nv_sample_syslog_output.txt

<12>1 2024-10-10T10:40:08.000Z neuvector-controller-pod-85d85c976-vzxqx /usr/local/bin/controller 12 neuvector - notification=incident,name=Container.Suspicious.Process,level=Warning,reported_timestamp=1728556808,reported_at=2024-10-10T10:40:08Z,cluster_name=cluster.local,host_id=ip-10-0-0-60:ec2762b0-e7fc-8ece-9a0a-9e421712cfc1,host_name=ip-10-0-0-60,enforcer_id=77a95fdf8019aa962eba5ca1d7758fd35e1c2168241483b2c7648b1485cbeeb4,enforcer_name=neuvector-enforcer-pod-mh9gk,id=127e6f93-fd9c-4dd0-82a1-b63d5514d90b,workload_id=8ce5890a508ec41cdd66eb6bae66f315c59faccdece8aaafe1b9621c45464f78,workload_name=instance-manager-4e77d195a50f5adbdaf84e668fde5082,workload_domain=longhorn-system,workload_image=docker.io/rancher/mirrored-longhornio-longhorn-instance-manager:v1.6.2,workload_service=instance-manager.longhorn-system,proc_name=nc,proc_path=/usr/bin/nc,proc_cmd=nc -zv localhost 8500,proc_effective_user=root,proc_parent_name=sh,proc_parent_path=/usr/bin/bash,action=violate,group=nv.instance-manager.longhorn-system,rule_id=00000000-0000-0000-0000-000000000001,aggregation_from=1728556743,count=11,message=Risky application: netcat process
<12>1 2024-10-10T10:40:08.000Z neuvector-controller-pod-85d85c976-vzxqx /usr/local/bin/controller 12 neuvector - {"notification": "incident", "name":"Container.Suspicious.Process","level":"Warning","reported_timestamp":1728559008,"reported_at":"2024-10-10T11:16:48Z","cluster_name":"cluster.local","host_id":"ip-10-0-0-60:ec2762b0-e7fc-8ece-9a0a-9e421712cfc1","host_name":"ip-10-0-0-60","enforcer_id":"77a95fdf8019aa962eba5ca1d7758fd35e1c2168241483b2c7648b1485cbeeb4","enforcer_name":"neuvector-enforcer-pod-mh9gk","id":"680d3d31-ba0a-4a87-b6ab-799ef8615a76","workload_id":"8ce5890a508ec41cdd66eb6bae66f315c59faccdece8aaafe1b9621c45464f78","workload_name":"instance-manager-4e77d195a50f5adbdaf84e668fde5082","workload_domain":"longhorn-system","workload_image":"docker.io/rancher/mirrored-longhornio-longhorn-instance-manager:v1.6.2","workload_service":"instance-manager.longhorn-system","proc_name":"nc","proc_path":"/usr/bin/nc","proc_cmd":"nc -zv localhost 8503","proc_effective_user":"root","proc_parent_name":"sh","proc_parent_path":"/usr/bin/bash","action":"violate","group":"nv.instance-manager.longhorn-system","rule_id":"00000000-0000-0000-0000-000000000001","aggregation_from":1728558943,"count":12,"message":"Risky application: netcat process"}