546,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/28/2022, 11:45:00.868 AM",
"timestamp_d": 1648467624316,
"auditType_d": 2,
"enforcementSource_d": 2,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:0f13c21c\",\r\n \"name\": \"OFFICE-SPLUNK\"\r\n }\r\n]",
"details_s": "",
"reportedObjectId_g": "",
"performedBy_id_s": "",
"performedBy_name_s": "Zero Networks",
"performedBy_id_g": "1f352ed0-86f1-454f-90a5-592c197c8000",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/28/2022, 1:50:01.480 PM",
"timestamp_d": 1648475341503,
"auditType_d": 48,
"enforcementSource_d": 1,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:3e8c791b\",\r\n \"name\": \"OFFICE-TLV-DC16\"\r\n }\r\n]",
"details_s": "{\"detection\":{\"srcUser\":{\"id\":\"u:a:7aIK8NFw\",\"name\":\"User3 Name3\"},\"loggedOnUser\":{},\"srcAsset\":{\"id\":\"a:a:AzYcxZGv\",\"name\":\"USER3-LAPTOP\"},\"srcProcess\":\"C:\\\\Windows\\\\System32\\\\mstsc.exe\",\"dstProcess\":\"C:\\\\windows\\\\system32\\\\svchost.exe (TermService)\",\"dstAsset\":{\"id\":\"a:a:3e8c791b\",\"name\":\"OFFICE-TLV-DC16\"},\"port\":{\"protocol_type\":6,\"ports\":\"3389\"}}}",
"reportedObjectId_g": "75bde6e6-83d6-401b-b63b-c2ed062e80fb",
"performedBy_id_s": "u:a:7aIK8NFw",
"performedBy_name_s": "User3 Name3",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/28/2022, 1:50:01.480 PM",
"timestamp_d": 1648475278247,
"auditType_d": 22,
"enforcementSource_d": 2,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:3e8c791b\",\r\n \"name\": \"OFFICE-TLV-DC16\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:AzYcxZGv\",\"name\":\"USER3-LAPTOP\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1648475278226,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:7aIK8NFw\",\"name\":\"User3 Name3\"},\"enforcementSource\":1,\"createdAt\":1648460878228}}",
"reportedObjectId_g": "1b869ae6-1cc9-4cd2-b4f9-c956317438f1",
"performedBy_id_s": "u:a:7aIK8NFw",
"performedBy_name_s": "User3 Name3",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/28/2022, 1:55:00.840 PM",
"timestamp_d": 1648475465989,
"auditType_d": 48,
"enforcementSource_d": 1,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:3e8c791b\",\r\n \"name\": \"OFFICE-TLV-DC16\"\r\n }\r\n]",
"details_s": "{\"detection\":{\"srcUser\":{\"id\":\"u:a:7aIK8NFw\",\"name\":\"User3 Name3\"},\"loggedOnUser\":{},\"srcAsset\":{\"id\":\"a:a:AzYcxZGv\",\"name\":\"USER3-LAPTOP\"},\"srcProcess\":\"C:\\\\Windows\\\\System32\\\\mstsc.exe\",\"dstProcess\":\"C:\\\\windows\\\\system32\\\\svchost.exe (TermService)\",\"dstAsset\":{\"id\":\"a:a:3e8c791b\",\"name\":\"OFFICE-TLV-DC16\"},\"port\":{\"protocol_type\":6,\"ports\":\"3389\"}}}",
"reportedObjectId_g": "75bde6e6-83d6-401b-b63b-c2ed062e80fb",
"performedBy_id_s": "u:a:7aIK8NFw",
"performedBy_name_s": "User3 Name3",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/28/2022, 5:30:02.515 AM",
"timestamp_d": 1648445351300,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/28/2022, 5:30:02.515 AM",
"timestamp_d": 1648445351177,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/28/2022, 1:30:01.061 PM",
"timestamp_d": 1648474151822,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/28/2022, 1:30:01.061 PM",
"timestamp_d": 1648474151715,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/28/2022, 9:50:01.894 AM",
"timestamp_d": 1648460878244,
"auditType_d": 20,
"enforcementSource_d": 1,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:3e8c791b\",\r\n \"name\": \"OFFICE-TLV-DC16\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:AzYcxZGv\",\"name\":\"USER3-LAPTOP\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1648475278226,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:7aIK8NFw\",\"name\":\"User3 Name3\"},\"enforcementSource\":1,\"createdAt\":1648460878228}}",
"reportedObjectId_g": "1b869ae6-1cc9-4cd2-b4f9-c956317438f1",
"performedBy_id_s": "u:a:7aIK8NFw",
"performedBy_name_s": "User3 Name3",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/28/2022, 11:30:01.589 AM",
"timestamp_d": 1648466983277,
"auditType_d": 20,
"enforcementSource_d": 1,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:9ebab20f\",\r\n \"name\": \"SHARE\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:AzYcxZGv\",\"name\":\"USER3-LAPTOP\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1648481383260,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:7aIK8NFw\",\"name\":\"User3 Name3\"},\"enforcementSource\":1,\"createdAt\":1648466983262}}",
"reportedObjectId_g": "15246a34-c58e-4c73-92f3-c76cb465bf08",
"performedBy_id_s": "u:a:7aIK8NFw",
"performedBy_name_s": "User3 Name3",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 2:40:01.135 PM",
"timestamp_d": 1648046206017,
"auditType_d": 22,
"enforcementSource_d": 2,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:9ebab20f\",\r\n \"name\": \"SHARE\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:Y5UYoaWk\",\"name\":\"USER2-SURFACE\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1648046205985,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:G0yb2Cjg\",\"name\":\"User2 Name2\"},\"enforcementSource\":1,\"createdAt\":1648031805990}}",
"reportedObjectId_g": "5f2f07fe-4326-42f9-82d9-432ab7f63131",
"performedBy_id_s": "u:a:G0yb2Cjg",
"performedBy_name_s": "User2 Name2",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 3:15:00.597 PM",
"timestamp_d": 1648048230036,
"auditType_d": 22,
"enforcementSource_d": 2,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:3e8c791b\",\r\n \"name\": \"OFFICE-TLV-DC16\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:Y5UYoaWk\",\"name\":\"USER2-SURFACE\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1648048230006,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:G0yb2Cjg\",\"name\":\"User2 Name2\"},\"enforcementSource\":1,\"createdAt\":1648033830009}}",
"reportedObjectId_g": "1a1b627c-a043-4820-98a4-5589162c69fe",
"performedBy_id_s": "u:a:G0yb2Cjg",
"performedBy_name_s": "User2 Name2",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 3:55:01.184 PM",
"timestamp_d": 1648050600035,
"auditType_d": 31,
"enforcementSource_d": 2,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:126811c26920\",\"name\":\"104.17.194.105\"}],\"ports\":[{\"protocol_type\":256}],\"expiration\":1648050600000,\"description\":\"demo to cyberark\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:G0yb2Cjg\",\"name\":\"User2 Name2\"},\"enforcementSource\":4,\"createdAt\":1648047012626}}",
"reportedObjectId_g": "02967806-76ed-45e6-92ce-cdd20ee5d8d5",
"performedBy_id_s": "u:a:G0yb2Cjg",
"performedBy_name_s": "User2 Name2",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 7:00:01.494 PM",
"timestamp_d": 1648061835583,
"auditType_d": 22,
"enforcementSource_d": 2,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:7f220e15\",\r\n \"name\": \"OFFICE-TRUST\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:Y5UYoaWk\",\"name\":\"USER2-SURFACE\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1648061835563,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:G0yb2Cjg\",\"name\":\"User2 Name2\"},\"enforcementSource\":1,\"createdAt\":1648047435566}}",
"reportedObjectId_g": "274253c7-2548-4eaa-b301-65a82417e6d6",
"performedBy_id_s": "u:a:G0yb2Cjg",
"performedBy_name_s": "User2 Name2",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 9:30:01.660 PM",
"timestamp_d": 1648070946026,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 9:30:01.660 PM",
"timestamp_d": 1648070945893,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 9:30:01.660 PM",
"timestamp_d": 1648070721142,
"auditType_d": 21,
"enforcementSource_d": 5,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:1uS5iMSP\",\r\n \"name\": \"LAPTOP-NMF0OJ3G\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:61c21925\",\"name\":\"USER6-LAPTOP\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1648327199000,\"description\":\"\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:e03DnfZf\",\"name\":\"User6 Name6\"},\"enforcementSource\":3,\"createdAt\":1647535199078}}",
"reportedObjectId_g": "9e7036ed-26cf-4e23-a89d-a29ef44f933c",
"performedBy_id_s": "",
"performedBy_name_s": "Zero Networks",
"performedBy_id_g": "1f352ed0-86f1-454f-90a5-592c197c8000",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 9:30:01.660 PM",
"timestamp_d": 1648070717200,
"auditType_d": 21,
"enforcementSource_d": 5,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:b07f7f30\",\r\n \"name\": \"BENNY-LAPTOP\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:61c21925\",\"name\":\"USER6-LAPTOP\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1648327204000,\"description\":\"\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:e03DnfZf\",\"name\":\"User6 Name6\"},\"enforcementSource\":3,\"createdAt\":1647535204731}}",
"reportedObjectId_g": "ddef8f97-a2ef-473f-b4a3-ba5ea6cac041",
"performedBy_id_s": "",
"performedBy_name_s": "Zero Networks",
"performedBy_id_g": "1f352ed0-86f1-454f-90a5-592c197c8000",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 10:20:01.122 PM",
"timestamp_d": 1648073880032,
"auditType_d": 31,
"enforcementSource_d": 2,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:121763ccf720\",\"name\":\"23.99.204.247\"}],\"ports\":[{\"protocol_type\":256}],\"expiration\":1648073880000,\"description\":\"demo to fairwaymc\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:G0yb2Cjg\",\"name\":\"User2 Name2\"},\"enforcementSource\":4,\"createdAt\":1648070306281}}",
"reportedObjectId_g": "4c088f61-05b3-454c-a234-533d8e46d55e",
"performedBy_id_s": "u:a:G0yb2Cjg",
"performedBy_name_s": "User2 Name2",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 12:45:01.622 PM",
"timestamp_d": 1648125838645,
"auditType_d": 29,
"enforcementSource_d": 4,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12172cfac220\",\"name\":\"23.44.250.194\"}],\"ports\":[{\"protocol_type\":256}],\"expiration\":1648129380000,\"description\":\"demo to healthcare.gov\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:G0yb2Cjg\",\"name\":\"User2 Name2\"},\"enforcementSource\":4,\"createdAt\":1648125838623}}",
"reportedObjectId_g": "e90bcca6-af3e-4d85-abd4-31e57c35dac1",
"performedBy_id_s": "u:a:G0yb2Cjg",
"performedBy_name_s": "User2 Name2",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 12:45:01.622 PM",
"timestamp_d": 1648125621566,
"auditType_d": 20,
"enforcementSource_d": 1,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:3e8c791b\",\r\n \"name\": \"OFFICE-TLV-DC16\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:Y5UYoaWk\",\"name\":\"USER2-SURFACE\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1648140021547,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:G0yb2Cjg\",\"name\":\"User2 Name2\"},\"enforcementSource\":1,\"createdAt\":1648125621550}}",
"reportedObjectId_g": "ea710e05-8528-4f77-a7e1-3a9002655c27",
"performedBy_id_s": "u:a:G0yb2Cjg",
"performedBy_name_s": "User2 Name2",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 1:40:01.056 PM",
"timestamp_d": 1648129030180,
"auditType_d": 29,
"enforcementSource_d": 4,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:120372ba9920\",\"name\":\"3.114.186.153\"}],\"ports\":[{\"protocol_type\":256}],\"expiration\":1648132620000,\"description\":\"demo to Hiro\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:G0yb2Cjg\",\"name\":\"User2 Name2\"},\"enforcementSource\":4,\"createdAt\":1648129030159}}",
"reportedObjectId_g": "ffc42ca1-0e07-4c39-ab49-f1c2e2aaaa09",
"performedBy_id_s": "u:a:G0yb2Cjg",
"performedBy_name_s": "User2 Name2",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 1:40:01.056 PM",
"timestamp_d": 1648128997570,
"auditType_d": 22,
"enforcementSource_d": 2,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:9ebab20f\",\r\n \"name\": \"SHARE\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:Y5UYoaWk\",\"name\":\"USER2-SURFACE\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1648128997543,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:G0yb2Cjg\",\"name\":\"User2 Name2\"},\"enforcementSource\":1,\"createdAt\":1648114597546}}",
"reportedObjectId_g": "7da5468f-9b53-4f8c-8fbb-f23c67f78cd1",
"performedBy_id_s": "u:a:G0yb2Cjg",
"performedBy_name_s": "User2 Name2",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 1:45:01.042 PM",
"timestamp_d": 1648129380027,
"auditType_d": 31,
"enforcementSource_d": 2,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12172cfac220\",\"name\":\"23.44.250.194\"}],\"ports\":[{\"protocol_type\":256}],\"expiration\":1648129380000,\"description\":\"demo to healthcare.gov\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:G0yb2Cjg\",\"name\":\"User2 Name2\"},\"enforcementSource\":4,\"createdAt\":1648125838623}}",
"reportedObjectId_g": "e90bcca6-af3e-4d85-abd4-31e57c35dac1",
"performedBy_id_s": "u:a:G0yb2Cjg",
"performedBy_name_s": "User2 Name2",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 3:00:01.326 PM",
"timestamp_d": 1648047435581,
"auditType_d": 20,
"enforcementSource_d": 1,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:7f220e15\",\r\n \"name\": \"OFFICE-TRUST\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:Y5UYoaWk\",\"name\":\"USER2-SURFACE\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1648061835563,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:G0yb2Cjg\",\"name\":\"User2 Name2\"},\"enforcementSource\":1,\"createdAt\":1648047435566}}",
"reportedObjectId_g": "274253c7-2548-4eaa-b301-65a82417e6d6",
"performedBy_id_s": "u:a:G0yb2Cjg",
"performedBy_name_s": "User2 Name2",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 8:45:00.832 PM",
"timestamp_d": 1648068004029,
"auditType_d": 22,
"enforcementSource_d": 2,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:b07f7f30\",\r\n \"name\": \"BENNY-LAPTOP\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:61c21925\",\"name\":\"USER6-LAPTOP\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1648327204000,\"description\":\"\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:e03DnfZf\",\"name\":\"User6 Name6\"},\"enforcementSource\":3,\"createdAt\":1647535204731}}",
"reportedObjectId_g": "ddef8f97-a2ef-473f-b4a3-ba5ea6cac041",
"performedBy_id_s": "u:a:e03DnfZf",
"performedBy_name_s": "User6 Name6",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 2:50:01.261 PM",
"timestamp_d": 1648046781774,
"auditType_d": 20,
"enforcementSource_d": 1,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:9ebab20f\",\r\n \"name\": \"SHARE\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:Y5UYoaWk\",\"name\":\"USER2-SURFACE\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1648061181753,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:G0yb2Cjg\",\"name\":\"User2 Name2\"},\"enforcementSource\":1,\"createdAt\":1648046781756}}",
"reportedObjectId_g": "6f4b15fe-be38-466d-92ca-a9c080dd872b",
"performedBy_id_s": "u:a:G0yb2Cjg",
"performedBy_name_s": "User2 Name2",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 2:55:01.533 PM",
"timestamp_d": 1648047012646,
"auditType_d": 29,
"enforcementSource_d": 4,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:126811c26920\",\"name\":\"104.17.194.105\"}],\"ports\":[{\"protocol_type\":256}],\"expiration\":1648050600000,\"description\":\"demo to cyberark\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:G0yb2Cjg\",\"name\":\"User2 Name2\"},\"enforcementSource\":4,\"createdAt\":1648047012626}}",
"reportedObjectId_g": "02967806-76ed-45e6-92ce-cdd20ee5d8d5",
"performedBy_id_s": "u:a:G0yb2Cjg",
"performedBy_name_s": "User2 Name2",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 6:50:01.626 PM",
"timestamp_d": 1648061181780,
"auditType_d": 22,
"enforcementSource_d": 2,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:9ebab20f\",\r\n \"name\": \"SHARE\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:Y5UYoaWk\",\"name\":\"USER2-SURFACE\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1648061181753,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:G0yb2Cjg\",\"name\":\"User2 Name2\"},\"enforcementSource\":1,\"createdAt\":1648046781756}}",
"reportedObjectId_g": "6f4b15fe-be38-466d-92ca-a9c080dd872b",
"performedBy_id_s": "u:a:G0yb2Cjg",
"performedBy_name_s": "User2 Name2",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 1:15:01.763 AM",
"timestamp_d": 1648084462674,
"auditType_d": 22,
"enforcementSource_d": 2,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:9ebab20f\",\r\n \"name\": \"SHARE\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:Y5UYoaWk\",\"name\":\"USER2-SURFACE\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1648084462647,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:G0yb2Cjg\",\"name\":\"User2 Name2\"},\"enforcementSource\":1,\"createdAt\":1648070062651}}",
"reportedObjectId_g": "0f3117ba-d307-4177-86b6-0529c1ee18f4",
"performedBy_id_s": "u:a:G0yb2Cjg",
"performedBy_name_s": "User2 Name2",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 9:40:01.487 AM",
"timestamp_d": 1648114695917,
"auditType_d": 29,
"enforcementSource_d": 4,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:129765405120\",\"name\":\"151.101.64.81\"}],\"ports\":[{\"protocol_type\":256}],\"expiration\":1648118280000,\"description\":\"demo to Franz\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:G0yb2Cjg\",\"name\":\"User2 Name2\"},\"enforcementSource\":4,\"createdAt\":1648114695897}}",
"reportedObjectId_g": "7e050311-6739-4f62-b79c-cf05d14c8208",
"performedBy_id_s": "u:a:G0yb2Cjg",
"performedBy_name_s": "User2 Name2",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 9:40:01.487 AM",
"timestamp_d": 1648114597560,
"auditType_d": 20,
"enforcementSource_d": 1,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:9ebab20f\",\r\n \"name\": \"SHARE\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:Y5UYoaWk\",\"name\":\"USER2-SURFACE\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1648128997543,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:G0yb2Cjg\",\"name\":\"User2 Name2\"},\"enforcementSource\":1,\"createdAt\":1648114597546}}",
"reportedObjectId_g": "7da5468f-9b53-4f8c-8fbb-f23c67f78cd1",
"performedBy_id_s": "u:a:G0yb2Cjg",
"performedBy_name_s": "User2 Name2",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 1:30:02.055 PM",
"timestamp_d": 1648128548132,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 1:30:02.055 PM",
"timestamp_d": 1648128548016,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 1:35:01.191 PM",
"timestamp_d": 1648128810504,
"auditType_d": 20,
"enforcementSource_d": 1,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:3e8c791b\",\r\n \"name\": \"OFFICE-TLV-DC16\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:Y5UYoaWk\",\"name\":\"USER2-SURFACE\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1648143210486,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:G0yb2Cjg\",\"name\":\"User2 Name2\"},\"enforcementSource\":1,\"createdAt\":1648128810489}}",
"reportedObjectId_g": "a8254323-bbcc-4b57-89cb-94173e14499c",
"performedBy_id_s": "u:a:G0yb2Cjg",
"performedBy_name_s": "User2 Name2",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 1:35:01.191 PM",
"timestamp_d": 1648128764311,
"auditType_d": 21,
"enforcementSource_d": 4,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:3e8c791b\",\r\n \"name\": \"OFFICE-TLV-DC16\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:Y5UYoaWk\",\"name\":\"USER2-SURFACE\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1648140021547,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:G0yb2Cjg\",\"name\":\"User2 Name2\"},\"enforcementSource\":1,\"createdAt\":1648125621550}}",
"reportedObjectId_g": "ea710e05-8528-4f77-a7e1-3a9002655c27",
"performedBy_id_s": "u:a:G0yb2Cjg",
"performedBy_name_s": "User2 Name2",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 10:40:01.635 AM",
"timestamp_d": 1648118280029,
"auditType_d": 31,
"enforcementSource_d": 2,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:129765405120\",\"name\":\"151.101.64.81\"}],\"ports\":[{\"protocol_type\":256}],\"expiration\":1648118280000,\"description\":\"demo to Franz\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:G0yb2Cjg\",\"name\":\"User2 Name2\"},\"enforcementSource\":4,\"createdAt\":1648114695897}}",
"reportedObjectId_g": "7e050311-6739-4f62-b79c-cf05d14c8208",
"performedBy_id_s": "u:a:G0yb2Cjg",
"performedBy_name_s": "User2 Name2",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 11:05:01.118 AM",
"timestamp_d": 1648119772487,
"auditType_d": 20,
"enforcementSource_d": 1,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:9ebab20f\",\r\n \"name\": \"SHARE\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:EdAXyXKA\",\"name\":\"USER5-LAPTOP\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1648134172467,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:Jl8kZSiQ\",\"name\":\"User5 Name5\"},\"enforcementSource\":1,\"createdAt\":1648119772470}}",
"reportedObjectId_g": "4478f671-0040-4cdb-98d4-072b86c510ae",
"performedBy_id_s": "u:a:Jl8kZSiQ",
"performedBy_name_s": "User5 Name5",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 1:50:00.834 PM",
"timestamp_d": 1648129705336,
"auditType_d": 20,
"enforcementSource_d": 1,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:d4c2ab1a\",\r\n \"name\": \"USER4-LAPTOP\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:Y5UYoaWk\",\"name\":\"USER2-SURFACE\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"5985\"}],\"expiration\":1648144105320,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:G0yb2Cjg\",\"name\":\"User2 Name2\"},\"enforcementSource\":1,\"createdAt\":1648129705323}}",
"reportedObjectId_g": "5c71a9b3-2549-47ca-b804-f11426eb536b",
"performedBy_id_s": "u:a:G0yb2Cjg",
"performedBy_name_s": "User2 Name2",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 9:15:01.509 PM",
"timestamp_d": 1648070062670,
"auditType_d": 20,
"enforcementSource_d": 1,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:9ebab20f\",\r\n \"name\": \"SHARE\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:Y5UYoaWk\",\"name\":\"USER2-SURFACE\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1648084462647,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:G0yb2Cjg\",\"name\":\"User2 Name2\"},\"enforcementSource\":1,\"createdAt\":1648070062651}}",
"reportedObjectId_g": "0f3117ba-d307-4177-86b6-0529c1ee18f4",
"performedBy_id_s": "u:a:G0yb2Cjg",
"performedBy_name_s": "User2 Name2",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 5:30:00.974 AM",
"timestamp_d": 1648099746758,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 5:30:00.974 AM",
"timestamp_d": 1648099746627,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 3:05:00.813 PM",
"timestamp_d": 1648134172494,
"auditType_d": 22,
"enforcementSource_d": 2,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:9ebab20f\",\r\n \"name\": \"SHARE\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:EdAXyXKA\",\"name\":\"USER5-LAPTOP\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1648134172467,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:Jl8kZSiQ\",\"name\":\"User5 Name5\"},\"enforcementSource\":1,\"createdAt\":1648119772470}}",
"reportedObjectId_g": "4478f671-0040-4cdb-98d4-072b86c510ae",
"performedBy_id_s": "u:a:Jl8kZSiQ",
"performedBy_name_s": "User5 Name5",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 3:20:01.425 PM",
"timestamp_d": 1648135179934,
"auditType_d": 20,
"enforcementSource_d": 1,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:9ebab20f\",\r\n \"name\": \"SHARE\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:Y5UYoaWk\",\"name\":\"USER2-SURFACE\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1648149579910,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:G0yb2Cjg\",\"name\":\"User2 Name2\"},\"enforcementSource\":1,\"createdAt\":1648135179914}}",
"reportedObjectId_g": "792fa7b7-906e-4999-959f-c8a86d8a0ff0",
"performedBy_id_s": "u:a:G0yb2Cjg",
"performedBy_name_s": "User2 Name2",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 5:45:01.901 PM",
"timestamp_d": 1648143752050,
"auditType_d": 10,
"enforcementSource_d": 4,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:3e8c791b\",\r\n \"name\": \"OFFICE-TLV-DC16\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:55GnqGNk\",\"name\":\"OFC-TRUST3\"},{\"id\":\"a:a:84NKZf6q\",\"name\":\"OFC-TRUST2-NEW\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"9389\"}],\"expiration\":0,\"description\":\"\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:G0yb2Cjg\",\"name\":\"User2 Name2\"},\"enforcementSource\":4,\"createdAt\":1640275129712}}",
"reportedObjectId_g": "436cf1d8-2a73-41b3-97f4-e32fe65b5d2c",
"performedBy_id_s": "u:a:G0yb2Cjg",
"performedBy_name_s": "User2 Name2",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 4:00:01.993 PM",
"timestamp_d": 1648137481954,
"auditType_d": 21,
"enforcementSource_d": 4,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:7f220e15\",\r\n \"name\": \"OFFICE-TRUST\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:hSqW1uJ4\",\"name\":\"USER-SL\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1648150063161,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":1,\"createdAt\":1648135663165}}",
"reportedObjectId_g": "0e6dddbb-77e2-454d-9973-2661dae56f68",
"performedBy_id_s": "u:a:ZMLGbhRk",
"performedBy_name_s": "User Name",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 5:20:00.850 PM",
"timestamp_d": 1648142100032,
"auditType_d": 31,
"enforcementSource_d": 2,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:125c7bcbb720\",\"name\":\"92.123.203.183\"}],\"ports\":[{\"protocol_type\":256}],\"expiration\":1648142100000,\"description\":\"demo hhs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1648138539817}}",
"reportedObjectId_g": "71fbc42e-03a4-498a-9949-b1325f19cd60",
"performedBy_id_s": "u:a:ZMLGbhRk",
"performedBy_name_s": "User Name",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 7:05:01.275 PM",
"timestamp_d": 1648148460030,
"auditType_d": 31,
"enforcementSource_d": 2,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12c07cf93d20\",\"name\":\"192.124.249.61\"}],\"ports\":[{\"protocol_type\":256}],\"expiration\":1648148460000,\"description\":\"demo megacorp\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1648144912586}}",
"reportedObjectId_g": "b73dd8a4-5cdc-4be0-9544-d9e83bfc405d",
"performedBy_id_s": "u:a:ZMLGbhRk",
"performedBy_name_s": "User Name",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 5:50:01.376 PM",
"timestamp_d": 1648144105338,
"auditType_d": 22,
"enforcementSource_d": 2,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:d4c2ab1a\",\r\n \"name\": \"USER4-LAPTOP\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:Y5UYoaWk\",\"name\":\"USER2-SURFACE\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"5985\"}],\"expiration\":1648144105320,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:G0yb2Cjg\",\"name\":\"User2 Name2\"},\"enforcementSource\":1,\"createdAt\":1648129705323}}",
"reportedObjectId_g": "5c71a9b3-2549-47ca-b804-f11426eb536b",
"performedBy_id_s": "u:a:G0yb2Cjg",
"performedBy_name_s": "User2 Name2",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 9:30:01.773 PM",
"timestamp_d": 1648157347069,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 9:30:01.773 PM",
"timestamp_d": 1648157346814,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 9:30:01.773 PM",
"timestamp_d": 1648157186837,
"auditType_d": 21,
"enforcementSource_d": 4,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:9ebab20f\",\r\n \"name\": \"SHARE\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:hSqW1uJ4\",\"name\":\"USER-SL\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1648169781623,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":1,\"createdAt\":1648155381626}}",
"reportedObjectId_g": "40274c44-9c03-44fe-bfb3-53a360c2dad3",
"performedBy_id_s": "u:a:ZMLGbhRk",
"performedBy_name_s": "User Name",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 6:00:00.838 PM",
"timestamp_d": 1648144737686,
"auditType_d": 20,
"enforcementSource_d": 1,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:9ebab20f\",\r\n \"name\": \"SHARE\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:hSqW1uJ4\",\"name\":\"USER-SL\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1648159137669,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":1,\"createdAt\":1648144737672}}",
"reportedObjectId_g": "762a2cea-b21b-474d-984a-153951a1cf4f",
"performedBy_id_s": "u:a:ZMLGbhRk",
"performedBy_name_s": "User Name",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/25/2022, 2:30:00.899 AM",
"timestamp_d": 1648175179955,
"auditType_d": 22,
"enforcementSource_d": 2,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:9ebab20f\",\r\n \"name\": \"SHARE\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:hSqW1uJ4\",\"name\":\"USER-SL\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1648175179930,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":1,\"createdAt\":1648160779933}}",
"reportedObjectId_g": "cd3ed6c1-1167-48ef-a072-ed38f3ab7006",
"performedBy_id_s": "u:a:ZMLGbhRk",
"performedBy_name_s": "User Name",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 6:05:00.765 PM",
"timestamp_d": 1648144912607,
"auditType_d": 29,
"enforcementSource_d": 4,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12c07cf93d20\",\"name\":\"192.124.249.61\"}],\"ports\":[{\"protocol_type\":256}],\"expiration\":1648148460000,\"description\":\"demo megacorp\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1648144912586}}",
"reportedObjectId_g": "b73dd8a4-5cdc-4be0-9544-d9e83bfc405d",
"performedBy_id_s": "u:a:ZMLGbhRk",
"performedBy_name_s": "User Name",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 7:10:02.460 PM",
"timestamp_d": 1648148853890,
"auditType_d": 20,
"enforcementSource_d": 1,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:3e8c791b\",\r\n \"name\": \"OFFICE-TLV-DC16\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:hSqW1uJ4\",\"name\":\"USER-SL\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1648163253872,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":1,\"createdAt\":1648148853875}}",
"reportedObjectId_g": "a152a67c-7522-40c0-842f-13d09fd4724a",
"performedBy_id_s": "u:a:ZMLGbhRk",
"performedBy_name_s": "User Name",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 7:10:02.460 PM",
"timestamp_d": 1648148777268,
"auditType_d": 7,
"enforcementSource_d": 4,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:5362681b\",\r\n \"name\": \"AnotherTestMachine\"\r\n }\r\n]",
"details_s": "",
"reportedObjectId_g": "",
"performedBy_id_s": "u:a:ZMLGbhRk",
"performedBy_name_s": "User Name",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 3:25:01.434 PM",
"timestamp_d": 1648135369456,
"auditType_d": 29,
"enforcementSource_d": 4,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:129765805120\",\"name\":\"151.101.128.81\"}],\"ports\":[{\"protocol_type\":256}],\"expiration\":1648138920000,\"description\":\"demo bbc\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:G0yb2Cjg\",\"name\":\"User2 Name2\"},\"enforcementSource\":4,\"createdAt\":1648135369437}}",
"reportedObjectId_g": "3f4b2322-bac4-440b-871c-420028ffcec8",
"performedBy_id_s": "u:a:G0yb2Cjg",
"performedBy_name_s": "User2 Name2",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 7:15:00.809 PM",
"timestamp_d": 1648149169563,
"auditType_d": 30,
"enforcementSource_d": 4,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:1286d12dd920\",\"name\":\"134.209.45.217\"}],\"ports\":[{\"protocol_type\":256}],\"expiration\":1648152600000,\"description\":\"viaquest demo\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1648149054409}}",
"reportedObjectId_g": "71e27ec9-d3f7-4990-a97a-7c5e86e5c675",
"performedBy_id_s": "u:a:ZMLGbhRk",
"performedBy_name_s": "User Name",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 7:15:00.809 PM",
"timestamp_d": 1648149054430,
"auditType_d": 29,
"enforcementSource_d": 4,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:1286d12dd920\",\"name\":\"134.209.45.217\"}],\"ports\":[{\"protocol_type\":256}],\"expiration\":1648152600000,\"description\":\"viaquest demo\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1648149054409}}",
"reportedObjectId_g": "71e27ec9-d3f7-4990-a97a-7c5e86e5c675",
"performedBy_id_s": "u:a:ZMLGbhRk",
"performedBy_name_s": "User Name",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 4:25:01.628 PM",
"timestamp_d": 1648138920036,
"auditType_d": 31,
"enforcementSource_d": 2,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:129765805120\",\"name\":\"151.101.128.81\"}],\"ports\":[{\"protocol_type\":256}],\"expiration\":1648138920000,\"description\":\"demo bbc\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:G0yb2Cjg\",\"name\":\"User2 Name2\"},\"enforcementSource\":4,\"createdAt\":1648135369437}}",
"reportedObjectId_g": "3f4b2322-bac4-440b-871c-420028ffcec8",
"performedBy_id_s": "u:a:G0yb2Cjg",
"performedBy_name_s": "User2 Name2",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 8:15:01.098 PM",
"timestamp_d": 1648152704024,
"auditType_d": 22,
"enforcementSource_d": 2,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:7f220e15\",\r\n \"name\": \"OFFICE-TRUST\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:hSqW1uJ4\",\"name\":\"USER-SL\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1648152703996,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":1,\"createdAt\":1648138303999}}",
"reportedObjectId_g": "f688665a-c5bb-414d-8cfd-b321c03e1aef",
"performedBy_id_s": "u:a:ZMLGbhRk",
"performedBy_name_s": "User Name",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 5:35:01.014 PM",
"timestamp_d": 1648143210514,
"auditType_d": 22,
"enforcementSource_d": 2,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:3e8c791b\",\r\n \"name\": \"OFFICE-TLV-DC16\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:Y5UYoaWk\",\"name\":\"USER2-SURFACE\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1648143210486,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:G0yb2Cjg\",\"name\":\"User2 Name2\"},\"enforcementSource\":1,\"createdAt\":1648128810489}}",
"reportedObjectId_g": "a8254323-bbcc-4b57-89cb-94173e14499c",
"performedBy_id_s": "u:a:G0yb2Cjg",
"performedBy_name_s": "User2 Name2",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 8:50:01.125 PM",
"timestamp_d": 1648154759477,
"auditType_d": 21,
"enforcementSource_d": 4,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:9ebab20f\",\r\n \"name\": \"SHARE\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:hSqW1uJ4\",\"name\":\"USER-SL\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1648159137669,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":1,\"createdAt\":1648144737672}}",
"reportedObjectId_g": "762a2cea-b21b-474d-984a-153951a1cf4f",
"performedBy_id_s": "u:a:ZMLGbhRk",
"performedBy_name_s": "User Name",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 9:05:00.814 PM",
"timestamp_d": 1648155667696,
"auditType_d": 30,
"enforcementSource_d": 4,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:1234cebfe820\",\"name\":\"52.206.191.232\"}],\"ports\":[{\"protocol_type\":256}],\"expiration\":1648159200000,\"description\":\"demo to mitchell\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1648155643190}}",
"reportedObjectId_g": "0039f7d0-6436-4350-a7cf-bc6d093f3868",
"performedBy_id_s": "u:a:ZMLGbhRk",
"performedBy_name_s": "User Name",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 9:05:00.814 PM",
"timestamp_d": 1648155643213,
"auditType_d": 29,
"enforcementSource_d": 4,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:1234cebfe820\",\"name\":\"52.206.191.232\"}],\"ports\":[{\"protocol_type\":256}],\"expiration\":1648159200000,\"description\":\"demo to mitchell\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1648155643190}}",
"reportedObjectId_g": "0039f7d0-6436-4350-a7cf-bc6d093f3868",
"performedBy_id_s": "u:a:ZMLGbhRk",
"performedBy_name_s": "User Name",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 9:00:01.092 PM",
"timestamp_d": 1648155381640,
"auditType_d": 20,
"enforcementSource_d": 1,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:9ebab20f\",\r\n \"name\": \"SHARE\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:hSqW1uJ4\",\"name\":\"USER-SL\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1648169781623,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":1,\"createdAt\":1648155381626}}",
"reportedObjectId_g": "40274c44-9c03-44fe-bfb3-53a360c2dad3",
"performedBy_id_s": "u:a:ZMLGbhRk",
"performedBy_name_s": "User Name",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/25/2022, 5:30:01.765 AM",
"timestamp_d": 1648186147156,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/25/2022, 5:30:01.765 AM",
"timestamp_d": 1648186147049,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/25/2022, 1:30:01.038 PM",
"timestamp_d": 1648214947165,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/25/2022, 1:30:01.038 PM",
"timestamp_d": 1648214947052,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 2:40:00.890 PM",
"timestamp_d": 1648132620033,
"auditType_d": 31,
"enforcementSource_d": 2,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:120372ba9920\",\"name\":\"3.114.186.153\"}],\"ports\":[{\"protocol_type\":256}],\"expiration\":1648132620000,\"description\":\"demo to Hiro\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:G0yb2Cjg\",\"name\":\"User2 Name2\"},\"enforcementSource\":4,\"createdAt\":1648129030159}}",
"reportedObjectId_g": "ffc42ca1-0e07-4c39-ab49-f1c2e2aaaa09",
"performedBy_id_s": "u:a:G0yb2Cjg",
"performedBy_name_s": "User2 Name2",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 3:30:01.851 PM",
"timestamp_d": 1648135709693,
"auditType_d": 20,
"enforcementSource_d": 1,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:3e8c791b\",\r\n \"name\": \"OFFICE-TLV-DC16\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:hSqW1uJ4\",\"name\":\"USER-SL\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1648150109681,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":1,\"createdAt\":1648135709682}}",
"reportedObjectId_g": "2f19550d-db66-4b53-8744-1192d6b611b6",
"performedBy_id_s": "u:a:ZMLGbhRk",
"performedBy_name_s": "User Name",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 3:30:01.851 PM",
"timestamp_d": 1648135663183,
"auditType_d": 20,
"enforcementSource_d": 1,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:7f220e15\",\r\n \"name\": \"OFFICE-TRUST\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:hSqW1uJ4\",\"name\":\"USER-SL\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1648150063161,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":1,\"createdAt\":1648135663165}}",
"reportedObjectId_g": "0e6dddbb-77e2-454d-9973-2661dae56f68",
"performedBy_id_s": "u:a:ZMLGbhRk",
"performedBy_name_s": "User Name",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 4:15:01.930 PM",
"timestamp_d": 1648138304015,
"auditType_d": 20,
"enforcementSource_d": 1,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:7f220e15\",\r\n \"name\": \"OFFICE-TRUST\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:hSqW1uJ4\",\"name\":\"USER-SL\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1648152703996,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":1,\"createdAt\":1648138303999}}",
"reportedObjectId_g": "f688665a-c5bb-414d-8cfd-b321c03e1aef",
"performedBy_id_s": "u:a:ZMLGbhRk",
"performedBy_name_s": "User Name",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 4:20:01.374 PM",
"timestamp_d": 1648138539850,
"auditType_d": 29,
"enforcementSource_d": 4,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:125c7bcbb720\",\"name\":\"92.123.203.183\"}],\"ports\":[{\"protocol_type\":256}],\"expiration\":1648142100000,\"description\":\"demo hhs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1648138539817}}",
"reportedObjectId_g": "71fbc42e-03a4-498a-9949-b1325f19cd60",
"performedBy_id_s": "u:a:ZMLGbhRk",
"performedBy_name_s": "User Name",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 4:50:01.419 PM",
"timestamp_d": 1648140427374,
"auditType_d": 21,
"enforcementSource_d": 4,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:3e8c791b\",\r\n \"name\": \"OFFICE-TLV-DC16\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:hSqW1uJ4\",\"name\":\"USER-SL\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1648150109681,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":1,\"createdAt\":1648135709682}}",
"reportedObjectId_g": "2f19550d-db66-4b53-8744-1192d6b611b6",
"performedBy_id_s": "u:a:ZMLGbhRk",
"performedBy_name_s": "User Name",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 7:20:01.805 PM",
"timestamp_d": 1648149579939,
"auditType_d": 22,
"enforcementSource_d": 2,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:9ebab20f\",\r\n \"name\": \"SHARE\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:Y5UYoaWk\",\"name\":\"USER2-SURFACE\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1648149579910,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:G0yb2Cjg\",\"name\":\"User2 Name2\"},\"enforcementSource\":1,\"createdAt\":1648135179914}}",
"reportedObjectId_g": "792fa7b7-906e-4999-959f-c8a86d8a0ff0",
"performedBy_id_s": "u:a:G0yb2Cjg",
"performedBy_name_s": "User2 Name2",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 10:30:01.291 PM",
"timestamp_d": 1648160779947,
"auditType_d": 20,
"enforcementSource_d": 1,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:9ebab20f\",\r\n \"name\": \"SHARE\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:hSqW1uJ4\",\"name\":\"USER-SL\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1648175179930,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":1,\"createdAt\":1648160779933}}",
"reportedObjectId_g": "cd3ed6c1-1167-48ef-a072-ed38f3ab7006",
"performedBy_id_s": "u:a:ZMLGbhRk",
"performedBy_name_s": "User Name",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 10:35:01.735 PM",
"timestamp_d": 1648161156596,
"auditType_d": 29,
"enforcementSource_d": 4,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:1268c4d7f620\",\"name\":\"104.196.215.246\"}],\"ports\":[{\"protocol_type\":256}],\"expiration\":1648164720000,\"description\":\"demo to vish\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1648161156574}}",
"reportedObjectId_g": "2c5fc393-ede2-4a60-bd85-743acdfa531a",
"performedBy_id_s": "u:a:ZMLGbhRk",
"performedBy_name_s": "User Name",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 11:10:00.914 PM",
"timestamp_d": 1648163253897,
"auditType_d": 22,
"enforcementSource_d": 2,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:3e8c791b\",\r\n \"name\": \"OFFICE-TLV-DC16\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:hSqW1uJ4\",\"name\":\"USER-SL\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1648163253872,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":1,\"createdAt\":1648148853875}}",
"reportedObjectId_g": "a152a67c-7522-40c0-842f-13d09fd4724a",
"performedBy_id_s": "u:a:ZMLGbhRk",
"performedBy_name_s": "User Name",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/24/2022, 11:35:00.974 PM",
"timestamp_d": 1648164720029,
"auditType_d": 31,
"enforcementSource_d": 2,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:1268c4d7f620\",\"name\":\"104.196.215.246\"}],\"ports\":[{\"protocol_type\":256}],\"expiration\":1648164720000,\"description\":\"demo to vish\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1648161156574}}",
"reportedObjectId_g": "2c5fc393-ede2-4a60-bd85-743acdfa531a",
"performedBy_id_s": "u:a:ZMLGbhRk",
"performedBy_name_s": "User Name",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/21/2022, 2:35:02.148 PM",
"timestamp_d": 1647873169990,
"auditType_d": 9,
"enforcementSource_d": 5,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:1uS5iMSP\",\r\n \"name\": \"LAPTOP-NMF0OJ3G\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:VivsyTcD\",\"name\":\"OFC-SHARE-YOSSI\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"2706\"}],\"expiration\":0,\"description\":\"\",\"localProcesses\":[\"c:\\\\test_ofir1.exe\",\"c:\\\\test_ofir2.exe\"],\"created_by\":{\"id\":\"1f352ed0-86f1-454f-90a5-592c197c8000\",\"name\":\"Zero Networks\"},\"enforcementSource\":5,\"createdAt\":1647873169969}}",
"reportedObjectId_g": "f8c82e9b-9bdd-4f77-8429-9bd589f13edd",
"performedBy_id_s": "",
"performedBy_name_s": "Zero Networks",
"performedBy_id_g": "1f352ed0-86f1-454f-90a5-592c197c8000",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/21/2022, 2:45:01.381 PM",
"timestamp_d": 1647873835908,
"auditType_d": 12,
"enforcementSource_d": 5,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:1uS5iMSP\",\r\n \"name\": \"LAPTOP-NMF0OJ3G\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:VivsyTcD\",\"name\":\"OFC-SHARE-YOSSI\"}],\"ports\":[{\"protocol_type\":256}],\"expiration\":0,\"description\":\"\",\"localProcesses\":[\"c:\\\\test_ofir1.exe\",\"c:\\\\test_ofir2.exe\"],\"created_by\":{\"id\":\"1f352ed0-86f1-454f-90a5-592c197c8000\",\"name\":\"Zero Networks\"},\"enforcementSource\":5,\"createdAt\":1647873169969},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"a:a:VivsyTcD\",\"name\":\"OFC-SHARE-YOSSI\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"2706\"}],\"expiration\":0,\"description\":\"\",\"localProcesses\":[\"c:\\\\test_ofir1.exe\",\"c:\\\\test_ofir2.exe\"],\"created_by\":{\"id\":\"1f352ed0-86f1-454f-90a5-592c197c8000\",\"name\":\"Zero Networks\"},\"enforcementSource\":5,\"createdAt\":1647873169969}}",
"reportedObjectId_g": "f8c82e9b-9bdd-4f77-8429-9bd589f13edd",
"performedBy_id_s": "",
"performedBy_name_s": "Zero Networks",
"performedBy_id_g": "1f352ed0-86f1-454f-90a5-592c197c8000",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/21/2022, 4:35:01.367 PM",
"timestamp_d": 1647880479071,
"auditType_d": 22,
"enforcementSource_d": 2,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:3e8c791b\",\r\n \"name\": \"OFFICE-TLV-DC16\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:d4c2ab1a\",\"name\":\"USER4-LAPTOP\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1647880479043,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:f9KNkzvT\",\"name\":\"User4 Name4\"},\"enforcementSource\":1,\"createdAt\":1647866079046}}",
"reportedObjectId_g": "eac9c5d7-34ad-4b79-b267-5824def52411",
"performedBy_id_s": "u:a:f9KNkzvT",
"performedBy_name_s": "User4 Name4",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/21/2022, 4:35:01.367 PM",
"timestamp_d": 1647880351285,
"auditType_d": 10,
"enforcementSource_d": 4,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:3e8c791b\",\r\n \"name\": \"OFFICE-TLV-DC16\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:110001\",\"name\":\"Any asset\"}],\"ports\":[{\"protocol_type\":256}],\"expiration\":0,\"description\":\"tewst\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"1f352ed0-86f1-454f-90a5-592c197c8000\",\"name\":\"Zero Networks\"},\"enforcementSource\":5,\"createdAt\":1647868042055}}",
"reportedObjectId_g": "b84fb700-4191-428c-aeb8-6c7a2a785a5d",
"performedBy_id_s": "u:a:G0yb2Cjg",
"performedBy_name_s": "User2 Name2",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/21/2022, 5:20:02.030 PM",
"timestamp_d": 1647883196243,
"auditType_d": 46,
"enforcementSource_d": 4,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"g:a:A8MBgUTE\",\r\n \"name\": \"Access Control Assistance Operators\"\r\n }\r\n]",
"details_s": "",
"reportedObjectId_g": "b81b81cf-75bb-4aef-b523-79dae009f0ac",
"performedBy_id_s": "u:a:ZMLGbhRk",
"performedBy_name_s": "User Name",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/21/2022, 5:20:02.030 PM",
"timestamp_d": 1647882929333,
"auditType_d": 45,
"enforcementSource_d": 4,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"g:a:A8MBgUTE\",\r\n \"name\": \"Access Control Assistance Operators\"\r\n }\r\n]",
"details_s": "",
"reportedObjectId_g": "b81b81cf-75bb-4aef-b523-79dae009f0ac",
"performedBy_id_s": "u:a:ZMLGbhRk",
"performedBy_name_s": "User Name",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/21/2022, 5:45:01.320 PM",
"timestamp_d": 1647884557764,
"auditType_d": 29,
"enforcementSource_d": 4,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12a29f810b20\",\"name\":\"162.159.129.11\"}],\"ports\":[{\"protocol_type\":256}],\"expiration\":1647888120000,\"description\":\"Demo to Rob\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647884557745}}",
"reportedObjectId_g": "00792051-71e4-4e9f-9796-65a4a360951a",
"performedBy_id_s": "u:a:ZMLGbhRk",
"performedBy_name_s": "User Name",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/21/2022, 6:15:01.299 PM",
"timestamp_d": 1647886201696,
"auditType_d": 22,
"enforcementSource_d": 2,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:9ebab20f\",\r\n \"name\": \"SHARE\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:Y5UYoaWk\",\"name\":\"USER2-SURFACE\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1647886201664,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:G0yb2Cjg\",\"name\":\"User2 Name2\"},\"enforcementSource\":1,\"createdAt\":1647871801667}}",
"reportedObjectId_g": "672b6e19-df9f-4ea8-b2f7-a33e9509ecc7",
"performedBy_id_s": "u:a:G0yb2Cjg",
"performedBy_name_s": "User2 Name2",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/21/2022, 6:30:02.018 PM",
"timestamp_d": 1647887328726,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/21/2022, 6:30:02.018 PM",
"timestamp_d": 1647887328609,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 2:30:01.450 AM",
"timestamp_d": 1647916131451,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 2:30:01.450 AM",
"timestamp_d": 1647916131333,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 11:30:01.060 AM",
"timestamp_d": 1647948535707,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 11:30:01.060 AM",
"timestamp_d": 1647948535504,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 1:30:02.114 PM",
"timestamp_d": 1647955736113,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 1:30:02.114 PM",
"timestamp_d": 1647955735999,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/21/2022, 3:40:01.031 PM",
"timestamp_d": 1647877062146,
"auditType_d": 44,
"enforcementSource_d": 2,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:exZT6bN3\",\r\n \"name\": \"test-a8\"\r\n }\r\n]",
"details_s": "",
"reportedObjectId_g": "",
"performedBy_id_s": "",
"performedBy_name_s": "Zero Networks",
"performedBy_id_g": "1f352ed0-86f1-454f-90a5-592c197c8000",
"reportedObjectId_s": "a:a:exZT6bN3"
},
{
"TimeGenerated [UTC]": "3/21/2022, 3:40:01.031 PM",
"timestamp_d": 1647877062143,
"auditType_d": 44,
"enforcementSource_d": 2,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:3TBlomjI\",\r\n \"name\": \"test-a7\"\r\n }\r\n]",
"details_s": "",
"reportedObjectId_g": "",
"performedBy_id_s": "",
"performedBy_name_s": "Zero Networks",
"performedBy_id_g": "1f352ed0-86f1-454f-90a5-592c197c8000",
"reportedObjectId_s": "a:a:3TBlomjI"
},
{
"TimeGenerated [UTC]": "3/21/2022, 3:40:01.031 PM",
"timestamp_d": 1647877062141,
"auditType_d": 44,
"enforcementSource_d": 2,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:KsK4Wja6\",\r\n \"name\": \"test-a6\"\r\n }\r\n]",
"details_s": "",
"reportedObjectId_g": "",
"performedBy_id_s": "",
"performedBy_name_s": "Zero Networks",
"performedBy_id_g": "1f352ed0-86f1-454f-90a5-592c197c8000",
"reportedObjectId_s": "a:a:KsK4Wja6"
},
{
"TimeGenerated [UTC]": "3/21/2022, 4:30:01.611 PM",
"timestamp_d": 1647880127982,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/21/2022, 4:30:01.611 PM",
"timestamp_d": 1647880127869,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/21/2022, 5:30:01.437 PM",
"timestamp_d": 1647883728414,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/21/2022, 5:30:01.437 PM",
"timestamp_d": 1647883728296,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/21/2022, 10:30:01.309 PM",
"timestamp_d": 1647901730693,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/21/2022, 10:30:01.309 PM",
"timestamp_d": 1647901730576,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 3:30:01.750 AM",
"timestamp_d": 1647919732282,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 3:30:01.750 AM",
"timestamp_d": 1647919732184,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 5:30:01.483 AM",
"timestamp_d": 1647926932431,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 5:30:01.483 AM",
"timestamp_d": 1647926932322,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/21/2022, 2:30:01.431 PM",
"timestamp_d": 1647872928131,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/21/2022, 2:30:01.431 PM",
"timestamp_d": 1647872928013,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 7:30:02.015 AM",
"timestamp_d": 1647934133015,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 7:30:02.015 AM",
"timestamp_d": 1647934132912,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/21/2022, 3:35:00.756 PM",
"timestamp_d": 1647876617871,
"auditType_d": 8,
"enforcementSource_d": 4,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:o9xwIY10\",\r\n \"name\": \"EMA-VM\"\r\n }\r\n]",
"details_s": "",
"reportedObjectId_g": "",
"performedBy_id_s": "u:a:G0yb2Cjg",
"performedBy_name_s": "User2 Name2",
"performedBy_id_g": "",
"reportedObjectId_s": "a:a:o9xwIY10"
},
{
"TimeGenerated [UTC]": "3/21/2022, 3:35:00.756 PM",
"timestamp_d": 1647876612105,
"auditType_d": 10,
"enforcementSource_d": 4,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:o9xwIY10\",\r\n \"name\": \"EMA-VM\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:154c8d6a\",\"name\":\"AMIR-LAPTOP\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"445\"}],\"expiration\":0,\"description\":\"\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:G0yb2Cjg\",\"name\":\"User2 Name2\"},\"enforcementSource\":4,\"createdAt\":1647876525273}}",
"reportedObjectId_g": "b38c666f-b058-4525-835c-a8ea532c6bfe",
"performedBy_id_s": "u:a:G0yb2Cjg",
"performedBy_name_s": "User2 Name2",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 9:30:01.278 AM",
"timestamp_d": 1647941334604,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 9:30:01.278 AM",
"timestamp_d": 1647941334471,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/21/2022, 4:50:02.280 PM",
"timestamp_d": 1647881216528,
"auditType_d": 22,
"enforcementSource_d": 2,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:3e8c791b\",\r\n \"name\": \"OFFICE-TLV-DC16\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:d4c2ab1a\",\"name\":\"USER4-LAPTOP\"}],\"ports\":[{\"protocol_type\":256}],\"expiration\":1647881216509,\"description\":\"Admin tool MFA\",\"localProcesses\":[\"*\"],\"created_by\":{\"name\":\"USER4-LAPTOP\\\\user\"},\"enforcementSource\":1,\"createdAt\":1647866816511}}",
"reportedObjectId_g": "16e38d63-af98-4215-9d7b-4cb268d40866",
"performedBy_id_s": "",
"performedBy_name_s": "USER4-LAPTOP\\user",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 12:30:01.387 PM",
"timestamp_d": 1647952135772,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 12:30:01.387 PM",
"timestamp_d": 1647952135673,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/21/2022, 7:25:01.659 PM",
"timestamp_d": 1647890698707,
"auditType_d": 22,
"enforcementSource_d": 2,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:55GnqGNk\",\r\n \"name\": \"OFC-TRUST3\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:Y5UYoaWk\",\"name\":\"USER2-SURFACE\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1647890698683,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:G0yb2Cjg\",\"name\":\"User2 Name2\"},\"enforcementSource\":1,\"createdAt\":1647876298687}}",
"reportedObjectId_g": "da942e9b-cb90-4dab-ad01-2d7e06017d79",
"performedBy_id_s": "u:a:G0yb2Cjg",
"performedBy_name_s": "User2 Name2",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/21/2022, 2:55:01.149 PM",
"timestamp_d": 1647874475259,
"auditType_d": 10,
"enforcementSource_d": 5,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:1uS5iMSP\",\r\n \"name\": \"LAPTOP-NMF0OJ3G\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:9ebab20f\",\"name\":\"SHARE\"},{\"id\":\"a:a:VivsyTcD\",\"name\":\"OFC-SHARE-YOSSI\"}],\"ports\":[{\"protocol_type\":256}],\"expiration\":0,\"description\":\"\",\"localProcesses\":[\"c:\\\\test_ofir1.exe\",\"c:\\\\test_ofir2.exe\"],\"created_by\":{\"id\":\"1f352ed0-86f1-454f-90a5-592c197c8000\",\"name\":\"Zero Networks\"},\"enforcementSource\":5,\"createdAt\":1647873169969}}",
"reportedObjectId_g": "f8c82e9b-9bdd-4f77-8429-9bd589f13edd",
"performedBy_id_s": "",
"performedBy_name_s": "Zero Networks",
"performedBy_id_g": "1f352ed0-86f1-454f-90a5-592c197c8000",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/21/2022, 2:55:01.149 PM",
"timestamp_d": 1647874462919,
"auditType_d": 12,
"enforcementSource_d": 5,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:1uS5iMSP\",\r\n \"name\": \"LAPTOP-NMF0OJ3G\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:9ebab20f\",\"name\":\"SHARE\"},{\"id\":\"a:a:VivsyTcD\",\"name\":\"OFC-SHARE-YOSSI\"}],\"ports\":[{\"protocol_type\":256}],\"expiration\":0,\"description\":\"\",\"localProcesses\":[\"c:\\\\test_ofir1.exe\",\"c:\\\\test_ofir2.exe\"],\"created_by\":{\"id\":\"1f352ed0-86f1-454f-90a5-592c197c8000\",\"name\":\"Zero Networks\"},\"enforcementSource\":5,\"createdAt\":1647873169969},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:110001\",\"name\":\"Any asset\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"2706\"}],\"expiration\":0,\"description\":\"\",\"localProcesses\":[\"c:\\\\test_ofir1.exe\",\"c:\\\\test_ofir2.exe\"],\"created_by\":{\"id\":\"1f352ed0-86f1-454f-90a5-592c197c8000\",\"name\":\"Zero Networks\"},\"enforcementSource\":5,\"createdAt\":1647873169969}}",
"reportedObjectId_g": "f8c82e9b-9bdd-4f77-8429-9bd589f13edd",
"performedBy_id_s": "",
"performedBy_name_s": "Zero Networks",
"performedBy_id_g": "1f352ed0-86f1-454f-90a5-592c197c8000",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/21/2022, 2:55:01.149 PM",
"timestamp_d": 1647874303207,
"auditType_d": 12,
"enforcementSource_d": 5,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:1uS5iMSP\",\r\n \"name\": \"LAPTOP-NMF0OJ3G\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:110001\",\"name\":\"Any asset\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"2706\"}],\"expiration\":0,\"description\":\"\",\"localProcesses\":[\"c:\\\\test_ofir1.exe\",\"c:\\\\test_ofir2.exe\"],\"created_by\":{\"id\":\"1f352ed0-86f1-454f-90a5-592c197c8000\",\"name\":\"Zero Networks\"},\"enforcementSource\":5,\"createdAt\":1647873169969},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"a:a:VivsyTcD\",\"name\":\"OFC-SHARE-YOSSI\"}],\"ports\":[{\"protocol_type\":256}],\"expiration\":0,\"description\":\"\",\"localProcesses\":[\"c:\\\\test_ofir1.exe\",\"c:\\\\test_ofir2.exe\"],\"created_by\":{\"id\":\"1f352ed0-86f1-454f-90a5-592c197c8000\",\"name\":\"Zero Networks\"},\"enforcementSource\":5,\"createdAt\":1647873169969}}",
"reportedObjectId_g": "f8c82e9b-9bdd-4f77-8429-9bd589f13edd",
"performedBy_id_s": "",
"performedBy_name_s": "Zero Networks",
"performedBy_id_g": "1f352ed0-86f1-454f-90a5-592c197c8000",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/21/2022, 3:30:01.847 PM",
"timestamp_d": 1647876550242,
"auditType_d": 12,
"enforcementSource_d": 4,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:o9xwIY10\",\r\n \"name\": \"EMA-VM\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:154c8d6a\",\"name\":\"AMIR-LAPTOP\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"445\"}],\"expiration\":0,\"description\":\"\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:G0yb2Cjg\",\"name\":\"User2 Name2\"},\"enforcementSource\":4,\"createdAt\":1647876525273},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"a:a:154c8d6a\",\"name\":\"AMIR-LAPTOP\"}],\"ports\":[{\"protocol_type\":256}],\"expiration\":0,\"description\":\"\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:G0yb2Cjg\",\"name\":\"User2 Name2\"},\"enforcementSource\":4,\"createdAt\":1647876525273}}",
"reportedObjectId_g": "b38c666f-b058-4525-835c-a8ea532c6bfe",
"performedBy_id_s": "u:a:G0yb2Cjg",
"performedBy_name_s": "User2 Name2",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/21/2022, 3:30:01.847 PM",
"timestamp_d": 1647876528266,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/21/2022, 3:30:01.847 PM",
"timestamp_d": 1647876528150,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/21/2022, 3:30:01.847 PM",
"timestamp_d": 1647876525287,
"auditType_d": 9,
"enforcementSource_d": 4,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:o9xwIY10\",\r\n \"name\": \"EMA-VM\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:154c8d6a\",\"name\":\"AMIR-LAPTOP\"}],\"ports\":[{\"protocol_type\":256}],\"expiration\":0,\"description\":\"\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:G0yb2Cjg\",\"name\":\"User2 Name2\"},\"enforcementSource\":4,\"createdAt\":1647876525273}}",
"reportedObjectId_g": "b38c666f-b058-4525-835c-a8ea532c6bfe",
"performedBy_id_s": "u:a:G0yb2Cjg",
"performedBy_name_s": "User2 Name2",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/21/2022, 3:30:01.847 PM",
"timestamp_d": 1647876480228,
"auditType_d": 7,
"enforcementSource_d": 4,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:o9xwIY10\",\r\n \"name\": \"EMA-VM\"\r\n }\r\n]",
"details_s": "",
"reportedObjectId_g": "",
"performedBy_id_s": "u:a:G0yb2Cjg",
"performedBy_name_s": "User2 Name2",
"performedBy_id_g": "",
"reportedObjectId_s": "a:a:o9xwIY10"
},
{
"TimeGenerated [UTC]": "3/21/2022, 7:30:02.175 PM",
"timestamp_d": 1647890929301,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/21/2022, 7:30:02.175 PM",
"timestamp_d": 1647890929181,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/21/2022, 4:40:01.006 PM",
"timestamp_d": 1647880596192,
"auditType_d": 22,
"enforcementSource_d": 2,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:3e8c791b\",\r\n \"name\": \"OFFICE-TLV-DC16\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:AzYcxZGv\",\"name\":\"USER3-LAPTOP\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1647880596169,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:7aIK8NFw\",\"name\":\"User3 Name3\"},\"enforcementSource\":1,\"createdAt\":1647866196172}}",
"reportedObjectId_g": "9b6d165a-4e3a-4503-b695-e7dbc60c4004",
"performedBy_id_s": "u:a:7aIK8NFw",
"performedBy_name_s": "User3 Name3",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/21/2022, 5:40:01.854 PM",
"timestamp_d": 1647884339599,
"auditType_d": 20,
"enforcementSource_d": 1,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:9ebab20f\",\r\n \"name\": \"SHARE\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:hSqW1uJ4\",\"name\":\"USER-SL\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1647898739582,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":1,\"createdAt\":1647884339585}}",
"reportedObjectId_g": "6024a3d0-dbf8-47c1-9645-2acff376c46f",
"performedBy_id_s": "u:a:ZMLGbhRk",
"performedBy_name_s": "User Name",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/21/2022, 9:40:00.841 PM",
"timestamp_d": 1647898739608,
"auditType_d": 22,
"enforcementSource_d": 2,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:9ebab20f\",\r\n \"name\": \"SHARE\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:hSqW1uJ4\",\"name\":\"USER-SL\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1647898739582,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":1,\"createdAt\":1647884339585}}",
"reportedObjectId_g": "6024a3d0-dbf8-47c1-9645-2acff376c46f",
"performedBy_id_s": "u:a:ZMLGbhRk",
"performedBy_name_s": "User Name",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/21/2022, 6:45:01.068 PM",
"timestamp_d": 1647888120028,
"auditType_d": 31,
"enforcementSource_d": 2,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12a29f810b20\",\"name\":\"162.159.129.11\"}],\"ports\":[{\"protocol_type\":256}],\"expiration\":1647888120000,\"description\":\"Demo to Rob\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647884557745}}",
"reportedObjectId_g": "00792051-71e4-4e9f-9796-65a4a360951a",
"performedBy_id_s": "u:a:ZMLGbhRk",
"performedBy_name_s": "User Name",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 12:30:01.837 AM",
"timestamp_d": 1647908931048,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 12:30:01.837 AM",
"timestamp_d": 1647908930934,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/21/2022, 8:30:01.851 PM",
"timestamp_d": 1647894530496,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/21/2022, 8:30:01.851 PM",
"timestamp_d": 1647894530382,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 1:30:01.576 AM",
"timestamp_d": 1647912531324,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 1:30:01.576 AM",
"timestamp_d": 1647912531214,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/21/2022, 9:30:01.466 PM",
"timestamp_d": 1647898131086,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/21/2022, 9:30:01.466 PM",
"timestamp_d": 1647898130920,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 4:30:01.341 AM",
"timestamp_d": 1647923333023,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 4:30:01.341 AM",
"timestamp_d": 1647923332912,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/21/2022, 11:30:01.773 PM",
"timestamp_d": 1647905331219,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/21/2022, 11:30:01.773 PM",
"timestamp_d": 1647905331110,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 6:30:01.535 AM",
"timestamp_d": 1647930533717,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 6:30:01.535 AM",
"timestamp_d": 1647930533613,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 10:30:01.811 AM",
"timestamp_d": 1647944935082,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 10:30:01.811 AM",
"timestamp_d": 1647944934963,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 8:30:01.065 AM",
"timestamp_d": 1647937734199,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 8:30:01.065 AM",
"timestamp_d": 1647937734033,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 11:40:00.671 AM",
"timestamp_d": 1647949114687,
"auditType_d": 47,
"enforcementSource_d": 5,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"g:a:N3kAVc6S\",\r\n \"name\": \"QA\"\r\n }\r\n]",
"details_s": "",
"reportedObjectId_g": "66f366f2-9e80-4454-8bbe-4d6f2ba7f7a8",
"performedBy_id_s": "",
"performedBy_name_s": "Zero Networks",
"performedBy_id_g": "1f352ed0-86f1-454f-90a5-592c197c8000",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 1:45:01.697 PM",
"timestamp_d": 1647956474438,
"auditType_d": 20,
"enforcementSource_d": 1,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:9ebab20f\",\r\n \"name\": \"SHARE\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:Y5UYoaWk\",\"name\":\"USER2-SURFACE\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1647970874419,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:G0yb2Cjg\",\"name\":\"User2 Name2\"},\"enforcementSource\":1,\"createdAt\":1647956474422}}",
"reportedObjectId_g": "360a3a83-b4d2-4d3a-bbd3-e553b50f35f0",
"performedBy_id_s": "u:a:G0yb2Cjg",
"performedBy_name_s": "User2 Name2",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 2:30:01.351 PM",
"timestamp_d": 1647959336776,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 2:30:01.351 PM",
"timestamp_d": 1647959336673,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 4:30:01.730 PM",
"timestamp_d": 1647966538558,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 4:30:01.730 PM",
"timestamp_d": 1647966538435,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 8:30:02.475 PM",
"timestamp_d": 1647980940051,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 8:30:02.475 PM",
"timestamp_d": 1647980939937,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 10:30:01.301 PM",
"timestamp_d": 1647988140741,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 10:30:01.301 PM",
"timestamp_d": 1647988140629,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 10:30:01.301 PM",
"timestamp_d": 1647987972851,
"auditType_d": 29,
"enforcementSource_d": 4,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:1298c715af20\",\"name\":\"152.199.21.175\"}],\"ports\":[{\"protocol_type\":256}],\"expiration\":1647991560000,\"description\":\"Demo to Charlie\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647987972831}}",
"reportedObjectId_g": "d6084b64-5eb7-4d98-ad6e-f8373a714571",
"performedBy_id_s": "u:a:ZMLGbhRk",
"performedBy_name_s": "User Name",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 2:25:00.664 AM",
"timestamp_d": 1648002120373,
"auditType_d": 22,
"enforcementSource_d": 2,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:9ebab20f\",\r\n \"name\": \"SHARE\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:hSqW1uJ4\",\"name\":\"USER-SL\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1648002120346,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":1,\"createdAt\":1647987720349}}",
"reportedObjectId_g": "9f037d56-8395-48d5-bfdb-3015b7fb98e8",
"performedBy_id_s": "u:a:ZMLGbhRk",
"performedBy_name_s": "User Name",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 8:30:01.033 AM",
"timestamp_d": 1648024143612,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 8:30:01.033 AM",
"timestamp_d": 1648024143472,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 9:30:02.718 AM",
"timestamp_d": 1648027745611,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 9:30:02.718 AM",
"timestamp_d": 1648027744509,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 11:20:01.083 AM",
"timestamp_d": 1648034181916,
"auditType_d": 29,
"enforcementSource_d": 4,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:129765023120\",\"name\":\"151.101.2.49\"}],\"ports\":[{\"protocol_type\":256}],\"expiration\":1648037760000,\"description\":\"demo\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:G0yb2Cjg\",\"name\":\"User2 Name2\"},\"enforcementSource\":4,\"createdAt\":1648034181895}}",
"reportedObjectId_g": "2b9fa474-f5a1-49b8-99f1-9eb0e82b86e2",
"performedBy_id_s": "u:a:G0yb2Cjg",
"performedBy_name_s": "User2 Name2",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 1:30:01.695 PM",
"timestamp_d": 1648042145889,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 1:30:01.695 PM",
"timestamp_d": 1648042145787,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 6:30:01.673 PM",
"timestamp_d": 1647973739152,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 6:30:01.673 PM",
"timestamp_d": 1647973738930,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 7:30:01.814 PM",
"timestamp_d": 1647977340281,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 7:30:01.814 PM",
"timestamp_d": 1647977339933,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 9:30:01.132 PM",
"timestamp_d": 1647984540195,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 9:30:01.132 PM",
"timestamp_d": 1647984540081,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 5:45:01.241 PM",
"timestamp_d": 1647970874446,
"auditType_d": 22,
"enforcementSource_d": 2,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:9ebab20f\",\r\n \"name\": \"SHARE\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:Y5UYoaWk\",\"name\":\"USER2-SURFACE\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1647970874419,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:G0yb2Cjg\",\"name\":\"User2 Name2\"},\"enforcementSource\":1,\"createdAt\":1647956474422}}",
"reportedObjectId_g": "360a3a83-b4d2-4d3a-bbd3-e553b50f35f0",
"performedBy_id_s": "u:a:G0yb2Cjg",
"performedBy_name_s": "User2 Name2",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 10:25:00.770 PM",
"timestamp_d": 1647987720365,
"auditType_d": 20,
"enforcementSource_d": 1,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:9ebab20f\",\r\n \"name\": \"SHARE\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:hSqW1uJ4\",\"name\":\"USER-SL\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1648002120346,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":1,\"createdAt\":1647987720349}}",
"reportedObjectId_g": "9f037d56-8395-48d5-bfdb-3015b7fb98e8",
"performedBy_id_s": "u:a:ZMLGbhRk",
"performedBy_name_s": "User Name",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 11:30:01.385 PM",
"timestamp_d": 1647991741282,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 11:30:01.385 PM",
"timestamp_d": 1647991741167,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 11:30:01.385 PM",
"timestamp_d": 1647991560030,
"auditType_d": 31,
"enforcementSource_d": 2,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:1298c715af20\",\"name\":\"152.199.21.175\"}],\"ports\":[{\"protocol_type\":256}],\"expiration\":1647991560000,\"description\":\"Demo to Charlie\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647987972831}}",
"reportedObjectId_g": "d6084b64-5eb7-4d98-ad6e-f8373a714571",
"performedBy_id_s": "u:a:ZMLGbhRk",
"performedBy_name_s": "User Name",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 1:30:01.292 AM",
"timestamp_d": 1647998941753,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 1:30:01.292 AM",
"timestamp_d": 1647998941616,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 7:30:02.318 AM",
"timestamp_d": 1648020543272,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 7:30:02.318 AM",
"timestamp_d": 1648020543056,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 11:30:01.697 AM",
"timestamp_d": 1648034944970,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 11:30:01.697 AM",
"timestamp_d": 1648034944796,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 12:20:01.755 PM",
"timestamp_d": 1648037760028,
"auditType_d": 31,
"enforcementSource_d": 2,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:129765023120\",\"name\":\"151.101.2.49\"}],\"ports\":[{\"protocol_type\":256}],\"expiration\":1648037760000,\"description\":\"demo\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:G0yb2Cjg\",\"name\":\"User2 Name2\"},\"enforcementSource\":4,\"createdAt\":1648034181895}}",
"reportedObjectId_g": "2b9fa474-f5a1-49b8-99f1-9eb0e82b86e2",
"performedBy_id_s": "u:a:G0yb2Cjg",
"performedBy_name_s": "User2 Name2",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 12:30:01.270 AM",
"timestamp_d": 1647995341681,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 12:30:01.270 AM",
"timestamp_d": 1647995341565,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 4:30:01.836 AM",
"timestamp_d": 1648009742936,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 4:30:01.836 AM",
"timestamp_d": 1648009742807,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 6:30:01.523 AM",
"timestamp_d": 1648016943243,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 6:30:01.523 AM",
"timestamp_d": 1648016943128,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 10:30:01.774 AM",
"timestamp_d": 1648031344612,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 10:30:01.774 AM",
"timestamp_d": 1648031344483,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 11:25:01.474 AM",
"timestamp_d": 1648034433728,
"auditType_d": 10,
"enforcementSource_d": 4,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:9ebab20f\",\r\n \"name\": \"SHARE\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"g:a:KUDY079s\",\"name\":\"DEV\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"123\"}],\"expiration\":0,\"description\":\"test\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:G0yb2Cjg\",\"name\":\"User2 Name2\"},\"enforcementSource\":4,\"createdAt\":1648034424312}}",
"reportedObjectId_g": "a8c26246-2a1f-462d-af25-c14f2a087759",
"performedBy_id_s": "u:a:G0yb2Cjg",
"performedBy_name_s": "User2 Name2",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 11:25:01.474 AM",
"timestamp_d": 1648034424320,
"auditType_d": 9,
"enforcementSource_d": 4,
"userRole_d": 1,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:9ebab20f\",\r\n \"name\": \"SHARE\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"g:a:KUDY079s\",\"name\":\"DEV\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"123\"}],\"expiration\":0,\"description\":\"test\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:G0yb2Cjg\",\"name\":\"User2 Name2\"},\"enforcementSource\":4,\"createdAt\":1648034424312}}",
"reportedObjectId_g": "a8c26246-2a1f-462d-af25-c14f2a087759",
"performedBy_id_s": "u:a:G0yb2Cjg",
"performedBy_name_s": "User2 Name2",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 12:30:01.148 PM",
"timestamp_d": 1648038544843,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 12:30:01.148 PM",
"timestamp_d": 1648038544711,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 3:30:02.273 PM",
"timestamp_d": 1647962937561,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 3:30:02.273 PM",
"timestamp_d": 1647962937442,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 5:30:01.245 PM",
"timestamp_d": 1647970138499,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/22/2022, 5:30:01.245 PM",
"timestamp_d": 1647970138385,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 2:30:01.236 AM",
"timestamp_d": 1648002542573,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 2:30:01.236 AM",
"timestamp_d": 1648002542453,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 3:30:01.080 AM",
"timestamp_d": 1648006142070,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 3:30:01.080 AM",
"timestamp_d": 1648006141958,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 5:30:01.619 AM",
"timestamp_d": 1648013342882,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 5:30:01.619 AM",
"timestamp_d": 1648013342760,
"auditType_d": 32,
"enforcementSource_d": 6,
"userRole_d": 4,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"b:110002\",\r\n \"name\": \"All protected assets\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111},\"prevRule\":{\"remoteEntityNames\":[{\"id\":\"b:12ac10010120\",\"name\":\"172.16.1.1\"},{\"id\":\"b:12ac10020120\",\"name\":\"172.16.2.1\"}],\"ports\":[{\"protocol_type\":1}],\"expiration\":0,\"description\":\"Sentinel Integration - Block Malicous IPs\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:ZMLGbhRk\",\"name\":\"User Name\"},\"enforcementSource\":4,\"createdAt\":1647536872111}}",
"reportedObjectId_g": "16ccf615-91e0-491c-9e99-0553ac9a41de",
"performedBy_id_s": "m:8cd0f646c46e5d66cda87bc884c2832519d87255",
"performedBy_name_s": "MS Sentinel Integration",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 10:40:01.015 AM",
"timestamp_d": 1648031806013,
"auditType_d": 20,
"enforcementSource_d": 1,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:9ebab20f\",\r\n \"name\": \"SHARE\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:Y5UYoaWk\",\"name\":\"USER2-SURFACE\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1648046205985,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:G0yb2Cjg\",\"name\":\"User2 Name2\"},\"enforcementSource\":1,\"createdAt\":1648031805990}}",
"reportedObjectId_g": "5f2f07fe-4326-42f9-82d9-432ab7f63131",
"performedBy_id_s": "u:a:G0yb2Cjg",
"performedBy_name_s": "User2 Name2",
"performedBy_id_g": "",
"reportedObjectId_s": ""
},
{
"TimeGenerated [UTC]": "3/23/2022, 11:15:01.076 AM",
"timestamp_d": 1648033830025,
"auditType_d": 20,
"enforcementSource_d": 1,
"userRole_d": 6,
"destinationEntitiesList_s": "[\r\n {\r\n \"id\": \"a:a:3e8c791b\",\r\n \"name\": \"OFFICE-TLV-DC16\"\r\n }\r\n]",
"details_s": "{\"rule\":{\"remoteEntityNames\":[{\"id\":\"a:a:Y5UYoaWk\",\"name\":\"USER2-SURFACE\"}],\"ports\":[{\"protocol_type\":6,\"ports\":\"3389\"}],\"expiration\":1648048230006,\"description\":\"RDP\",\"localProcesses\":[\"*\"],\"created_by\":{\"id\":\"u:a:G0yb2Cjg\",\"name\":\"User2 Name2\"},\"enforcementSource\":1,\"createdAt\":1648033830009}}",
"reportedObjectId_g": "1a1b627c-a043-4820-98a4-5589162c69fe",
"performedBy_id_s": "u:a:G0yb2Cjg",
"performedBy_name_s": "User2 Name2",
"performedBy_id_g": "",
"reportedObjectId_s": ""
}
]
Ссылка в новой задаче Показать git blame Копировать постоянную ссылку