Current File : //var/log/mbdaemon.1.log
2026-01-28 19:38:55.279 [163894] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:38:57.600 [163897] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:38:58.004 [163898] info  communicator.cpp::processor processing exited
2026-01-28 19:39:12.280 [163871] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:39:13.280 [163871] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:39:13.289 [164825] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 19:39:13.289 [164825] info  mbdaemon.cpp::main logLevel is info
2026-01-28 19:39:13.289 [164825] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:39:13.289 [164825] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:39:13.289 [164825] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:39:13.398 [164825] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:39:13.446 [164825] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:39:13.618 [164825] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:39:13.618 [164844] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:39:13.618 [164848] info  communicator.cpp::processor processing starting
2026-01-28 19:39:13.618 [164845] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:39:18.941 [164845] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:39:18.941 [164845] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:39:18.943 [164847] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:39:18.943 [164847] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:39:18.943 [164847] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:39:18.943 [164847] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:39:18.943 [164847] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:39:18.943 [164847] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:39:19.136 [164847] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:39:19.136 [164847] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:39:19.136 [164847] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:39:19.141 [164847] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:39:19.231 [164847] info  client.cpp::callSync []
2026-01-28 19:39:20.236 [164847] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:39:20.236 [164847] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:39:20.379 [164847] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:39:24.388 [164847] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:39:25.077 [164844] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:39:28.413 [164847] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:39:28.737 [164848] info  communicator.cpp::processor processing exited
2026-01-28 19:39:42.738 [164825] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:39:43.738 [164825] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:39:43.747 [165754] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 19:39:43.748 [165754] info  mbdaemon.cpp::main logLevel is info
2026-01-28 19:39:43.748 [165754] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:39:43.748 [165754] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:39:43.748 [165754] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:39:43.857 [165754] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:39:43.906 [165754] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:39:44.082 [165754] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:39:44.082 [165768] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:39:44.082 [165772] info  communicator.cpp::processor processing starting
2026-01-28 19:39:44.084 [165769] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:39:49.410 [165769] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:39:49.410 [165769] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:39:49.412 [165771] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:39:49.412 [165771] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:39:49.412 [165771] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:39:49.412 [165771] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:39:49.412 [165771] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:39:49.412 [165771] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:39:49.690 [165771] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:39:49.690 [165771] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:39:49.690 [165771] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:39:49.696 [165771] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:39:49.782 [165771] info  client.cpp::callSync []
2026-01-28 19:39:50.787 [165771] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:39:50.787 [165771] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:39:50.931 [165771] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:39:54.938 [165771] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:39:55.554 [165768] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:39:58.959 [165771] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:39:59.435 [165772] info  communicator.cpp::processor processing exited
2026-01-28 19:40:13.436 [165754] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:40:14.436 [165754] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:40:14.446 [166694] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 19:40:14.446 [166694] info  mbdaemon.cpp::main logLevel is info
2026-01-28 19:40:14.446 [166694] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:40:14.446 [166694] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:40:14.446 [166694] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:40:14.555 [166694] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:40:14.603 [166694] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:40:14.776 [166694] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:40:14.776 [166708] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:40:14.776 [166712] info  communicator.cpp::processor processing starting
2026-01-28 19:40:14.778 [166709] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:40:21.098 [166709] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:40:21.098 [166709] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:40:21.100 [166711] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:40:21.100 [166711] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:40:21.100 [166711] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:40:21.100 [166711] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:40:21.100 [166711] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:40:21.100 [166711] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:40:21.293 [166711] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:40:21.293 [166711] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:40:21.293 [166711] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:40:21.298 [166711] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:40:21.385 [166711] info  client.cpp::callSync []
2026-01-28 19:40:22.390 [166711] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:40:22.390 [166711] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:40:22.528 [166711] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:40:26.535 [166711] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:40:28.234 [166708] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:40:30.554 [166711] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:40:31.340 [166712] info  communicator.cpp::processor processing exited
2026-01-28 19:40:45.341 [166694] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:40:46.341 [166694] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:40:46.350 [167678] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 19:40:46.351 [167678] info  mbdaemon.cpp::main logLevel is info
2026-01-28 19:40:46.351 [167678] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:40:46.351 [167678] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:40:46.351 [167678] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:40:46.459 [167678] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:40:46.508 [167678] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:40:46.681 [167678] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:40:46.681 [167688] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:40:46.681 [167692] info  communicator.cpp::processor processing starting
2026-01-28 19:40:46.683 [167689] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:40:53.021 [167689] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:40:53.021 [167689] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:40:53.025 [167691] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:40:53.025 [167691] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:40:53.025 [167691] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:40:53.025 [167691] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:40:53.025 [167691] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:40:53.025 [167691] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:40:53.216 [167691] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:40:53.216 [167691] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:40:53.216 [167691] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:40:53.221 [167691] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:40:53.308 [167691] info  client.cpp::callSync []
2026-01-28 19:40:54.313 [167691] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:40:54.313 [167691] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:40:54.461 [167691] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:40:58.469 [167691] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:41:00.159 [167688] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:41:02.489 [167691] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:41:03.658 [167692] info  communicator.cpp::processor processing exited
2026-01-28 19:41:17.659 [167678] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:41:18.659 [167678] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:41:18.668 [168648] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 19:41:18.668 [168648] info  mbdaemon.cpp::main logLevel is info
2026-01-28 19:41:18.668 [168648] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:41:18.668 [168648] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:41:18.668 [168648] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:41:18.776 [168648] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:41:18.825 [168648] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:41:19.000 [168648] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:41:19.000 [168663] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:41:19.000 [168667] info  communicator.cpp::processor processing starting
2026-01-28 19:41:19.002 [168664] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:41:24.326 [168664] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:41:24.326 [168664] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:41:24.328 [168666] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:41:24.328 [168666] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:41:24.328 [168666] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:41:24.328 [168666] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:41:24.328 [168666] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:41:24.328 [168666] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:41:24.529 [168666] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:41:24.529 [168666] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:41:24.529 [168666] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:41:24.534 [168666] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:41:24.620 [168666] info  client.cpp::callSync []
2026-01-28 19:41:25.625 [168666] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:41:25.625 [168666] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:41:25.778 [168666] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:41:29.786 [168666] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:41:31.462 [168663] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:41:33.811 [168666] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:41:34.761 [168667] info  communicator.cpp::processor processing exited
2026-01-28 19:41:48.762 [168648] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:41:49.762 [168648] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:41:49.771 [169490] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 19:41:49.772 [169490] info  mbdaemon.cpp::main logLevel is info
2026-01-28 19:41:49.772 [169490] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:41:49.772 [169490] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:41:49.772 [169490] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:41:49.881 [169490] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:41:49.929 [169490] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:41:50.101 [169490] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:41:50.101 [169497] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:41:50.101 [169501] info  communicator.cpp::processor processing starting
2026-01-28 19:41:50.103 [169498] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:41:56.423 [169498] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:41:56.423 [169498] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:41:56.425 [169500] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:41:56.425 [169500] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:41:56.425 [169500] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:41:56.425 [169500] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:41:56.425 [169500] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:41:56.425 [169500] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:41:56.621 [169500] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:41:56.621 [169500] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:41:56.621 [169500] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:41:56.627 [169500] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:41:56.713 [169500] info  client.cpp::callSync []
2026-01-28 19:41:57.718 [169500] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:41:57.718 [169500] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:41:57.872 [169500] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:42:01.880 [169500] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:42:03.560 [169497] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:42:05.900 [169500] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:42:06.371 [169501] info  communicator.cpp::processor processing exited
2026-01-28 19:42:20.561 [169490] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:42:21.561 [169490] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:42:21.570 [170279] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 19:42:21.571 [170279] info  mbdaemon.cpp::main logLevel is info
2026-01-28 19:42:21.571 [170279] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:42:21.571 [170279] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:42:21.571 [170279] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:42:21.679 [170279] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:42:21.728 [170279] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:42:21.904 [170279] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:42:21.904 [170292] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:42:21.904 [170296] info  communicator.cpp::processor processing starting
2026-01-28 19:42:21.906 [170293] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:42:28.224 [170293] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:42:28.224 [170293] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:42:28.226 [170295] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:42:28.226 [170295] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:42:28.226 [170295] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:42:28.226 [170295] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:42:28.227 [170295] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:42:28.227 [170295] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:42:28.417 [170295] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:42:28.418 [170295] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:42:28.418 [170295] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:42:28.423 [170295] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:42:28.534 [170295] info  client.cpp::callSync []
2026-01-28 19:42:29.541 [170295] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:42:29.541 [170295] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:42:29.699 [170295] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:42:33.367 [170292] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:42:33.707 [170295] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:42:34.455 [170296] info  communicator.cpp::processor processing exited
2026-01-28 19:42:50.369 [170279] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:42:51.369 [170279] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:42:51.377 [171071] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 19:42:51.378 [171071] info  mbdaemon.cpp::main logLevel is info
2026-01-28 19:42:51.378 [171071] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:42:51.378 [171071] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:42:51.378 [171071] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:42:51.486 [171071] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:42:51.535 [171071] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:42:51.710 [171071] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:42:51.710 [171077] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:42:51.710 [171081] info  communicator.cpp::processor processing starting
2026-01-28 19:42:51.712 [171078] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:42:57.035 [171078] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:42:57.035 [171078] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:42:57.037 [171080] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:42:57.037 [171080] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:42:57.037 [171080] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:42:57.038 [171080] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:42:57.038 [171080] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:42:57.038 [171080] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:42:57.228 [171080] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:42:57.228 [171080] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:42:57.228 [171080] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:42:57.233 [171080] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:42:57.319 [171080] info  client.cpp::callSync []
2026-01-28 19:42:58.324 [171080] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:42:58.325 [171080] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:42:58.325 [171080] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:42:58.445 [171080] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:43:02.452 [171080] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:43:03.170 [171077] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:43:06.472 [171080] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:43:07.073 [171081] info  communicator.cpp::processor processing exited
2026-01-28 19:43:21.074 [171071] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:43:22.074 [171071] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:43:22.083 [171824] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 19:43:22.084 [171824] info  mbdaemon.cpp::main logLevel is info
2026-01-28 19:43:22.084 [171824] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:43:22.084 [171824] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:43:22.084 [171824] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:43:22.192 [171824] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:43:22.240 [171824] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:43:22.413 [171824] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:43:22.413 [171830] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:43:22.413 [171834] info  communicator.cpp::processor processing starting
2026-01-28 19:43:22.415 [171831] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:43:28.732 [171831] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:43:28.732 [171831] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:43:28.734 [171833] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:43:28.734 [171833] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:43:28.734 [171833] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:43:28.734 [171833] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:43:28.734 [171833] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:43:28.734 [171833] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:43:28.927 [171833] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:43:28.927 [171833] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:43:28.927 [171833] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:43:28.932 [171833] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:43:29.023 [171833] info  client.cpp::callSync []
2026-01-28 19:43:30.028 [171833] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:43:30.028 [171833] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:43:30.146 [171833] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:43:34.153 [171833] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:43:34.864 [171830] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:43:38.173 [171833] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:43:39.214 [171834] info  communicator.cpp::processor processing exited
2026-01-28 19:43:53.215 [171824] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:43:54.215 [171824] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:43:54.224 [172664] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 19:43:54.224 [172664] info  mbdaemon.cpp::main logLevel is info
2026-01-28 19:43:54.224 [172664] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:43:54.224 [172664] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:43:54.224 [172664] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:43:54.332 [172664] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:43:54.381 [172664] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:43:54.552 [172664] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:43:54.552 [172686] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:43:54.552 [172690] info  communicator.cpp::processor processing starting
2026-01-28 19:43:54.554 [172687] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:43:58.875 [172687] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:43:58.875 [172687] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:43:58.877 [172689] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:43:58.877 [172689] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:43:58.877 [172689] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:43:58.877 [172689] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:43:58.878 [172689] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:43:58.878 [172689] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:43:59.154 [172689] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:43:59.154 [172689] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:43:59.154 [172689] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:43:59.159 [172689] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:43:59.249 [172689] info  client.cpp::callSync []
2026-01-28 19:44:00.254 [172689] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:44:00.254 [172689] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:44:00.402 [172689] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:44:04.012 [172686] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:44:04.407 [172689] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:44:05.301 [172690] info  communicator.cpp::processor processing exited
2026-01-28 19:44:21.013 [172664] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:44:22.013 [172664] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:44:22.022 [173516] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 19:44:22.022 [173516] info  mbdaemon.cpp::main logLevel is info
2026-01-28 19:44:22.022 [173516] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:44:22.022 [173516] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:44:22.022 [173516] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:44:22.131 [173516] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:44:22.178 [173516] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:44:22.346 [173516] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:44:22.346 [173529] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:44:22.346 [173533] info  communicator.cpp::processor processing starting
2026-01-28 19:44:22.348 [173530] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:44:28.666 [173530] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:44:28.666 [173530] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:44:28.668 [173532] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:44:28.668 [173532] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:44:28.668 [173532] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:44:28.668 [173532] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:44:28.668 [173532] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:44:28.668 [173532] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:44:28.861 [173532] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:44:28.861 [173532] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:44:28.861 [173532] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:44:28.866 [173532] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:44:28.957 [173532] info  client.cpp::callSync []
2026-01-28 19:44:29.961 [173532] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:44:29.962 [173532] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:44:29.962 [173532] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:44:30.107 [173532] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:44:34.114 [173532] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:44:34.799 [173529] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:44:38.133 [173532] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:44:38.897 [173533] info  communicator.cpp::processor processing exited
2026-01-28 19:44:52.898 [173516] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:44:53.898 [173516] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:44:53.907 [174394] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 19:44:53.907 [174394] info  mbdaemon.cpp::main logLevel is info
2026-01-28 19:44:53.907 [174394] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:44:53.907 [174394] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:44:53.907 [174394] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:44:54.015 [174394] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:44:54.066 [174394] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:44:54.240 [174394] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:44:54.240 [174400] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:44:54.240 [174404] info  communicator.cpp::processor processing starting
2026-01-28 19:44:54.242 [174401] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:45:00.557 [174401] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:45:00.557 [174401] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:45:00.559 [174403] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:45:00.559 [174403] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:45:00.559 [174403] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:45:00.559 [174403] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:45:00.559 [174403] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:45:00.559 [174403] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:45:00.751 [174403] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:45:00.751 [174403] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:45:00.751 [174403] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:45:00.756 [174403] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:45:00.848 [174403] info  client.cpp::callSync []
2026-01-28 19:45:01.853 [174403] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:45:01.853 [174403] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:45:01.997 [174403] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:45:06.005 [174403] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:45:07.694 [174400] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:45:10.025 [174403] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:45:10.221 [174404] info  communicator.cpp::processor processing exited
2026-01-28 19:45:24.695 [174394] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:45:25.695 [174394] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:45:25.706 [175415] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 19:45:25.706 [175415] info  mbdaemon.cpp::main logLevel is info
2026-01-28 19:45:25.706 [175415] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:45:25.706 [175415] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:45:25.706 [175415] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:45:25.819 [175415] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:45:25.869 [175415] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:45:26.042 [175415] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:45:26.042 [175438] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:45:26.042 [175442] info  communicator.cpp::processor processing starting
2026-01-28 19:45:26.044 [175439] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:45:31.387 [175439] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:45:31.388 [175439] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:45:31.391 [175441] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:45:31.391 [175441] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:45:31.391 [175441] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:45:31.391 [175441] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:45:31.391 [175441] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:45:31.391 [175441] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:45:31.603 [175441] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:45:31.603 [175441] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:45:31.603 [175441] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:45:31.610 [175441] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:45:31.698 [175441] info  client.cpp::callSync []
2026-01-28 19:45:32.703 [175441] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:45:32.703 [175441] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:45:32.787 [175441] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:45:36.795 [175441] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:45:37.533 [175438] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:45:40.815 [175441] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:45:41.516 [175442] info  communicator.cpp::processor processing exited
2026-01-28 19:45:55.517 [175415] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:45:56.517 [175415] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:45:56.526 [176045] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 19:45:56.527 [176045] info  mbdaemon.cpp::main logLevel is info
2026-01-28 19:45:56.527 [176045] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:45:56.527 [176045] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:45:56.527 [176045] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:45:56.635 [176045] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:45:56.682 [176045] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:45:56.851 [176045] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:45:56.851 [176055] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:45:56.852 [176059] info  communicator.cpp::processor processing starting
2026-01-28 19:45:56.853 [176056] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:46:03.169 [176056] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:46:03.170 [176056] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:46:03.172 [176058] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:46:03.172 [176058] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:46:03.172 [176058] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:46:03.172 [176058] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:46:03.172 [176058] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:46:03.172 [176058] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:46:03.363 [176058] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:46:03.363 [176058] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:46:03.363 [176058] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:46:03.368 [176058] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:46:03.459 [176058] info  client.cpp::callSync []
2026-01-28 19:46:04.463 [176058] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:46:04.463 [176058] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:46:04.607 [176058] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:46:08.615 [176058] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:46:09.304 [176055] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:46:12.633 [176058] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:46:13.220 [176059] info  communicator.cpp::processor processing exited
2026-01-28 19:46:27.221 [176045] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:46:28.221 [176045] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:46:28.231 [176750] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 19:46:28.231 [176750] info  mbdaemon.cpp::main logLevel is info
2026-01-28 19:46:28.231 [176750] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:46:28.231 [176750] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:46:28.231 [176750] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:46:28.341 [176750] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:46:28.389 [176750] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:46:28.562 [176750] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:46:28.562 [176756] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:46:28.562 [176760] info  communicator.cpp::processor processing starting
2026-01-28 19:46:28.564 [176757] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:46:34.879 [176757] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:46:34.879 [176757] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:46:34.881 [176759] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:46:34.881 [176759] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:46:34.881 [176759] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:46:34.881 [176759] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:46:34.881 [176759] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:46:34.881 [176759] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:46:35.071 [176759] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:46:35.072 [176759] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:46:35.072 [176759] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:46:35.077 [176759] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:46:35.168 [176759] info  client.cpp::callSync []
2026-01-28 19:46:36.173 [176759] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:46:36.173 [176759] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:46:36.293 [176759] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:46:40.301 [176759] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:46:41.013 [176756] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:46:44.323 [176759] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:46:45.026 [176760] info  communicator.cpp::processor processing exited
2026-01-28 19:46:59.027 [176750] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:47:00.027 [176750] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:47:00.036 [177739] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 19:47:00.036 [177739] info  mbdaemon.cpp::main logLevel is info
2026-01-28 19:47:00.036 [177739] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:47:00.036 [177739] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:47:00.036 [177739] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:47:00.145 [177739] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:47:00.194 [177739] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:47:00.370 [177739] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:47:00.370 [177751] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:47:00.370 [177755] info  communicator.cpp::processor processing starting
2026-01-28 19:47:00.372 [177752] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:47:06.689 [177752] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:47:06.689 [177752] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:47:06.691 [177754] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:47:06.691 [177754] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:47:06.691 [177754] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:47:06.691 [177754] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:47:06.691 [177754] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:47:06.691 [177754] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:47:06.884 [177754] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:47:06.884 [177754] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:47:06.884 [177754] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:47:06.889 [177754] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:47:06.976 [177754] info  client.cpp::callSync []
2026-01-28 19:47:07.981 [177754] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:47:07.981 [177754] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:47:08.124 [177754] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:47:12.133 [177754] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:47:12.823 [177751] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:47:16.152 [177754] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:47:16.774 [177755] info  communicator.cpp::processor processing exited
2026-01-28 19:47:30.776 [177739] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:47:31.776 [177739] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:47:31.785 [178575] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 19:47:31.785 [178575] info  mbdaemon.cpp::main logLevel is info
2026-01-28 19:47:31.785 [178575] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:47:31.786 [178575] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:47:31.786 [178575] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:47:31.894 [178575] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:47:31.942 [178575] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:47:32.115 [178575] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:47:32.115 [178581] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:47:32.115 [178585] info  communicator.cpp::processor processing starting
2026-01-28 19:47:32.117 [178582] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:47:38.435 [178582] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:47:38.435 [178582] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:47:38.437 [178584] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:47:38.437 [178584] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:47:38.438 [178584] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:47:38.438 [178584] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:47:38.438 [178584] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:47:38.438 [178584] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:47:38.633 [178584] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:47:38.633 [178584] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:47:38.633 [178584] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:47:38.638 [178584] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:47:38.735 [178584] info  client.cpp::callSync []
2026-01-28 19:47:39.740 [178584] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:47:39.740 [178584] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:47:39.881 [178584] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:47:43.888 [178584] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:47:44.571 [178581] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:47:47.907 [178584] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:47:48.180 [178585] info  communicator.cpp::processor processing exited
2026-01-28 19:48:02.181 [178575] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:48:03.182 [178575] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:48:03.190 [179409] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 19:48:03.191 [179409] info  mbdaemon.cpp::main logLevel is info
2026-01-28 19:48:03.191 [179409] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:48:03.191 [179409] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:48:03.191 [179409] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:48:03.299 [179409] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:48:03.347 [179409] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:48:03.516 [179409] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:48:03.517 [179421] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:48:03.517 [179425] info  communicator.cpp::processor processing starting
2026-01-28 19:48:03.519 [179422] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:48:09.833 [179422] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:48:09.833 [179422] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:48:09.835 [179424] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:48:09.835 [179424] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:48:09.835 [179424] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:48:09.835 [179424] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:48:09.835 [179424] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:48:09.835 [179424] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:48:10.026 [179424] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:48:10.026 [179424] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:48:10.026 [179424] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:48:10.031 [179424] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:48:10.123 [179424] info  client.cpp::callSync []
2026-01-28 19:48:11.127 [179424] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:48:11.127 [179424] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:48:11.265 [179424] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:48:15.273 [179424] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:48:16.970 [179421] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:48:19.293 [179424] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:48:20.137 [179425] info  communicator.cpp::processor processing exited
2026-01-28 19:48:34.138 [179409] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:48:35.138 [179409] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:48:35.147 [180219] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 19:48:35.147 [180219] info  mbdaemon.cpp::main logLevel is info
2026-01-28 19:48:35.147 [180219] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:48:35.147 [180219] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:48:35.147 [180219] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:48:35.256 [180219] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:48:35.305 [180219] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:48:35.479 [180219] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:48:35.480 [180228] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:48:35.480 [180232] info  communicator.cpp::processor processing starting
2026-01-28 19:48:35.482 [180229] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:48:40.802 [180229] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:48:40.802 [180229] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:48:40.805 [180231] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:48:40.805 [180231] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:48:40.805 [180231] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:48:40.805 [180231] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:48:40.805 [180231] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:48:40.805 [180231] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:48:40.997 [180231] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:48:40.997 [180231] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:48:40.997 [180231] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:48:41.002 [180231] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:48:41.089 [180231] info  client.cpp::callSync []
2026-01-28 19:48:42.094 [180231] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:48:42.094 [180231] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:48:42.217 [180231] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:48:46.222 [180231] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:48:46.937 [180228] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:48:50.248 [180231] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:48:51.348 [180232] info  communicator.cpp::processor processing exited
2026-01-28 19:49:05.350 [180219] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:49:06.350 [180219] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:49:06.359 [181351] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 19:49:06.359 [181351] info  mbdaemon.cpp::main logLevel is info
2026-01-28 19:49:06.359 [181351] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:49:06.359 [181351] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:49:06.359 [181351] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:49:06.468 [181351] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:49:06.517 [181351] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:49:06.696 [181351] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:49:06.697 [181378] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:49:06.697 [181382] info  communicator.cpp::processor processing starting
2026-01-28 19:49:06.698 [181379] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:49:13.022 [181379] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:49:13.023 [181379] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:49:13.025 [181381] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:49:13.025 [181381] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:49:13.025 [181381] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:49:13.025 [181381] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:49:13.025 [181381] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:49:13.025 [181381] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:49:13.226 [181381] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:49:13.226 [181381] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:49:13.226 [181381] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:49:13.231 [181381] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:49:13.351 [181381] info  client.cpp::callSync []
2026-01-28 19:49:14.356 [181381] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:49:14.356 [181381] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:49:14.438 [181381] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:49:18.446 [181381] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:49:19.159 [181378] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:49:22.467 [181381] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:49:22.650 [181382] info  communicator.cpp::processor processing exited
2026-01-28 19:49:36.651 [181351] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:49:37.651 [181351] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:49:37.661 [182251] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 19:49:37.662 [182251] info  mbdaemon.cpp::main logLevel is info
2026-01-28 19:49:37.662 [182251] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:49:37.662 [182251] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:49:37.662 [182251] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:49:37.770 [182251] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:49:37.818 [182251] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:49:37.992 [182251] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:49:37.992 [182268] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:49:37.993 [182272] info  communicator.cpp::processor processing starting
2026-01-28 19:49:37.994 [182269] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:49:44.316 [182269] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:49:44.317 [182269] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:49:44.319 [182271] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:49:44.319 [182271] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:49:44.319 [182271] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:49:44.319 [182271] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:49:44.319 [182271] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:49:44.319 [182271] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:49:44.590 [182271] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:49:44.590 [182271] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:49:44.590 [182271] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:49:44.594 [182271] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:49:44.712 [182271] info  client.cpp::callSync []
2026-01-28 19:49:45.717 [182271] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:49:45.717 [182271] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:49:45.854 [182271] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:49:49.459 [182268] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:49:49.862 [182271] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:49:50.297 [182272] info  communicator.cpp::processor processing exited
2026-01-28 19:50:06.460 [182251] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:50:07.460 [182251] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:50:07.469 [183592] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 19:50:07.469 [183592] info  mbdaemon.cpp::main logLevel is info
2026-01-28 19:50:07.469 [183592] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:50:07.469 [183592] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:50:07.469 [183592] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:50:07.618 [183592] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:50:07.677 [183592] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:50:07.846 [183592] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:50:07.846 [183603] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:50:07.846 [183607] info  communicator.cpp::processor processing starting
2026-01-28 19:50:07.848 [183604] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:50:14.166 [183604] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:50:15.618 [183606] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:50:15.618 [183606] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:50:15.618 [183606] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:50:15.618 [183606] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:50:15.880 [183604] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:50:15.884 [183606] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:50:15.884 [183606] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:50:16.078 [183606] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:50:16.078 [183606] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:50:16.078 [183606] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:50:16.310 [183606] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:50:16.396 [183606] info  client.cpp::callSync []
2026-01-28 19:50:17.400 [183606] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:50:18.314 [183606] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:50:18.314 [183606] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:50:18.396 [183606] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:50:22.005 [183603] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:50:22.403 [183606] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:50:23.536 [183607] info  communicator.cpp::processor processing exited
2026-01-28 19:50:40.006 [183592] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:50:40.014 [183948] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 19:50:40.015 [183948] info  mbdaemon.cpp::main logLevel is info
2026-01-28 19:50:40.015 [183948] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:50:40.015 [183948] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:50:40.015 [183948] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:50:40.124 [183948] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:50:40.173 [183948] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:50:40.302 [183948] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:50:40.302 [183968] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:50:40.303 [183972] info  communicator.cpp::processor processing starting
2026-01-28 19:50:40.304 [183969] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:50:45.621 [183969] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:50:45.621 [183969] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:50:45.623 [183971] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:50:45.623 [183971] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:50:45.623 [183971] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:50:45.623 [183971] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:50:45.624 [183971] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:50:45.624 [183971] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:50:45.818 [183971] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:50:45.818 [183971] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:50:45.818 [183971] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:50:45.822 [183971] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:50:45.909 [183971] info  client.cpp::callSync []
2026-01-28 19:50:46.913 [183971] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:50:46.914 [183971] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:50:46.914 [183971] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:50:47.066 [183971] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:50:51.074 [183971] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:50:52.802 [183968] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:50:55.131 [183971] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:50:56.041 [183972] info  communicator.cpp::processor processing exited
2026-01-28 19:51:10.042 [183948] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:51:11.042 [183948] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:51:11.052 [185031] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 19:51:11.052 [185031] info  mbdaemon.cpp::main logLevel is info
2026-01-28 19:51:11.052 [185031] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:51:11.052 [185031] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:51:11.052 [185031] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:51:11.188 [185031] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:51:11.239 [185031] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:51:11.446 [185031] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:51:11.446 [185045] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:51:11.446 [185049] info  communicator.cpp::processor processing starting
2026-01-28 19:51:11.449 [185046] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:51:16.864 [185046] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:51:16.864 [185046] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:51:16.867 [185048] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:51:16.868 [185048] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:51:16.868 [185048] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:51:16.868 [185048] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:51:16.868 [185048] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:51:16.868 [185048] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:51:17.074 [185048] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:51:17.074 [185048] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:51:17.074 [185048] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:51:17.080 [185048] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:51:17.191 [185048] info  client.cpp::callSync []
2026-01-28 19:51:18.200 [185048] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:51:18.200 [185048] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:51:18.312 [185048] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:51:22.027 [185045] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:51:22.321 [185048] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:51:23.411 [185049] info  communicator.cpp::processor processing exited
2026-01-28 19:51:39.028 [185031] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:51:40.028 [185031] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:51:40.038 [185944] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 19:51:40.038 [185944] info  mbdaemon.cpp::main logLevel is info
2026-01-28 19:51:40.038 [185944] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:51:40.039 [185944] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:51:40.039 [185944] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:51:40.148 [185944] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:51:40.197 [185944] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:51:40.374 [185944] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:51:40.374 [185960] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:51:40.375 [185964] info  communicator.cpp::processor processing starting
2026-01-28 19:51:40.377 [185961] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:51:44.698 [185961] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:51:44.698 [185961] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:51:44.701 [185963] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:51:44.701 [185963] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:51:44.701 [185963] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:51:44.701 [185963] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:51:44.701 [185963] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:51:44.701 [185963] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:51:44.964 [185963] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:51:44.964 [185963] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:51:44.964 [185963] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:51:44.970 [185963] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:51:45.081 [185963] info  client.cpp::callSync []
2026-01-28 19:51:46.087 [185963] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:51:46.087 [185963] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:51:46.087 [185963] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:51:46.209 [185963] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:51:50.216 [185963] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:51:51.836 [185960] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:51:54.254 [185963] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:51:55.261 [185964] info  communicator.cpp::processor processing exited
2026-01-28 19:52:09.262 [185944] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:52:10.262 [185944] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:52:10.271 [186885] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 19:52:10.271 [186885] info  mbdaemon.cpp::main logLevel is info
2026-01-28 19:52:10.271 [186885] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:52:10.272 [186885] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:52:10.272 [186885] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:52:10.382 [186885] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:52:10.437 [186885] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:52:10.622 [186885] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:52:10.622 [186902] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:52:10.622 [186906] info  communicator.cpp::processor processing starting
2026-01-28 19:52:10.624 [186903] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:52:16.964 [186903] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:52:16.964 [186903] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:52:16.967 [186905] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:52:16.967 [186905] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:52:16.968 [186905] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:52:16.968 [186905] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:52:16.968 [186905] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:52:16.968 [186905] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:52:17.161 [186905] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:52:17.161 [186905] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:52:17.161 [186905] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:52:17.167 [186905] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:52:17.258 [186905] info  client.cpp::callSync []
2026-01-28 19:52:18.263 [186905] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:52:18.263 [186905] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:52:18.402 [186905] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:52:22.410 [186905] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:52:24.106 [186902] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:52:26.434 [186905] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:52:27.610 [186906] info  communicator.cpp::processor processing exited
2026-01-28 19:52:41.611 [186885] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:52:42.611 [186885] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:52:42.620 [187998] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 19:52:42.620 [187998] info  mbdaemon.cpp::main logLevel is info
2026-01-28 19:52:42.620 [187998] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:52:42.621 [187998] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:52:42.621 [187998] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:52:42.729 [187998] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:52:42.778 [187998] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:52:42.943 [187998] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:52:42.943 [188004] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:52:42.943 [188008] info  communicator.cpp::processor processing starting
2026-01-28 19:52:42.945 [188005] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:52:49.268 [188005] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:52:49.268 [188005] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:52:49.270 [188007] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:52:49.270 [188007] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:52:49.270 [188007] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:52:49.270 [188007] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:52:49.271 [188007] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:52:49.271 [188007] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:52:49.480 [188007] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:52:49.482 [188007] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:52:49.482 [188007] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:52:49.497 [188007] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:52:49.585 [188007] info  client.cpp::callSync []
2026-01-28 19:52:50.589 [188007] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:52:50.589 [188007] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:52:50.710 [188007] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:52:54.716 [188007] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:52:56.414 [188004] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:52:57.737 [188007] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:52:58.837 [188008] info  communicator.cpp::processor processing exited
2026-01-28 19:53:13.415 [187998] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:53:14.415 [187998] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:53:14.424 [188982] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 19:53:14.424 [188982] info  mbdaemon.cpp::main logLevel is info
2026-01-28 19:53:14.424 [188982] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:53:14.425 [188982] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:53:14.425 [188982] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:53:14.533 [188982] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:53:14.586 [188982] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:53:14.763 [188982] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:53:14.763 [189011] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:53:14.763 [189015] info  communicator.cpp::processor processing starting
2026-01-28 19:53:14.765 [189012] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:53:21.088 [189012] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:53:21.282 [189012] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:53:21.285 [189014] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:53:21.285 [189014] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:53:21.286 [189014] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:53:21.286 [189014] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:53:21.286 [189014] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:53:21.286 [189014] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:53:21.497 [189014] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:53:21.580 [189014] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:53:21.580 [189014] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:53:21.605 [189014] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:53:21.713 [189014] info  client.cpp::callSync []
2026-01-28 19:53:22.718 [189014] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:53:22.718 [189014] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:53:22.800 [189014] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:53:26.429 [189011] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:53:26.808 [189014] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:53:27.581 [189015] info  communicator.cpp::processor processing exited
2026-01-28 19:53:43.430 [188982] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:53:44.430 [188982] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:53:44.439 [189932] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 19:53:44.439 [189932] info  mbdaemon.cpp::main logLevel is info
2026-01-28 19:53:44.439 [189932] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:53:44.439 [189932] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:53:44.439 [189932] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:53:44.548 [189932] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:53:44.597 [189932] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:53:44.719 [189932] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:53:44.719 [189942] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:53:44.720 [189946] info  communicator.cpp::processor processing starting
2026-01-28 19:53:44.721 [189943] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:53:51.042 [189943] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:53:51.042 [189943] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:53:51.044 [189945] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:53:51.044 [189945] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:53:51.044 [189945] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:53:51.044 [189945] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:53:51.044 [189945] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:53:51.044 [189945] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:53:51.258 [189945] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:53:51.258 [189945] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:53:51.258 [189945] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:53:51.263 [189945] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:53:51.374 [189945] info  client.cpp::callSync []
2026-01-28 19:53:52.380 [189945] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:53:52.380 [189945] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:53:52.380 [189945] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:53:52.464 [189945] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:53:56.175 [189942] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:53:56.471 [189945] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:53:57.515 [189946] info  communicator.cpp::processor processing exited
2026-01-28 19:54:13.176 [189932] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:54:14.176 [189932] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:54:14.184 [191019] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 19:54:14.185 [191019] info  mbdaemon.cpp::main logLevel is info
2026-01-28 19:54:14.185 [191019] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:54:14.185 [191019] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:54:14.185 [191019] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:54:14.295 [191019] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:54:14.343 [191019] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:54:14.507 [191019] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:54:14.507 [191026] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:54:14.507 [191030] info  communicator.cpp::processor processing starting
2026-01-28 19:54:14.508 [191027] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:54:20.824 [191027] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:54:20.824 [191027] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:54:20.825 [191029] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:54:20.825 [191029] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:54:20.825 [191029] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:54:20.825 [191029] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:54:20.826 [191029] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:54:20.826 [191029] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:54:21.017 [191029] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:54:21.017 [191029] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:54:21.017 [191029] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:54:21.021 [191029] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:54:21.113 [191029] info  client.cpp::callSync []
2026-01-28 19:54:22.117 [191029] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:54:22.117 [191029] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:54:22.117 [191029] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:54:22.269 [191029] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:54:26.276 [191029] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:54:27.953 [191026] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:54:30.295 [191029] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:54:31.109 [191030] info  communicator.cpp::processor processing exited
2026-01-28 19:54:45.110 [191019] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:54:46.110 [191019] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:54:46.119 [192020] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 19:54:46.119 [192020] info  mbdaemon.cpp::main logLevel is info
2026-01-28 19:54:46.119 [192020] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:54:46.119 [192020] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:54:46.119 [192020] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:54:46.227 [192020] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:54:46.276 [192020] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:54:46.451 [192020] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:54:46.451 [192038] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:54:46.451 [192042] info  communicator.cpp::processor processing starting
2026-01-28 19:54:46.453 [192039] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:54:52.780 [192039] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:54:52.780 [192039] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:54:52.782 [192041] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:54:52.782 [192041] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:54:52.782 [192041] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:54:52.782 [192041] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:54:52.782 [192041] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:54:52.782 [192041] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:54:52.974 [192041] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:54:52.974 [192041] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:54:52.974 [192041] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:54:52.977 [192041] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:54:53.066 [192041] info  client.cpp::callSync []
2026-01-28 19:54:54.071 [192041] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:54:54.071 [192041] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:54:54.233 [192041] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:54:58.241 [192041] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:54:58.917 [192038] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:55:02.262 [192041] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:55:03.212 [192042] info  communicator.cpp::processor processing exited
2026-01-28 19:55:17.213 [192020] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:55:17.223 [192894] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 19:55:17.223 [192894] info  mbdaemon.cpp::main logLevel is info
2026-01-28 19:55:17.223 [192894] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:55:17.223 [192894] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:55:17.223 [192894] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:55:17.332 [192894] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:55:17.381 [192894] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:55:17.553 [192894] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:55:17.553 [192905] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:55:17.553 [192909] info  communicator.cpp::processor processing starting
2026-01-28 19:55:17.555 [192906] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:55:23.875 [192906] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:55:23.894 [192906] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:55:23.896 [192908] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:55:23.903 [192908] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:55:23.904 [192908] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:55:23.904 [192908] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:55:23.904 [192908] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:55:23.904 [192908] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:55:24.155 [192908] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:55:24.155 [192908] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:55:24.155 [192908] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:55:24.160 [192908] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:55:24.265 [192908] info  client.cpp::callSync []
2026-01-28 19:55:25.272 [192908] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:55:25.272 [192908] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:55:25.408 [192908] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:55:29.415 [192908] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:55:30.094 [192905] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:55:33.436 [192908] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:55:34.001 [192909] info  communicator.cpp::processor processing exited
2026-01-28 19:55:48.003 [192894] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:55:49.003 [192894] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:55:49.012 [193849] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 19:55:49.012 [193849] info  mbdaemon.cpp::main logLevel is info
2026-01-28 19:55:49.012 [193849] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:55:49.013 [193849] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:55:49.013 [193849] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:55:49.121 [193849] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:55:49.170 [193849] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:55:49.349 [193849] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:55:49.349 [193855] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:55:49.349 [193859] info  communicator.cpp::processor processing starting
2026-01-28 19:55:49.351 [193856] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:55:55.672 [193856] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:55:55.672 [193856] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:55:55.674 [193858] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:55:55.674 [193858] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:55:55.675 [193858] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:55:55.675 [193858] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:55:55.675 [193858] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:55:55.675 [193858] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:55:55.867 [193858] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:55:55.867 [193858] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:55:55.867 [193858] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:55:55.872 [193858] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:55:55.958 [193858] info  client.cpp::callSync []
2026-01-28 19:55:56.962 [193858] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:55:56.963 [193858] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:55:57.110 [193858] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:56:01.118 [193858] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:56:01.807 [193855] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:56:05.140 [193858] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:56:06.313 [193859] info  communicator.cpp::processor processing exited
2026-01-28 19:56:20.314 [193849] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:56:21.315 [193849] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:56:21.324 [194697] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 19:56:21.324 [194697] info  mbdaemon.cpp::main logLevel is info
2026-01-28 19:56:21.324 [194697] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:56:21.324 [194697] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:56:21.324 [194697] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:56:21.432 [194697] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:56:21.481 [194697] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:56:21.654 [194697] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:56:21.654 [194705] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:56:21.654 [194709] info  communicator.cpp::processor processing starting
2026-01-28 19:56:21.656 [194706] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:56:27.979 [194706] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:56:27.979 [194706] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:56:27.981 [194708] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:56:27.981 [194708] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:56:27.981 [194708] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:56:27.981 [194708] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:56:27.981 [194708] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:56:27.981 [194708] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:56:28.182 [194708] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:56:28.182 [194708] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:56:28.182 [194708] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:56:28.187 [194708] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:56:28.273 [194708] info  client.cpp::callSync []
2026-01-28 19:56:29.278 [194708] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:56:29.278 [194708] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:56:29.427 [194708] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:56:33.432 [194708] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:56:35.114 [194705] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:56:37.459 [194708] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:56:37.812 [194709] info  communicator.cpp::processor processing exited
2026-01-28 19:56:52.115 [194697] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:56:53.116 [194697] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:56:53.125 [195502] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 19:56:53.125 [195502] info  mbdaemon.cpp::main logLevel is info
2026-01-28 19:56:53.125 [195502] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:56:53.125 [195502] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:56:53.125 [195502] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:56:53.233 [195502] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:56:53.283 [195502] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:56:53.457 [195502] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:56:53.457 [195517] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:56:53.458 [195521] info  communicator.cpp::processor processing starting
2026-01-28 19:56:53.460 [195518] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:56:59.782 [195518] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:56:59.782 [195518] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:56:59.784 [195520] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:56:59.784 [195520] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:56:59.784 [195520] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:56:59.784 [195520] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:56:59.784 [195520] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:56:59.784 [195520] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:57:00.076 [195520] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:57:00.077 [195520] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:57:00.077 [195520] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:57:00.082 [195520] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:57:00.190 [195520] info  client.cpp::callSync []
2026-01-28 19:57:01.197 [195520] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:57:01.197 [195520] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:57:01.337 [195520] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:57:03.924 [195517] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:57:05.427 [195521] info  communicator.cpp::processor processing exited
2026-01-28 19:57:20.925 [195502] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:57:21.925 [195502] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:57:21.934 [196268] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 19:57:21.934 [196268] info  mbdaemon.cpp::main logLevel is info
2026-01-28 19:57:21.934 [196268] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:57:21.934 [196268] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:57:21.934 [196268] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:57:22.043 [196268] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:57:22.092 [196268] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:57:22.271 [196268] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:57:22.271 [196274] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:57:22.271 [196278] info  communicator.cpp::processor processing starting
2026-01-28 19:57:22.273 [196275] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:57:28.613 [196275] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:57:28.614 [196275] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:57:28.616 [196277] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:57:28.616 [196277] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:57:28.616 [196277] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:57:28.616 [196277] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:57:28.616 [196277] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:57:28.616 [196277] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:57:28.839 [196277] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:57:28.839 [196277] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:57:28.839 [196277] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:57:28.844 [196277] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:57:28.938 [196277] info  client.cpp::callSync []
2026-01-28 19:57:29.944 [196277] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:57:29.944 [196277] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:57:30.041 [196277] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:57:32.752 [196274] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:57:34.139 [196278] info  communicator.cpp::processor processing exited
2026-01-28 19:57:49.753 [196268] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:57:50.753 [196268] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:57:50.762 [197205] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 19:57:50.762 [197205] info  mbdaemon.cpp::main logLevel is info
2026-01-28 19:57:50.762 [197205] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:57:50.762 [197205] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:57:50.762 [197205] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:57:50.871 [197205] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:57:50.919 [197205] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:57:51.095 [197205] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:57:51.095 [197213] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:57:51.095 [197217] info  communicator.cpp::processor processing starting
2026-01-28 19:57:51.097 [197214] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:57:57.438 [197214] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:57:57.438 [197214] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:57:57.442 [197216] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:57:57.442 [197216] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:57:57.442 [197216] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:57:57.442 [197216] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:57:57.442 [197216] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:57:57.442 [197216] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:57:57.650 [197216] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:57:57.650 [197216] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:57:57.650 [197216] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:57:57.657 [197216] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:57:57.744 [197216] info  client.cpp::callSync []
2026-01-28 19:57:58.749 [197216] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:57:58.749 [197216] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:57:58.861 [197216] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:58:02.869 [197216] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:58:04.577 [197213] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:58:06.891 [197216] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:58:07.256 [197217] info  communicator.cpp::processor processing exited
2026-01-28 19:58:21.579 [197205] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:58:22.579 [197205] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:58:22.588 [198303] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 19:58:22.588 [198303] info  mbdaemon.cpp::main logLevel is info
2026-01-28 19:58:22.588 [198303] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:58:22.589 [198303] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:58:22.589 [198303] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:58:22.697 [198303] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:58:22.746 [198303] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:58:22.921 [198303] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:58:22.921 [198309] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:58:22.921 [198313] info  communicator.cpp::processor processing starting
2026-01-28 19:58:22.923 [198310] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:58:28.253 [198310] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:58:28.253 [198310] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:58:28.255 [198312] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:58:28.255 [198312] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:58:28.255 [198312] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:58:28.255 [198312] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:58:28.255 [198312] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:58:28.255 [198312] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:58:28.446 [198312] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:58:28.447 [198312] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:58:28.447 [198312] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:58:28.451 [198312] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:58:28.539 [198312] info  client.cpp::callSync []
2026-01-28 19:58:29.544 [198312] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:58:29.544 [198312] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:58:29.693 [198312] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:58:33.701 [198312] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:58:34.430 [198309] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:58:37.728 [198312] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:58:38.250 [198313] info  communicator.cpp::processor processing exited
2026-01-28 19:58:52.251 [198303] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:58:53.251 [198303] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:58:53.260 [199276] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 19:58:53.261 [199276] info  mbdaemon.cpp::main logLevel is info
2026-01-28 19:58:53.261 [199276] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:58:53.261 [199276] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:58:53.261 [199276] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:58:53.369 [199276] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:58:53.418 [199276] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:58:53.588 [199276] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:58:53.588 [199298] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:58:53.588 [199302] info  communicator.cpp::processor processing starting
2026-01-28 19:58:53.589 [199299] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:58:59.915 [199299] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:58:59.915 [199299] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:58:59.917 [199301] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:58:59.917 [199301] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:58:59.917 [199301] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:58:59.917 [199301] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:58:59.917 [199301] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:58:59.917 [199301] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:59:00.111 [199301] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:59:00.111 [199301] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:59:00.111 [199301] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:59:00.115 [199301] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:59:00.213 [199301] info  client.cpp::callSync []
2026-01-28 19:59:01.217 [199301] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:59:01.217 [199301] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:59:01.361 [199301] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:59:05.368 [199301] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:59:07.053 [199298] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:59:09.389 [199301] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:59:09.705 [199302] info  communicator.cpp::processor processing exited
2026-01-28 19:59:24.054 [199276] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:59:25.054 [199276] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:59:25.063 [200197] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 19:59:25.063 [200197] info  mbdaemon.cpp::main logLevel is info
2026-01-28 19:59:25.063 [200197] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:59:25.063 [200197] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:59:25.063 [200197] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:59:25.172 [200197] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:59:25.220 [200197] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:59:25.359 [200197] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:59:25.360 [200207] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:59:25.360 [200211] info  communicator.cpp::processor processing starting
2026-01-28 19:59:25.361 [200208] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:59:31.708 [200208] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 19:59:31.708 [200208] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 19:59:31.711 [200210] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 19:59:31.711 [200210] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 19:59:31.711 [200210] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 19:59:31.711 [200210] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 19:59:31.711 [200210] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 19:59:31.711 [200210] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 19:59:31.904 [200210] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 19:59:31.905 [200210] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 19:59:31.905 [200210] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 19:59:31.909 [200210] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 19:59:31.997 [200210] info  client.cpp::callSync []
2026-01-28 19:59:33.003 [200210] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 19:59:33.003 [200210] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 19:59:33.135 [200210] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 19:59:37.143 [200210] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:59:38.847 [200207] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 19:59:41.164 [200210] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 19:59:41.514 [200211] info  communicator.cpp::processor processing exited
2026-01-28 19:59:55.848 [200197] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 19:59:56.848 [200197] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 19:59:56.859 [201034] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 19:59:56.859 [201034] info  mbdaemon.cpp::main logLevel is info
2026-01-28 19:59:56.859 [201034] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 19:59:56.859 [201034] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 19:59:56.859 [201034] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 19:59:56.968 [201034] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 19:59:57.018 [201034] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 19:59:57.192 [201034] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 19:59:57.192 [201044] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 19:59:57.192 [201048] info  communicator.cpp::processor processing starting
2026-01-28 19:59:57.194 [201045] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:00:01.566 [201045] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:00:01.566 [201045] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:00:01.568 [201047] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:00:01.568 [201047] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:00:01.568 [201047] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:00:01.568 [201047] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:00:01.568 [201047] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:00:01.568 [201047] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:00:01.775 [201047] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:00:01.775 [201047] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:00:01.775 [201047] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:00:01.779 [201047] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:00:01.878 [201047] info  client.cpp::callSync []
2026-01-28 20:00:02.882 [201047] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:00:02.882 [201047] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:00:02.996 [201047] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:00:07.002 [201047] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:00:08.696 [201044] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:00:11.022 [201047] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:00:12.195 [201048] info  communicator.cpp::processor processing exited
2026-01-28 20:00:26.196 [201034] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:00:27.196 [201034] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:00:27.205 [202270] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:00:27.205 [202270] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:00:27.205 [202270] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:00:27.205 [202270] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:00:27.205 [202270] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:00:27.314 [202270] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:00:27.364 [202270] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:00:27.554 [202270] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:00:27.554 [202306] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:00:27.554 [202310] info  communicator.cpp::processor processing starting
2026-01-28 20:00:27.556 [202307] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:00:33.887 [202307] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:00:33.888 [202307] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:00:33.890 [202309] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:00:33.890 [202309] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:00:33.890 [202309] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:00:33.890 [202309] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:00:33.890 [202309] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:00:33.890 [202309] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:00:34.104 [202309] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:00:34.104 [202309] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:00:34.104 [202309] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:00:34.110 [202309] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:00:34.215 [202309] info  client.cpp::callSync []
2026-01-28 20:00:35.221 [202309] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:00:35.222 [202309] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:00:35.308 [202309] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:00:39.317 [202309] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:00:40.027 [202306] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:00:43.337 [202309] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:00:44.494 [202310] info  communicator.cpp::processor processing exited
2026-01-28 20:00:58.496 [202270] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:00:59.496 [202270] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:00:59.505 [203208] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:00:59.505 [203208] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:00:59.505 [203208] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:00:59.505 [203208] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:00:59.505 [203208] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:00:59.613 [203208] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:00:59.662 [203208] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:00:59.837 [203208] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:00:59.837 [203214] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:00:59.838 [203218] info  communicator.cpp::processor processing starting
2026-01-28 20:00:59.839 [203215] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:01:06.181 [203215] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:01:06.182 [203215] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:01:06.185 [203217] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:01:06.185 [203217] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:01:06.185 [203217] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:01:06.185 [203217] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:01:06.185 [203217] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:01:06.185 [203217] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:01:06.378 [203217] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:01:06.378 [203217] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:01:06.378 [203217] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:01:06.384 [203217] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:01:06.475 [203217] info  client.cpp::callSync []
2026-01-28 20:01:07.480 [203217] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:01:07.480 [203217] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:01:07.644 [203217] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:01:10.327 [203214] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:01:11.743 [203218] info  communicator.cpp::processor processing exited
2026-01-28 20:01:27.328 [203208] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:01:28.328 [203208] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:01:28.338 [204072] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:01:28.338 [204072] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:01:28.338 [204072] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:01:28.338 [204072] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:01:28.338 [204072] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:01:28.448 [204072] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:01:28.497 [204072] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:01:28.677 [204072] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:01:28.677 [204101] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:01:28.678 [204105] info  communicator.cpp::processor processing starting
2026-01-28 20:01:28.679 [204102] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:01:35.008 [204102] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:01:35.008 [204102] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:01:35.010 [204104] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:01:35.010 [204104] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:01:35.010 [204104] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:01:35.010 [204104] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:01:35.010 [204104] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:01:35.010 [204104] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:01:35.204 [204104] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:01:35.204 [204104] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:01:35.204 [204104] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:01:35.209 [204104] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:01:35.298 [204104] info  client.cpp::callSync []
2026-01-28 20:01:36.304 [204104] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:01:36.304 [204104] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:01:36.457 [204104] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:01:40.465 [204104] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:01:42.148 [204101] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:01:44.489 [204104] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:01:44.855 [204105] info  communicator.cpp::processor processing exited
2026-01-28 20:01:59.149 [204072] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:02:00.149 [204072] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:02:00.158 [205047] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:02:00.159 [205047] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:02:00.159 [205047] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:02:00.159 [205047] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:02:00.159 [205047] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:02:00.267 [205047] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:02:00.316 [205047] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:02:00.489 [205047] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:02:00.489 [205053] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:02:00.489 [205057] info  communicator.cpp::processor processing starting
2026-01-28 20:02:00.491 [205054] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:02:04.813 [205054] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:02:04.813 [205054] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:02:04.815 [205056] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:02:04.815 [205056] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:02:04.815 [205056] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:02:04.816 [205056] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:02:04.816 [205056] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:02:04.816 [205056] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:02:05.033 [205056] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:02:05.034 [205056] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:02:05.034 [205056] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:02:05.038 [205056] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:02:05.127 [205056] info  client.cpp::callSync []
2026-01-28 20:02:06.132 [205056] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:02:06.132 [205056] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:02:06.263 [205056] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:02:08.962 [205053] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:02:10.358 [205057] info  communicator.cpp::processor processing exited
2026-01-28 20:02:25.963 [205047] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:02:26.963 [205047] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:02:26.972 [205870] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:02:26.972 [205870] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:02:26.972 [205870] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:02:26.972 [205870] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:02:26.972 [205870] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:02:27.081 [205870] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:02:27.130 [205870] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:02:27.309 [205870] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:02:27.310 [205877] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:02:27.310 [205881] info  communicator.cpp::processor processing starting
2026-01-28 20:02:27.311 [205878] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:02:33.654 [205878] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:02:33.654 [205878] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:02:33.658 [205880] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:02:33.658 [205880] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:02:33.658 [205880] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:02:33.658 [205880] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:02:33.658 [205880] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:02:33.658 [205880] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:02:33.875 [205880] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:02:33.875 [205880] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:02:33.875 [205880] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:02:33.882 [205880] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:02:33.969 [205880] info  client.cpp::callSync []
2026-01-28 20:02:34.974 [205880] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:02:34.974 [205880] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:02:35.097 [205880] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:02:38.107 [205880] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:02:40.795 [205877] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:02:42.135 [205880] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:02:43.252 [205881] info  communicator.cpp::processor processing exited
2026-01-28 20:02:57.796 [205870] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:02:58.796 [205870] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:02:58.805 [206834] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:02:58.806 [206834] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:02:58.806 [206834] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:02:58.806 [206834] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:02:58.806 [206834] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:02:58.914 [206834] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:02:58.964 [206834] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:02:59.142 [206834] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:02:59.142 [206845] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:02:59.142 [206849] info  communicator.cpp::processor processing starting
2026-01-28 20:02:59.144 [206846] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:03:05.468 [206846] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:03:05.469 [206846] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:03:05.471 [206848] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:03:05.471 [206848] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:03:05.471 [206848] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:03:05.471 [206848] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:03:05.471 [206848] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:03:05.471 [206848] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:03:05.665 [206848] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:03:05.665 [206848] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:03:05.665 [206848] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:03:05.670 [206848] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:03:05.762 [206848] info  client.cpp::callSync []
2026-01-28 20:03:06.767 [206848] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:03:06.767 [206848] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:03:06.907 [206848] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:03:10.914 [206848] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:03:12.608 [206845] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:03:14.934 [206848] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:03:15.542 [206849] info  communicator.cpp::processor processing exited
2026-01-28 20:03:29.609 [206834] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:03:30.609 [206834] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:03:30.618 [207774] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:03:30.618 [207774] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:03:30.618 [207774] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:03:30.619 [207774] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:03:30.619 [207774] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:03:30.727 [207774] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:03:30.775 [207774] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:03:30.948 [207774] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:03:30.948 [207784] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:03:30.948 [207789] info  communicator.cpp::processor processing starting
2026-01-28 20:03:30.950 [207785] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:03:37.273 [207785] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:03:37.273 [207785] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:03:37.275 [207788] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:03:37.275 [207788] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:03:37.275 [207788] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:03:37.275 [207788] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:03:37.276 [207788] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:03:37.276 [207788] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:03:37.468 [207788] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:03:37.468 [207788] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:03:37.468 [207788] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:03:37.473 [207788] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:03:37.568 [207788] info  client.cpp::callSync []
2026-01-28 20:03:38.573 [207788] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:03:38.573 [207788] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:03:38.719 [207788] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:03:42.726 [207788] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:03:43.409 [207784] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:03:45.745 [207788] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:03:46.375 [207789] info  communicator.cpp::processor processing exited
2026-01-28 20:04:00.410 [207774] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:04:01.410 [207774] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:04:01.419 [208609] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:04:01.420 [208609] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:04:01.420 [208609] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:04:01.420 [208609] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:04:01.420 [208609] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:04:01.528 [208609] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:04:01.577 [208609] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:04:01.761 [208609] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:04:01.761 [208621] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:04:01.761 [208625] info  communicator.cpp::processor processing starting
2026-01-28 20:04:01.763 [208622] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:04:08.104 [208622] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:04:08.105 [208622] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:04:08.108 [208624] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:04:08.108 [208624] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:04:08.108 [208624] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:04:08.108 [208624] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:04:08.109 [208624] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:04:08.109 [208624] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:04:08.368 [208624] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:04:08.368 [208624] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:04:08.368 [208624] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:04:08.375 [208624] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:04:08.468 [208624] info  client.cpp::callSync []
2026-01-28 20:04:09.473 [208624] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:04:09.473 [208624] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:04:09.595 [208624] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:04:12.602 [208624] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:04:14.245 [208621] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:04:16.630 [208624] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:04:17.620 [208625] info  communicator.cpp::processor processing exited
2026-01-28 20:04:31.621 [208609] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:04:32.621 [208609] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:04:32.630 [209463] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:04:32.631 [209463] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:04:32.631 [209463] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:04:32.631 [209463] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:04:32.631 [209463] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:04:32.739 [209463] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:04:32.787 [209463] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:04:32.963 [209463] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:04:32.963 [209485] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:04:32.963 [209489] info  communicator.cpp::processor processing starting
2026-01-28 20:04:32.965 [209486] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:04:39.290 [209486] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:04:39.290 [209486] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:04:39.293 [209488] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:04:39.293 [209488] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:04:39.293 [209488] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:04:39.293 [209488] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:04:39.293 [209488] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:04:39.293 [209488] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:04:39.485 [209488] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:04:39.485 [209488] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:04:39.485 [209488] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:04:39.490 [209488] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:04:39.579 [209488] info  client.cpp::callSync []
2026-01-28 20:04:40.584 [209488] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:04:40.584 [209488] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:04:40.705 [209488] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:04:44.713 [209488] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:04:45.429 [209485] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:04:47.732 [209488] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:04:48.906 [209489] info  communicator.cpp::processor processing exited
2026-01-28 20:05:02.907 [209463] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:05:03.907 [209463] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:05:03.917 [210397] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:05:03.917 [210397] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:05:03.917 [210397] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:05:03.917 [210397] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:05:03.917 [210397] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:05:04.048 [210397] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:05:04.124 [210397] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:05:04.304 [210397] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:05:04.304 [210413] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:05:04.304 [210417] info  communicator.cpp::processor processing starting
2026-01-28 20:05:04.306 [210414] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:05:10.628 [210414] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:05:10.628 [210414] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:05:10.631 [210416] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:05:10.631 [210416] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:05:10.631 [210416] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:05:10.631 [210416] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:05:10.631 [210416] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:05:10.631 [210416] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:05:10.836 [210416] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:05:10.836 [210416] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:05:10.836 [210416] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:05:10.841 [210416] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:05:10.950 [210416] info  client.cpp::callSync []
2026-01-28 20:05:11.957 [210416] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:05:11.957 [210416] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:05:12.068 [210416] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:05:15.077 [210416] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:05:17.768 [210413] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:05:19.099 [210416] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:05:19.425 [210417] info  communicator.cpp::processor processing exited
2026-01-28 20:05:34.769 [210397] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:05:35.769 [210397] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:05:35.778 [211182] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:05:35.779 [211182] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:05:35.779 [211182] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:05:35.779 [211182] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:05:35.779 [211182] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:05:35.893 [211182] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:05:35.947 [211182] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:05:36.167 [211182] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:05:36.167 [211189] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:05:36.167 [211193] info  communicator.cpp::processor processing starting
2026-01-28 20:05:36.169 [211190] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:05:42.496 [211190] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:05:42.496 [211190] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:05:42.498 [211192] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:05:42.499 [211192] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:05:42.499 [211192] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:05:42.499 [211192] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:05:42.499 [211192] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:05:42.499 [211192] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:05:42.755 [211192] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:05:42.755 [211192] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:05:42.755 [211192] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:05:42.760 [211192] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:05:42.892 [211192] info  client.cpp::callSync []
2026-01-28 20:05:43.900 [211192] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:05:43.900 [211192] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:05:44.044 [211192] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:05:48.051 [211192] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:05:48.636 [211189] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:05:52.073 [211192] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:05:53.248 [211193] info  communicator.cpp::processor processing exited
2026-01-28 20:06:07.249 [211182] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:06:08.249 [211182] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:06:08.259 [212097] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:06:08.259 [212097] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:06:08.259 [212097] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:06:08.259 [212097] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:06:08.259 [212097] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:06:08.372 [212097] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:06:08.422 [212097] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:06:08.611 [212097] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:06:08.611 [212106] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:06:08.612 [212110] info  communicator.cpp::processor processing starting
2026-01-28 20:06:08.613 [212107] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:06:14.937 [212107] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:06:14.937 [212107] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:06:14.940 [212109] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:06:14.940 [212109] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:06:14.940 [212109] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:06:14.940 [212109] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:06:14.940 [212109] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:06:14.940 [212109] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:06:15.132 [212109] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:06:15.132 [212109] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:06:15.132 [212109] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:06:15.137 [212109] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:06:15.225 [212109] info  client.cpp::callSync []
2026-01-28 20:06:16.230 [212109] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:06:16.230 [212109] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:06:16.382 [212109] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:06:20.389 [212109] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:06:22.078 [212106] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:06:24.410 [212109] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:06:25.617 [212110] info  communicator.cpp::processor processing exited
2026-01-28 20:06:39.618 [212097] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:06:40.618 [212097] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:06:40.628 [213190] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:06:40.628 [213190] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:06:40.628 [213190] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:06:40.628 [213190] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:06:40.628 [213190] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:06:40.737 [213190] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:06:40.786 [213190] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:06:40.969 [213190] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:06:40.969 [213205] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:06:40.970 [213209] info  communicator.cpp::processor processing starting
2026-01-28 20:06:40.971 [213206] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:06:46.300 [213206] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:06:46.300 [213206] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:06:46.304 [213208] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:06:46.304 [213208] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:06:46.304 [213208] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:06:46.304 [213208] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:06:46.304 [213208] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:06:46.304 [213208] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:06:46.496 [213208] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:06:46.496 [213208] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:06:46.496 [213208] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:06:46.501 [213208] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:06:46.589 [213208] info  client.cpp::callSync []
2026-01-28 20:06:47.594 [213208] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:06:47.594 [213208] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:06:47.714 [213208] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:06:51.443 [213205] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:06:51.721 [213208] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:06:52.647 [213209] info  communicator.cpp::processor processing exited
2026-01-28 20:07:08.444 [213190] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:07:09.444 [213190] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:07:09.454 [213963] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:07:09.454 [213963] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:07:09.454 [213963] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:07:09.454 [213963] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:07:09.454 [213963] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:07:09.562 [213963] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:07:09.611 [213963] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:07:09.789 [213963] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:07:09.789 [213969] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:07:09.789 [213973] info  communicator.cpp::processor processing starting
2026-01-28 20:07:09.791 [213970] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:07:16.119 [213970] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:07:16.120 [213970] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:07:16.122 [213972] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:07:16.122 [213972] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:07:16.122 [213972] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:07:16.122 [213972] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:07:16.122 [213972] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:07:16.122 [213972] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:07:16.383 [213972] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:07:16.383 [213972] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:07:16.383 [213972] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:07:16.388 [213972] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:07:16.495 [213972] info  client.cpp::callSync []
2026-01-28 20:07:17.501 [213972] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:07:17.502 [213972] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:07:17.502 [213972] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:07:17.637 [213972] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:07:21.304 [213969] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:07:21.644 [213972] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:07:22.082 [213973] info  communicator.cpp::processor processing exited
2026-01-28 20:07:38.305 [213963] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:07:39.305 [213963] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:07:39.314 [214877] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:07:39.315 [214877] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:07:39.315 [214877] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:07:39.315 [214877] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:07:39.315 [214877] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:07:39.431 [214877] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:07:39.494 [214877] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:07:39.686 [214877] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:07:39.686 [214899] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:07:39.686 [214903] info  communicator.cpp::processor processing starting
2026-01-28 20:07:39.688 [214900] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:07:45.056 [214900] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:07:45.056 [214900] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:07:45.059 [214902] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:07:45.059 [214902] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:07:45.059 [214902] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:07:45.059 [214902] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:07:45.060 [214902] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:07:45.060 [214902] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:07:45.255 [214902] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:07:45.255 [214902] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:07:45.255 [214902] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:07:45.259 [214902] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:07:45.351 [214902] info  client.cpp::callSync []
2026-01-28 20:07:46.356 [214902] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:07:46.357 [214902] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:07:46.357 [214902] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:07:46.445 [214902] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:07:50.453 [214902] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:07:51.218 [214899] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:07:54.481 [214902] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:07:54.997 [214903] info  communicator.cpp::processor processing exited
2026-01-28 20:08:08.998 [214877] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:08:09.998 [214877] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:08:10.007 [215915] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:08:10.008 [215915] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:08:10.008 [215915] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:08:10.008 [215915] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:08:10.008 [215915] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:08:10.123 [215915] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:08:10.181 [215915] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:08:10.424 [215915] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:08:10.425 [215933] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:08:10.425 [215937] info  communicator.cpp::processor processing starting
2026-01-28 20:08:10.427 [215934] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:08:15.777 [215934] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:08:15.777 [215934] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:08:15.781 [215936] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:08:15.781 [215936] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:08:15.781 [215936] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:08:15.781 [215936] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:08:15.781 [215936] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:08:15.781 [215936] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:08:15.978 [215936] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:08:15.978 [215936] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:08:15.978 [215936] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:08:15.983 [215936] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:08:16.095 [215936] info  client.cpp::callSync []
2026-01-28 20:08:17.102 [215936] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:08:17.102 [215936] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:08:17.236 [215936] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:08:20.928 [215933] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:08:21.246 [215936] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:08:21.444 [215937] info  communicator.cpp::processor processing exited
2026-01-28 20:08:37.929 [215915] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:08:38.929 [215915] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:08:38.940 [216862] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:08:38.940 [216862] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:08:38.940 [216862] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:08:38.940 [216862] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:08:38.940 [216862] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:08:39.048 [216862] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:08:39.098 [216862] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:08:39.276 [216862] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:08:39.276 [216868] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:08:39.276 [216872] info  communicator.cpp::processor processing starting
2026-01-28 20:08:39.278 [216869] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:08:45.616 [216869] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:08:45.616 [216869] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:08:45.618 [216871] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:08:45.618 [216871] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:08:45.618 [216871] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:08:45.618 [216871] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:08:45.618 [216871] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:08:45.618 [216871] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:08:45.810 [216871] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:08:45.810 [216871] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:08:45.810 [216871] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:08:45.815 [216871] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:08:45.908 [216871] info  client.cpp::callSync []
2026-01-28 20:08:46.913 [216871] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:08:46.914 [216871] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:08:46.914 [216871] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:08:47.059 [216871] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:08:50.756 [216868] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:08:51.066 [216871] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:08:51.725 [216872] info  communicator.cpp::processor processing exited
2026-01-28 20:09:07.757 [216862] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:09:08.757 [216862] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:09:08.766 [217799] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:09:08.767 [217799] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:09:08.767 [217799] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:09:08.767 [217799] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:09:08.767 [217799] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:09:08.875 [217799] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:09:08.924 [217799] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:09:09.120 [217799] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:09:09.120 [217815] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:09:09.120 [217819] info  communicator.cpp::processor processing starting
2026-01-28 20:09:09.122 [217816] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:09:13.482 [217816] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:09:13.482 [217816] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:09:13.485 [217818] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:09:13.485 [217818] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:09:13.485 [217818] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:09:13.485 [217818] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:09:13.485 [217818] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:09:13.485 [217818] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:09:13.682 [217818] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:09:13.683 [217818] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:09:13.683 [217818] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:09:13.687 [217818] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:09:13.780 [217818] info  client.cpp::callSync []
2026-01-28 20:09:14.786 [217818] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:09:14.787 [217818] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:09:14.787 [217818] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:09:14.872 [217818] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:09:18.878 [217818] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:09:19.622 [217815] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:09:22.897 [217818] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:09:23.770 [217819] info  communicator.cpp::processor processing exited
2026-01-28 20:09:37.772 [217799] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:09:38.772 [217799] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:09:38.781 [218709] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:09:38.782 [218709] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:09:38.782 [218709] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:09:38.782 [218709] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:09:38.782 [218709] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:09:38.890 [218709] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:09:38.939 [218709] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:09:39.119 [218709] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:09:39.119 [218715] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:09:39.119 [218719] info  communicator.cpp::processor processing starting
2026-01-28 20:09:39.121 [218716] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:09:44.442 [218716] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:09:44.442 [218716] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:09:44.444 [218718] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:09:44.444 [218718] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:09:44.444 [218718] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:09:44.444 [218718] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:09:44.444 [218718] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:09:44.444 [218718] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:09:44.641 [218718] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:09:44.641 [218718] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:09:44.641 [218718] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:09:44.646 [218718] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:09:44.752 [218718] info  client.cpp::callSync []
2026-01-28 20:09:45.758 [218718] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:09:45.758 [218718] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:09:45.906 [218718] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:09:49.915 [218718] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:09:50.579 [218715] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:09:53.935 [218718] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:09:54.783 [218719] info  communicator.cpp::processor processing exited
2026-01-28 20:10:08.784 [218709] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:10:09.784 [218709] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:10:09.794 [219713] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:10:09.794 [219713] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:10:09.794 [219713] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:10:09.794 [219713] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:10:09.794 [219713] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:10:09.931 [219713] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:10:10.010 [219713] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:10:10.238 [219713] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:10:10.238 [219726] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:10:10.239 [219730] info  communicator.cpp::processor processing starting
2026-01-28 20:10:10.240 [219727] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:10:15.570 [219727] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:10:15.571 [219727] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:10:15.573 [219729] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:10:15.573 [219729] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:10:15.573 [219729] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:10:15.573 [219729] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:10:15.573 [219729] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:10:15.573 [219729] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:10:15.765 [219729] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:10:15.765 [219729] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:10:15.765 [219729] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:10:15.770 [219729] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:10:15.871 [219729] info  client.cpp::callSync []
2026-01-28 20:10:16.876 [219729] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:10:16.876 [219729] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:10:17.015 [219729] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:10:21.022 [219729] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:10:22.712 [219726] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:10:25.043 [219729] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:10:26.232 [219730] info  communicator.cpp::processor processing exited
2026-01-28 20:10:40.233 [219713] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:10:41.234 [219713] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:10:41.243 [220622] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:10:41.243 [220622] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:10:41.243 [220622] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:10:41.243 [220622] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:10:41.243 [220622] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:10:41.352 [220622] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:10:41.400 [220622] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:10:41.579 [220622] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:10:41.579 [220642] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:10:41.579 [220646] info  communicator.cpp::processor processing starting
2026-01-28 20:10:41.581 [220643] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:10:45.924 [220643] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:10:45.924 [220643] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:10:45.926 [220645] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:10:45.927 [220645] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:10:45.927 [220645] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:10:45.927 [220645] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:10:45.927 [220645] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:10:45.927 [220645] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:10:46.119 [220645] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:10:46.119 [220645] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:10:46.119 [220645] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:10:46.124 [220645] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:10:46.215 [220645] info  client.cpp::callSync []
2026-01-28 20:10:47.220 [220645] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:10:47.220 [220645] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:10:47.370 [220645] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:10:51.377 [220645] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:10:52.071 [220642] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:10:55.396 [220645] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:10:56.046 [220646] info  communicator.cpp::processor processing exited
2026-01-28 20:11:10.048 [220622] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:11:11.048 [220622] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:11:11.057 [221502] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:11:11.057 [221502] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:11:11.057 [221502] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:11:11.058 [221502] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:11:11.058 [221502] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:11:11.183 [221502] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:11:11.256 [221502] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:11:11.439 [221502] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:11:11.439 [221524] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:11:11.439 [221528] info  communicator.cpp::processor processing starting
2026-01-28 20:11:11.441 [221525] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:11:16.791 [221525] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:11:16.791 [221525] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:11:16.793 [221527] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:11:16.793 [221527] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:11:16.793 [221527] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:11:16.793 [221527] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:11:16.793 [221527] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:11:16.793 [221527] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:11:16.986 [221527] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:11:16.986 [221527] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:11:16.986 [221527] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:11:16.991 [221527] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:11:17.081 [221527] info  client.cpp::callSync []
2026-01-28 20:11:18.086 [221527] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:11:18.086 [221527] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:11:18.240 [221527] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:11:22.247 [221527] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:11:22.935 [221524] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:11:26.269 [221527] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:11:26.672 [221528] info  communicator.cpp::processor processing exited
2026-01-28 20:11:40.673 [221502] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:11:41.673 [221502] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:11:41.682 [222402] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:11:41.682 [222402] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:11:41.682 [222402] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:11:41.683 [222402] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:11:41.683 [222402] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:11:41.791 [222402] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:11:41.840 [222402] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:11:42.017 [222402] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:11:42.017 [222411] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:11:42.017 [222415] info  communicator.cpp::processor processing starting
2026-01-28 20:11:42.020 [222412] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:11:48.340 [222412] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:11:48.340 [222412] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:11:48.342 [222414] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:11:48.342 [222414] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:11:48.342 [222414] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:11:48.342 [222414] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:11:48.342 [222414] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:11:48.342 [222414] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:11:48.533 [222414] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:11:48.534 [222414] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:11:48.534 [222414] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:11:48.539 [222414] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:11:48.625 [222414] info  client.cpp::callSync []
2026-01-28 20:11:49.630 [222414] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:11:49.630 [222414] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:11:49.775 [222414] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:11:53.782 [222414] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:11:55.477 [222411] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:11:57.805 [222414] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:11:58.558 [222415] info  communicator.cpp::processor processing exited
2026-01-28 20:12:12.559 [222402] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:12:13.559 [222402] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:12:13.568 [223306] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:12:13.568 [223306] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:12:13.568 [223306] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:12:13.568 [223306] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:12:13.568 [223306] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:12:13.677 [223306] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:12:13.726 [223306] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:12:13.904 [223306] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:12:13.904 [223320] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:12:13.904 [223324] info  communicator.cpp::processor processing starting
2026-01-28 20:12:13.906 [223321] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:12:20.226 [223321] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:12:20.227 [223321] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:12:20.229 [223323] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:12:20.229 [223323] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:12:20.229 [223323] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:12:20.229 [223323] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:12:20.229 [223323] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:12:20.229 [223323] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:12:20.425 [223323] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:12:20.425 [223323] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:12:20.425 [223323] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:12:20.430 [223323] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:12:20.522 [223323] info  client.cpp::callSync []
2026-01-28 20:12:21.527 [223323] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:12:21.527 [223323] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:12:21.682 [223323] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:12:25.691 [223323] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:12:27.364 [223320] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:12:29.712 [223323] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:12:30.883 [223324] info  communicator.cpp::processor processing exited
2026-01-28 20:12:44.885 [223306] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:12:45.885 [223306] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:12:45.897 [224321] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:12:45.897 [224321] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:12:45.897 [224321] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:12:45.897 [224321] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:12:45.897 [224321] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:12:46.046 [224321] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:12:46.112 [224321] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:12:46.291 [224321] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:12:46.292 [224352] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:12:46.292 [224356] info  communicator.cpp::processor processing starting
2026-01-28 20:12:46.294 [224353] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:12:52.637 [224353] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:12:52.637 [224353] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:12:52.640 [224355] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:12:52.641 [224355] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:12:52.641 [224355] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:12:52.641 [224355] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:12:52.641 [224355] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:12:52.641 [224355] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:12:52.836 [224355] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:12:52.836 [224355] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:12:52.836 [224355] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:12:52.841 [224355] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:12:52.944 [224355] info  client.cpp::callSync []
2026-01-28 20:12:53.951 [224355] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:12:53.951 [224355] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:12:54.068 [224355] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:12:58.076 [224355] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:12:59.778 [224352] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:13:02.095 [224355] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:13:02.874 [224356] info  communicator.cpp::processor processing exited
2026-01-28 20:13:16.876 [224321] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:13:17.876 [224321] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:13:17.885 [225482] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:13:17.885 [225482] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:13:17.885 [225482] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:13:17.885 [225482] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:13:17.885 [225482] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:13:17.995 [225482] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:13:18.044 [225482] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:13:18.267 [225482] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:13:18.267 [225497] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:13:18.267 [225501] info  communicator.cpp::processor processing starting
2026-01-28 20:13:18.269 [225498] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:13:24.645 [225498] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:13:24.645 [225498] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:13:24.649 [225500] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:13:24.649 [225500] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:13:24.649 [225500] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:13:24.649 [225500] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:13:24.649 [225500] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:13:24.649 [225500] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:13:24.853 [225500] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:13:24.853 [225500] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:13:24.853 [225500] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:13:24.858 [225500] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:13:24.958 [225500] info  client.cpp::callSync []
2026-01-28 20:13:25.962 [225500] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:13:25.962 [225500] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:13:26.102 [225500] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:13:30.111 [225500] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:13:31.790 [225497] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:13:34.132 [225500] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:13:35.226 [225501] info  communicator.cpp::processor processing exited
2026-01-28 20:13:49.227 [225482] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:13:50.228 [225482] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:13:50.237 [226601] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:13:50.237 [226601] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:13:50.237 [226601] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:13:50.237 [226601] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:13:50.237 [226601] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:13:50.346 [226601] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:13:50.395 [226601] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:13:50.575 [226601] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:13:50.575 [226620] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:13:50.575 [226624] info  communicator.cpp::processor processing starting
2026-01-28 20:13:50.577 [226621] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:13:56.927 [226621] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:13:56.927 [226621] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:13:56.929 [226623] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:13:56.929 [226623] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:13:56.929 [226623] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:13:56.929 [226623] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:13:56.929 [226623] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:13:56.929 [226623] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:13:57.123 [226623] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:13:57.124 [226623] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:13:57.124 [226623] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:13:57.128 [226623] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:13:57.220 [226623] info  client.cpp::callSync []
2026-01-28 20:13:58.225 [226623] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:13:58.225 [226623] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:13:58.306 [226623] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:14:02.314 [226623] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:14:03.070 [226620] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:14:06.333 [226623] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:14:06.757 [226624] info  communicator.cpp::processor processing exited
2026-01-28 20:14:20.759 [226601] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:14:21.759 [226601] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:14:21.768 [227646] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:14:21.769 [227646] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:14:21.769 [227646] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:14:21.769 [227646] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:14:21.769 [227646] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:14:21.877 [227646] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:14:21.927 [227646] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:14:22.107 [227646] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:14:22.107 [227655] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:14:22.108 [227659] info  communicator.cpp::processor processing starting
2026-01-28 20:14:22.109 [227656] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:14:28.486 [227656] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:14:28.487 [227656] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:14:28.489 [227658] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:14:28.489 [227658] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:14:28.489 [227658] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:14:28.489 [227658] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:14:28.489 [227658] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:14:28.489 [227658] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:14:28.726 [227658] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:14:28.726 [227658] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:14:28.726 [227658] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:14:28.731 [227658] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:14:28.821 [227658] info  client.cpp::callSync []
2026-01-28 20:14:29.826 [227658] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:14:29.826 [227658] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:14:29.948 [227658] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:14:33.955 [227658] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:14:35.634 [227655] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:14:37.983 [227658] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:14:39.011 [227659] info  communicator.cpp::processor processing exited
2026-01-28 20:14:53.012 [227646] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:14:54.012 [227646] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:14:54.021 [228644] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:14:54.021 [228644] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:14:54.021 [228644] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:14:54.022 [228644] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:14:54.022 [228644] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:14:54.130 [228644] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:14:54.179 [228644] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:14:54.358 [228644] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:14:54.358 [228672] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:14:54.358 [228676] info  communicator.cpp::processor processing starting
2026-01-28 20:14:54.360 [228673] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:15:00.682 [228673] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:15:00.682 [228673] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:15:00.684 [228675] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:15:00.684 [228675] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:15:00.684 [228675] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:15:00.684 [228675] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:15:00.684 [228675] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:15:00.684 [228675] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:15:00.877 [228675] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:15:00.877 [228675] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:15:00.877 [228675] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:15:00.882 [228675] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:15:00.978 [228675] info  client.cpp::callSync []
2026-01-28 20:15:01.983 [228675] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:15:01.983 [228675] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:15:02.138 [228675] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:15:05.826 [228672] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:15:06.145 [228675] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:15:06.732 [228676] info  communicator.cpp::processor processing exited
2026-01-28 20:15:22.827 [228644] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:15:23.827 [228644] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:15:23.836 [229821] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:15:23.836 [229821] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:15:23.836 [229821] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:15:23.836 [229821] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:15:23.836 [229821] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:15:23.948 [229821] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:15:23.996 [229821] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:15:24.173 [229821] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:15:24.173 [229836] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:15:24.174 [229840] info  communicator.cpp::processor processing starting
2026-01-28 20:15:24.175 [229837] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:15:28.514 [229837] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:15:28.515 [229837] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:15:28.517 [229839] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:15:28.517 [229839] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:15:28.517 [229839] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:15:28.517 [229839] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:15:28.517 [229839] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:15:28.517 [229839] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:15:28.741 [229839] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:15:28.741 [229839] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:15:28.741 [229839] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:15:28.746 [229839] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:15:28.866 [229839] info  client.cpp::callSync []
2026-01-28 20:15:29.873 [229839] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:15:29.874 [229839] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:15:29.874 [229839] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:15:30.013 [229839] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:15:34.020 [229839] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:15:35.662 [229836] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:15:38.040 [229839] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:15:38.485 [229840] info  communicator.cpp::processor processing exited
2026-01-28 20:15:52.663 [229821] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:15:53.663 [229821] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:15:53.672 [230880] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:15:53.673 [230880] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:15:53.673 [230880] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:15:53.673 [230880] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:15:53.673 [230880] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:15:53.792 [230880] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:15:53.852 [230880] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:15:54.029 [230880] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:15:54.029 [230892] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:15:54.029 [230896] info  communicator.cpp::processor processing starting
2026-01-28 20:15:54.031 [230893] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:16:00.354 [230893] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:16:00.355 [230893] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:16:00.357 [230895] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:16:00.357 [230895] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:16:00.357 [230895] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:16:00.357 [230895] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:16:00.357 [230895] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:16:00.357 [230895] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:16:00.594 [230895] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:16:00.594 [230895] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:16:00.594 [230895] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:16:00.599 [230895] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:16:00.733 [230895] info  client.cpp::callSync []
2026-01-28 20:16:01.738 [230895] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:16:01.738 [230895] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:16:01.889 [230895] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:16:05.503 [230892] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:16:05.896 [230895] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:16:06.411 [230896] info  communicator.cpp::processor processing exited
2026-01-28 20:16:22.504 [230880] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:16:23.504 [230880] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:16:23.513 [231808] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:16:23.514 [231808] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:16:23.514 [231808] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:16:23.514 [231808] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:16:23.514 [231808] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:16:23.623 [231808] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:16:23.672 [231808] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:16:23.853 [231808] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:16:23.854 [231822] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:16:23.854 [231826] info  communicator.cpp::processor processing starting
2026-01-28 20:16:23.856 [231823] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:16:30.264 [231823] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:16:30.265 [231823] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:16:30.267 [231825] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:16:30.267 [231825] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:16:30.267 [231825] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:16:30.267 [231825] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:16:30.267 [231825] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:16:30.267 [231825] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:16:30.480 [231825] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:16:30.480 [231825] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:16:30.480 [231825] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:16:30.486 [231825] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:16:30.579 [231825] info  client.cpp::callSync []
2026-01-28 20:16:31.584 [231825] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:16:31.585 [231825] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:16:31.585 [231825] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:16:31.706 [231825] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:16:35.714 [231825] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:16:37.403 [231822] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:16:39.734 [231825] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:16:40.055 [231826] info  communicator.cpp::processor processing exited
2026-01-28 20:16:54.405 [231808] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:16:55.405 [231808] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:16:55.414 [232811] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:16:55.415 [232811] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:16:55.415 [232811] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:16:55.415 [232811] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:16:55.415 [232811] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:16:55.524 [232811] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:16:55.574 [232811] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:16:55.758 [232811] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:16:55.758 [232827] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:16:55.758 [232831] info  communicator.cpp::processor processing starting
2026-01-28 20:16:55.760 [232828] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:17:02.083 [232828] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:17:02.084 [232828] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:17:02.086 [232830] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:17:02.086 [232830] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:17:02.086 [232830] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:17:02.086 [232830] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:17:02.086 [232830] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:17:02.086 [232830] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:17:02.278 [232830] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:17:02.278 [232830] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:17:02.278 [232830] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:17:02.283 [232830] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:17:02.377 [232830] info  client.cpp::callSync []
2026-01-28 20:17:03.382 [232830] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:17:03.382 [232830] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:17:03.527 [232830] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:17:07.534 [232830] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:17:08.225 [232827] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:17:11.570 [232830] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:17:11.938 [232831] info  communicator.cpp::processor processing exited
2026-01-28 20:17:25.939 [232811] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:17:26.939 [232811] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:17:26.949 [233650] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:17:26.949 [233650] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:17:26.949 [233650] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:17:26.949 [233650] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:17:26.949 [233650] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:17:27.057 [233650] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:17:27.106 [233650] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:17:27.281 [233650] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:17:27.281 [233669] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:17:27.281 [233673] info  communicator.cpp::processor processing starting
2026-01-28 20:17:27.283 [233670] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:17:33.608 [233670] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:17:33.608 [233670] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:17:33.610 [233672] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:17:33.610 [233672] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:17:33.610 [233672] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:17:33.610 [233672] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:17:33.611 [233672] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:17:33.611 [233672] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:17:33.846 [233672] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:17:33.846 [233672] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:17:33.846 [233672] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:17:33.851 [233672] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:17:33.943 [233672] info  client.cpp::callSync []
2026-01-28 20:17:34.948 [233672] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:17:34.948 [233672] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:17:35.061 [233672] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:17:39.069 [233672] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:17:40.747 [233669] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:17:43.091 [233672] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:17:43.513 [233673] info  communicator.cpp::processor processing exited
2026-01-28 20:17:57.748 [233650] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:17:58.748 [233650] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:17:58.757 [234665] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:17:58.758 [234665] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:17:58.758 [234665] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:17:58.758 [234665] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:17:58.758 [234665] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:17:58.866 [234665] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:17:58.915 [234665] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:17:59.096 [234665] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:17:59.097 [234682] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:17:59.097 [234686] info  communicator.cpp::processor processing starting
2026-01-28 20:17:59.099 [234683] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:18:05.439 [234683] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:18:05.439 [234683] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:18:05.443 [234685] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:18:05.443 [234685] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:18:05.443 [234685] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:18:05.443 [234685] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:18:05.443 [234685] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:18:05.443 [234685] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:18:05.644 [234685] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:18:05.644 [234685] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:18:05.644 [234685] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:18:05.649 [234685] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:18:05.741 [234685] info  client.cpp::callSync []
2026-01-28 20:18:06.746 [234685] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:18:06.746 [234685] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:18:06.888 [234685] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:18:10.897 [234685] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:18:11.581 [234682] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:18:14.918 [234685] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:18:15.851 [234686] info  communicator.cpp::processor processing exited
2026-01-28 20:18:29.852 [234665] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:18:30.852 [234665] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:18:30.861 [235714] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:18:30.862 [235714] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:18:30.862 [235714] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:18:30.862 [235714] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:18:30.862 [235714] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:18:30.970 [235714] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:18:31.019 [235714] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:18:31.191 [235714] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:18:31.191 [235732] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:18:31.192 [235736] info  communicator.cpp::processor processing starting
2026-01-28 20:18:31.193 [235733] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:18:37.537 [235733] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:18:37.537 [235733] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:18:37.541 [235735] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:18:37.541 [235735] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:18:37.541 [235735] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:18:37.541 [235735] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:18:37.541 [235735] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:18:37.541 [235735] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:18:37.736 [235735] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:18:37.736 [235735] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:18:37.736 [235735] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:18:37.741 [235735] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:18:37.834 [235735] info  client.cpp::callSync []
2026-01-28 20:18:38.839 [235735] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:18:38.839 [235735] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:18:38.982 [235735] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:18:41.989 [235735] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:18:44.678 [235732] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:18:46.009 [235735] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:18:47.116 [235736] info  communicator.cpp::processor processing exited
2026-01-28 20:19:01.680 [235714] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:19:02.680 [235714] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:19:02.689 [236873] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:19:02.689 [236873] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:19:02.689 [236873] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:19:02.689 [236873] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:19:02.689 [236873] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:19:02.799 [236873] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:19:02.849 [236873] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:19:03.033 [236873] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:19:03.033 [236882] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:19:03.033 [236886] info  communicator.cpp::processor processing starting
2026-01-28 20:19:03.035 [236883] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:19:08.364 [236883] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:19:08.364 [236883] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:19:08.366 [236885] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:19:08.366 [236885] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:19:08.366 [236885] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:19:08.366 [236885] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:19:08.366 [236885] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:19:08.366 [236885] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:19:08.579 [236885] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:19:08.579 [236885] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:19:08.579 [236885] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:19:08.586 [236885] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:19:08.678 [236885] info  client.cpp::callSync []
2026-01-28 20:19:09.683 [236885] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:19:09.683 [236885] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:19:09.767 [236885] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:19:13.774 [236885] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:19:15.500 [236882] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:19:17.800 [236885] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:19:18.975 [236886] info  communicator.cpp::processor processing exited
2026-01-28 20:19:32.976 [236873] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:19:33.976 [236873] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:19:33.987 [237948] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:19:33.987 [237948] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:19:33.987 [237948] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:19:33.987 [237948] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:19:33.987 [237948] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:19:34.126 [237948] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:19:34.175 [237948] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:19:34.358 [237948] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:19:34.358 [237957] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:19:34.358 [237961] info  communicator.cpp::processor processing starting
2026-01-28 20:19:34.360 [237958] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:19:40.682 [237958] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:19:40.683 [237958] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:19:40.685 [237960] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:19:40.685 [237960] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:19:40.685 [237960] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:19:40.685 [237960] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:19:40.685 [237960] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:19:40.685 [237960] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:19:40.896 [237960] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:19:40.896 [237960] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:19:40.896 [237960] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:19:40.901 [237960] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:19:41.000 [237960] info  client.cpp::callSync []
2026-01-28 20:19:42.006 [237960] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:19:42.006 [237960] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:19:42.153 [237960] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:19:46.162 [237960] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:19:47.881 [237957] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:19:50.188 [237960] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:19:51.077 [237961] info  communicator.cpp::processor processing exited
2026-01-28 20:20:05.078 [237948] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:20:06.078 [237948] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:20:06.087 [238949] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:20:06.088 [238949] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:20:06.088 [238949] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:20:06.088 [238949] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:20:06.088 [238949] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:20:06.196 [238949] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:20:06.245 [238949] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:20:06.423 [238949] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:20:06.423 [238972] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:20:06.423 [238976] info  communicator.cpp::processor processing starting
2026-01-28 20:20:06.425 [238973] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:20:12.813 [238973] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:20:12.813 [238973] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:20:12.816 [238975] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:20:12.816 [238975] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:20:12.816 [238975] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:20:12.816 [238975] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:20:12.817 [238975] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:20:12.817 [238975] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:20:13.009 [238975] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:20:13.009 [238975] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:20:13.009 [238975] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:20:13.014 [238975] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:20:13.106 [238975] info  client.cpp::callSync []
2026-01-28 20:20:14.111 [238975] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:20:14.111 [238975] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:20:14.244 [238975] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:20:18.252 [238975] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:20:18.957 [238972] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:20:22.273 [238975] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:20:22.611 [238976] info  communicator.cpp::processor processing exited
2026-01-28 20:20:36.612 [238949] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:20:37.612 [238949] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:20:37.621 [239999] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:20:37.622 [239999] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:20:37.622 [239999] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:20:37.622 [239999] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:20:37.622 [239999] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:20:37.731 [239999] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:20:37.781 [239999] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:20:37.976 [239999] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:20:37.976 [240037] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:20:37.976 [240041] info  communicator.cpp::processor processing starting
2026-01-28 20:20:37.978 [240038] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:20:42.305 [240038] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:20:42.305 [240038] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:20:42.307 [240040] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:20:42.307 [240040] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:20:42.307 [240040] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:20:42.307 [240040] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:20:42.308 [240040] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:20:42.308 [240040] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:20:42.502 [240040] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:20:42.502 [240040] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:20:42.502 [240040] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:20:42.507 [240040] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:20:42.628 [240040] info  client.cpp::callSync []
2026-01-28 20:20:43.633 [240040] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:20:43.633 [240040] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:20:43.715 [240040] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:20:47.724 [240040] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:20:48.448 [240037] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:20:51.750 [240040] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:20:52.803 [240041] info  communicator.cpp::processor processing exited
2026-01-28 20:21:06.804 [239999] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:21:07.804 [239999] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:21:08.222 [241128] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:21:08.222 [241128] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:21:08.222 [241128] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:21:08.222 [241128] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:21:08.222 [241128] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:21:08.331 [241128] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:21:08.381 [241128] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:21:08.570 [241128] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:21:08.571 [241149] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:21:08.571 [241153] info  communicator.cpp::processor processing starting
2026-01-28 20:21:08.572 [241150] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:21:13.911 [241150] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:21:13.911 [241150] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:21:13.914 [241152] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:21:13.914 [241152] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:21:13.914 [241152] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:21:13.914 [241152] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:21:13.914 [241152] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:21:13.914 [241152] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:21:14.109 [241152] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:21:14.109 [241152] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:21:14.109 [241152] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:21:14.114 [241152] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:21:14.205 [241152] info  client.cpp::callSync []
2026-01-28 20:21:15.210 [241152] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:21:15.210 [241152] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:21:15.354 [241152] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:21:18.048 [241149] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:21:19.448 [241153] info  communicator.cpp::processor processing exited
2026-01-28 20:21:35.049 [241128] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:21:36.049 [241128] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:21:36.058 [241962] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:21:36.059 [241962] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:21:36.059 [241962] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:21:36.059 [241962] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:21:36.059 [241962] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:21:36.194 [241962] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:21:36.245 [241962] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:21:36.423 [241962] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:21:36.423 [241981] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:21:36.423 [241985] info  communicator.cpp::processor processing starting
2026-01-28 20:21:36.425 [241982] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:21:42.744 [241982] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:21:42.744 [241982] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:21:42.747 [241984] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:21:42.747 [241984] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:21:42.747 [241984] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:21:42.747 [241984] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:21:42.747 [241984] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:21:42.747 [241984] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:21:42.939 [241984] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:21:42.939 [241984] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:21:42.939 [241984] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:21:42.944 [241984] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:21:43.034 [241984] info  client.cpp::callSync []
2026-01-28 20:21:44.039 [241984] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:21:44.039 [241984] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:21:44.189 [241984] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:21:48.196 [241984] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:21:49.893 [241981] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:21:52.298 [241984] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:21:52.777 [241985] info  communicator.cpp::processor processing exited
2026-01-28 20:22:06.894 [241962] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:22:07.894 [241962] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:22:07.906 [243027] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:22:07.906 [243027] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:22:07.906 [243027] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:22:07.906 [243027] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:22:07.906 [243027] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:22:08.015 [243027] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:22:08.064 [243027] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:22:08.242 [243027] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:22:08.243 [243045] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:22:08.243 [243049] info  communicator.cpp::processor processing starting
2026-01-28 20:22:08.245 [243046] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:22:13.590 [243046] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:22:13.591 [243046] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:22:13.594 [243048] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:22:13.594 [243048] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:22:13.594 [243048] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:22:13.594 [243048] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:22:13.594 [243048] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:22:13.594 [243048] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:22:13.786 [243048] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:22:13.786 [243048] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:22:13.786 [243048] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:22:13.791 [243048] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:22:13.880 [243048] info  client.cpp::callSync []
2026-01-28 20:22:14.885 [243048] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:22:14.885 [243048] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:22:15.027 [243048] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:22:19.036 [243048] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:22:19.732 [243045] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:22:23.056 [243048] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:22:23.460 [243049] info  communicator.cpp::processor processing exited
2026-01-28 20:22:37.461 [243027] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:22:38.461 [243027] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:22:38.471 [243986] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:22:38.471 [243986] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:22:38.471 [243986] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:22:38.471 [243986] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:22:38.471 [243986] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:22:38.580 [243986] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:22:38.629 [243986] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:22:38.811 [243986] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:22:38.812 [244028] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:22:38.812 [244032] info  communicator.cpp::processor processing starting
2026-01-28 20:22:38.814 [244029] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:22:44.153 [244029] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:22:44.153 [244029] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:22:44.156 [244031] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:22:44.157 [244031] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:22:44.157 [244031] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:22:44.157 [244031] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:22:44.157 [244031] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:22:44.157 [244031] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:22:44.352 [244031] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:22:44.352 [244031] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:22:44.352 [244031] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:22:44.359 [244031] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:22:44.462 [244031] info  client.cpp::callSync []
2026-01-28 20:22:45.467 [244031] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:22:45.467 [244031] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:22:45.550 [244031] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:22:49.298 [244028] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:22:49.557 [244031] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:22:50.152 [244032] info  communicator.cpp::processor processing exited
2026-01-28 20:23:06.299 [243986] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:23:07.299 [243986] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:23:07.308 [244994] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:23:07.308 [244994] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:23:07.308 [244994] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:23:07.308 [244994] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:23:07.308 [244994] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:23:07.441 [244994] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:23:07.490 [244994] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:23:07.665 [244994] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:23:07.665 [245000] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:23:07.665 [245004] info  communicator.cpp::processor processing starting
2026-01-28 20:23:07.667 [245001] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:23:13.053 [245001] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:23:13.053 [245001] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:23:13.055 [245003] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:23:13.055 [245003] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:23:13.055 [245003] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:23:13.055 [245003] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:23:13.055 [245003] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:23:13.055 [245003] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:23:13.247 [245003] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:23:13.248 [245003] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:23:13.248 [245003] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:23:13.252 [245003] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:23:13.340 [245003] info  client.cpp::callSync []
2026-01-28 20:23:14.345 [245003] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:23:14.345 [245003] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:23:14.345 [245003] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:23:14.483 [245003] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:23:18.196 [245000] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:23:18.492 [245003] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:23:19.558 [245004] info  communicator.cpp::processor processing exited
2026-01-28 20:23:35.198 [244994] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:23:36.198 [244994] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:23:36.206 [245868] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:23:36.207 [245868] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:23:36.207 [245868] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:23:36.207 [245868] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:23:36.207 [245868] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:23:36.315 [245868] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:23:36.364 [245868] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:23:36.548 [245868] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:23:36.548 [245883] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:23:36.548 [245887] info  communicator.cpp::processor processing starting
2026-01-28 20:23:36.550 [245884] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:23:42.871 [245884] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:23:42.871 [245884] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:23:42.874 [245886] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:23:42.874 [245886] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:23:42.874 [245886] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:23:42.874 [245886] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:23:42.874 [245886] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:23:42.874 [245886] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:23:43.069 [245886] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:23:43.069 [245886] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:23:43.069 [245886] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:23:43.074 [245886] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:23:43.180 [245886] info  client.cpp::callSync []
2026-01-28 20:23:44.186 [245886] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:23:44.187 [245886] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:23:44.187 [245886] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:23:44.325 [245886] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:23:48.333 [245886] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:23:49.082 [245883] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:23:52.576 [245886] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:23:53.270 [245887] info  communicator.cpp::processor processing exited
2026-01-28 20:24:07.271 [245868] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:24:08.271 [245868] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:24:08.281 [247091] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:24:08.281 [247091] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:24:08.281 [247091] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:24:08.281 [247091] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:24:08.281 [247091] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:24:08.389 [247091] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:24:08.439 [247091] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:24:08.617 [247091] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:24:08.617 [247097] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:24:08.617 [247101] info  communicator.cpp::processor processing starting
2026-01-28 20:24:08.619 [247098] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:24:13.946 [247098] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:24:13.946 [247098] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:24:13.948 [247100] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:24:13.948 [247100] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:24:13.948 [247100] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:24:13.948 [247100] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:24:13.948 [247100] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:24:13.948 [247100] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:24:14.166 [247100] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:24:14.166 [247100] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:24:14.166 [247100] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:24:14.171 [247100] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:24:14.264 [247100] info  client.cpp::callSync []
2026-01-28 20:24:15.269 [247100] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:24:15.269 [247100] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:24:15.349 [247100] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:24:19.356 [247100] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:24:21.090 [247097] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:24:23.378 [247100] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:24:23.549 [247101] info  communicator.cpp::processor processing exited
2026-01-28 20:24:38.091 [247091] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:24:39.092 [247091] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:24:39.101 [248066] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:24:39.101 [248066] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:24:39.101 [248066] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:24:39.101 [248066] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:24:39.101 [248066] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:24:39.211 [248066] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:24:39.260 [248066] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:24:39.478 [248066] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:24:39.478 [248100] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:24:39.478 [248104] info  communicator.cpp::processor processing starting
2026-01-28 20:24:39.480 [248101] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:24:45.807 [248101] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:24:45.807 [248101] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:24:45.809 [248103] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:24:45.809 [248103] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:24:45.809 [248103] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:24:45.810 [248103] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:24:45.810 [248103] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:24:45.810 [248103] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:24:46.004 [248103] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:24:46.004 [248103] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:24:46.004 [248103] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:24:46.009 [248103] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:24:46.110 [248103] info  client.cpp::callSync []
2026-01-28 20:24:47.115 [248103] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:24:47.115 [248103] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:24:47.268 [248103] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:24:50.946 [248100] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:24:51.276 [248103] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:24:52.448 [248104] info  communicator.cpp::processor processing exited
2026-01-28 20:25:07.947 [248066] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:25:08.947 [248066] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:25:08.956 [249032] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:25:08.956 [249032] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:25:08.956 [249032] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:25:08.956 [249032] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:25:08.956 [249032] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:25:09.064 [249032] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:25:09.113 [249032] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:25:09.289 [249032] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:25:09.289 [249039] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:25:09.289 [249043] info  communicator.cpp::processor processing starting
2026-01-28 20:25:09.291 [249040] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:25:15.613 [249040] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:25:15.613 [249040] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:25:15.616 [249042] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:25:15.616 [249042] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:25:15.616 [249042] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:25:15.616 [249042] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:25:15.616 [249042] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:25:15.616 [249042] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:25:15.810 [249042] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:25:15.810 [249042] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:25:15.810 [249042] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:25:15.815 [249042] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:25:15.903 [249042] info  client.cpp::callSync []
2026-01-28 20:25:16.908 [249042] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:25:16.909 [249042] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:25:16.909 [249042] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:25:17.050 [249042] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:25:21.059 [249042] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:25:21.755 [249039] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:25:25.081 [249042] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:25:26.182 [249043] info  communicator.cpp::processor processing exited
2026-01-28 20:25:40.183 [249032] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:25:41.183 [249032] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:25:41.193 [250158] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:25:41.193 [250158] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:25:41.193 [250158] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:25:41.193 [250158] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:25:41.193 [250158] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:25:41.307 [250158] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:25:41.357 [250158] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:25:41.537 [250158] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:25:41.537 [250175] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:25:41.537 [250179] info  communicator.cpp::processor processing starting
2026-01-28 20:25:41.539 [250176] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:25:47.865 [250176] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:25:47.865 [250176] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:25:47.868 [250178] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:25:47.868 [250178] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:25:47.868 [250178] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:25:47.868 [250178] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:25:47.868 [250178] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:25:47.868 [250178] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:25:48.116 [250178] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:25:48.116 [250178] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:25:48.116 [250178] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:25:48.121 [250178] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:25:48.231 [250178] info  client.cpp::callSync []
2026-01-28 20:25:49.237 [250178] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:25:49.237 [250178] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:25:49.382 [250178] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:25:53.389 [250178] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:25:55.005 [250175] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:25:57.411 [250178] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:25:58.586 [250179] info  communicator.cpp::processor processing exited
2026-01-28 20:26:12.588 [250158] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:26:13.588 [250158] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:26:13.599 [251198] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:26:13.599 [251198] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:26:13.599 [251198] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:26:13.599 [251198] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:26:13.599 [251198] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:26:13.708 [251198] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:26:13.757 [251198] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:26:13.936 [251198] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:26:13.936 [251215] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:26:13.936 [251219] info  communicator.cpp::processor processing starting
2026-01-28 20:26:13.938 [251216] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:26:20.282 [251216] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:26:20.282 [251216] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:26:20.285 [251218] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:26:20.285 [251218] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:26:20.285 [251218] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:26:20.285 [251218] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:26:20.285 [251218] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:26:20.285 [251218] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:26:20.536 [251218] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:26:20.536 [251218] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:26:20.536 [251218] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:26:20.543 [251218] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:26:20.647 [251218] info  client.cpp::callSync []
2026-01-28 20:26:21.654 [251218] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:26:21.654 [251218] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:26:21.820 [251218] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:26:24.829 [251218] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:26:26.422 [251215] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:26:28.856 [251218] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:26:30.041 [251219] info  communicator.cpp::processor processing exited
2026-01-28 20:26:44.042 [251198] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:26:45.042 [251198] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:26:45.051 [252214] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:26:45.052 [252214] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:26:45.052 [252214] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:26:45.052 [252214] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:26:45.052 [252214] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:26:45.160 [252214] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:26:45.209 [252214] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:26:45.396 [252214] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:26:45.396 [252228] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:26:45.396 [252232] info  communicator.cpp::processor processing starting
2026-01-28 20:26:45.399 [252229] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:26:50.754 [252229] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:26:50.755 [252229] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:26:50.758 [252231] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:26:50.758 [252231] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:26:50.758 [252231] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:26:50.758 [252231] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:26:50.758 [252231] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:26:50.758 [252231] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:26:50.949 [252231] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:26:50.949 [252231] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:26:50.949 [252231] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:26:50.954 [252231] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:26:51.060 [252231] info  client.cpp::callSync []
2026-01-28 20:26:52.065 [252231] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:26:52.065 [252231] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:26:52.188 [252231] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:26:56.196 [252231] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:26:57.940 [252228] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:27:00.216 [252231] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:27:00.862 [252232] info  communicator.cpp::processor processing exited
2026-01-28 20:27:14.941 [252214] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:27:15.941 [252214] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:27:15.953 [253242] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:27:15.953 [253242] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:27:15.953 [253242] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:27:15.954 [253242] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:27:15.954 [253242] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:27:16.067 [253242] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:27:16.119 [253242] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:27:16.299 [253242] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:27:16.299 [253252] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:27:16.299 [253256] info  communicator.cpp::processor processing starting
2026-01-28 20:27:16.301 [253253] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:27:18.622 [253253] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:27:18.622 [253253] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:27:19.317 [253255] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:27:19.317 [253255] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:27:19.317 [253255] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:27:19.317 [253255] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:27:19.318 [253255] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:27:19.318 [253255] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:27:19.531 [253255] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:27:19.531 [253255] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:27:19.531 [253255] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:27:19.536 [253255] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:27:19.628 [253255] info  client.cpp::callSync []
2026-01-28 20:27:20.632 [253255] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:27:20.632 [253255] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:27:20.786 [253255] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:27:23.764 [253252] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:27:23.794 [253255] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:27:24.568 [253256] info  communicator.cpp::processor processing exited
2026-01-28 20:27:40.766 [253242] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:27:41.766 [253242] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:27:41.775 [254301] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:27:41.776 [254301] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:27:41.776 [254301] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:27:41.776 [254301] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:27:41.776 [254301] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:27:41.891 [254301] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:27:41.940 [254301] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:27:42.127 [254301] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:27:42.127 [254316] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:27:42.127 [254320] info  communicator.cpp::processor processing starting
2026-01-28 20:27:42.129 [254317] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:27:48.474 [254317] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:27:48.474 [254317] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:27:48.476 [254319] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:27:48.476 [254319] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:27:48.476 [254319] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:27:48.476 [254319] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:27:48.476 [254319] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:27:48.476 [254319] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:27:48.670 [254319] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:27:48.670 [254319] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:27:48.670 [254319] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:27:48.675 [254319] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:27:48.767 [254319] info  client.cpp::callSync []
2026-01-28 20:27:49.772 [254319] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:27:49.772 [254319] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:27:49.772 [254319] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:27:49.918 [254319] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:27:53.617 [254316] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:27:53.927 [254319] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:27:54.830 [254320] info  communicator.cpp::processor processing exited
2026-01-28 20:28:10.618 [254301] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:28:11.619 [254301] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:28:11.627 [255452] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:28:11.628 [255452] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:28:11.628 [255452] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:28:11.628 [255452] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:28:11.628 [255452] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:28:11.736 [255452] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:28:11.786 [255452] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:28:11.980 [255452] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:28:11.980 [255474] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:28:11.980 [255478] info  communicator.cpp::processor processing starting
2026-01-28 20:28:11.982 [255475] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:28:17.346 [255475] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:28:17.346 [255475] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:28:17.348 [255477] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:28:17.348 [255477] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:28:17.349 [255477] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:28:17.349 [255477] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:28:17.349 [255477] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:28:17.349 [255477] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:28:17.558 [255477] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:28:17.558 [255477] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:28:17.558 [255477] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:28:17.565 [255477] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:28:17.672 [255477] info  client.cpp::callSync []
2026-01-28 20:28:18.679 [255477] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:28:18.679 [255477] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:28:18.679 [255477] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:28:18.804 [255477] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:28:22.811 [255477] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:28:24.488 [255474] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:28:26.841 [255477] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:28:27.899 [255478] info  communicator.cpp::processor processing exited
2026-01-28 20:28:41.900 [255452] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:28:42.900 [255452] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:28:42.910 [256618] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:28:42.910 [256618] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:28:42.910 [256618] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:28:42.910 [256618] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:28:42.910 [256618] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:28:43.021 [256618] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:28:43.071 [256618] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:28:43.254 [256618] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:28:43.254 [256624] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:28:43.254 [256628] info  communicator.cpp::processor processing starting
2026-01-28 20:28:43.256 [256625] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:28:48.607 [256625] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:28:48.608 [256625] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:28:48.610 [256627] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:28:48.610 [256627] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:28:48.610 [256627] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:28:48.610 [256627] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:28:48.610 [256627] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:28:48.610 [256627] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:28:48.824 [256627] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:28:48.824 [256627] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:28:48.824 [256627] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:28:48.830 [256627] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:28:48.918 [256627] info  client.cpp::callSync []
2026-01-28 20:28:49.923 [256627] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:28:49.923 [256627] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:28:50.010 [256627] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:28:51.749 [256624] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:28:54.105 [256628] info  communicator.cpp::processor processing exited
2026-01-28 20:29:08.750 [256618] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:29:09.750 [256618] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:29:09.761 [257436] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:29:09.761 [257436] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:29:09.761 [257436] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:29:09.761 [257436] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:29:09.761 [257436] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:29:09.870 [257436] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:29:09.918 [257436] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:29:10.094 [257436] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:29:10.094 [257474] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:29:10.094 [257478] info  communicator.cpp::processor processing starting
2026-01-28 20:29:10.096 [257475] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:29:16.442 [257475] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:29:16.442 [257475] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:29:16.446 [257477] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:29:16.446 [257477] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:29:16.446 [257477] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:29:16.446 [257477] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:29:16.446 [257477] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:29:16.446 [257477] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:29:16.657 [257477] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:29:16.657 [257477] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:29:16.657 [257477] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:29:16.664 [257477] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:29:16.750 [257477] info  client.cpp::callSync []
2026-01-28 20:29:17.756 [257477] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:29:17.756 [257477] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:29:17.839 [257477] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:29:21.847 [257477] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:29:23.581 [257474] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:29:25.867 [257477] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:29:26.605 [257478] info  communicator.cpp::processor processing exited
2026-01-28 20:29:40.607 [257436] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:29:41.607 [257436] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:29:41.618 [258439] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:29:41.619 [258439] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:29:41.619 [258439] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:29:41.619 [258439] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:29:41.619 [258439] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:29:41.727 [258439] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:29:41.776 [258439] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:29:41.957 [258439] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:29:41.957 [258451] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:29:41.958 [258455] info  communicator.cpp::processor processing starting
2026-01-28 20:29:41.959 [258452] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:29:48.284 [258452] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:29:48.284 [258452] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:29:48.286 [258454] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:29:48.286 [258454] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:29:48.286 [258454] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:29:48.286 [258454] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:29:48.286 [258454] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:29:48.286 [258454] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:29:48.481 [258454] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:29:48.482 [258454] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:29:48.482 [258454] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:29:48.487 [258454] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:29:48.599 [258454] info  client.cpp::callSync []
2026-01-28 20:29:49.605 [258454] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:29:49.605 [258454] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:29:49.727 [258454] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:29:53.420 [258451] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:29:53.735 [258454] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:29:54.071 [258455] info  communicator.cpp::processor processing exited
2026-01-28 20:30:10.421 [258439] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:30:11.421 [258439] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:30:11.430 [259721] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:30:11.431 [259721] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:30:11.431 [259721] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:30:11.431 [259721] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:30:11.431 [259721] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:30:11.613 [259721] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:30:11.669 [259721] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:30:11.843 [259721] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:30:11.843 [259738] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:30:11.843 [259742] info  communicator.cpp::processor processing starting
2026-01-28 20:30:11.845 [259739] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:30:18.164 [259739] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:30:18.164 [259739] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:30:18.166 [259741] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:30:18.166 [259741] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:30:18.166 [259741] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:30:18.166 [259741] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:30:18.166 [259741] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:30:18.166 [259741] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:30:18.360 [259741] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:30:18.360 [259741] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:30:18.360 [259741] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:30:18.365 [259741] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:30:18.454 [259741] info  client.cpp::callSync []
2026-01-28 20:30:19.459 [259741] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:30:19.459 [259741] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:30:19.459 [259741] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:30:19.596 [259741] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:30:23.604 [259741] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:30:24.301 [259738] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:30:27.624 [259741] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:30:28.083 [259742] info  communicator.cpp::processor processing exited
2026-01-28 20:30:42.084 [259721] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:30:43.085 [259721] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:30:43.094 [260857] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:30:43.094 [260857] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:30:43.095 [260857] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:30:43.095 [260857] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:30:43.095 [260857] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:30:43.208 [260857] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:30:43.261 [260857] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:30:43.475 [260857] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:30:43.475 [260863] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:30:43.475 [260867] info  communicator.cpp::processor processing starting
2026-01-28 20:30:43.477 [260864] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:30:49.800 [260864] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:30:49.800 [260864] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:30:49.802 [260866] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:30:49.802 [260866] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:30:49.802 [260866] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:30:49.802 [260866] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:30:49.802 [260866] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:30:49.802 [260866] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:30:49.995 [260866] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:30:49.995 [260866] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:30:49.995 [260866] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:30:50.000 [260866] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:30:50.090 [260866] info  client.cpp::callSync []
2026-01-28 20:30:51.094 [260866] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:30:51.095 [260866] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:30:51.237 [260866] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:30:55.246 [260866] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:30:55.971 [260863] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:30:59.271 [260866] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:31:00.029 [260867] info  communicator.cpp::processor processing exited
2026-01-28 20:31:14.031 [260857] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:31:15.031 [260857] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:31:15.040 [262019] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:31:15.040 [262019] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:31:15.040 [262019] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:31:15.040 [262019] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:31:15.040 [262019] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:31:15.148 [262019] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:31:15.197 [262019] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:31:15.373 [262019] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:31:15.374 [262040] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:31:15.374 [262044] info  communicator.cpp::processor processing starting
2026-01-28 20:31:15.376 [262041] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:31:21.713 [262041] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:31:21.713 [262041] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:31:21.716 [262043] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:31:21.716 [262043] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:31:21.716 [262043] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:31:21.716 [262043] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:31:21.716 [262043] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:31:21.716 [262043] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:31:21.947 [262043] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:31:21.947 [262043] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:31:21.947 [262043] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:31:21.952 [262043] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:31:22.066 [262043] info  client.cpp::callSync []
2026-01-28 20:31:23.071 [262043] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:31:23.071 [262043] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:31:23.194 [262043] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:31:26.202 [262043] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:31:26.855 [262040] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:31:30.222 [262043] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:31:31.370 [262044] info  communicator.cpp::processor processing exited
2026-01-28 20:31:45.371 [262019] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:31:46.371 [262019] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:31:46.380 [1345] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:31:46.380 [1345] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:31:46.380 [1345] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:31:46.380 [1345] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:31:46.380 [1345] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:31:46.489 [1345] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:31:46.538 [1345] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:31:46.715 [1345] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:31:46.716 [1379] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:31:46.716 [1383] info  communicator.cpp::processor processing starting
2026-01-28 20:31:46.718 [1380] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:31:53.040 [1380] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:31:53.040 [1380] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:31:53.043 [1382] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:31:53.043 [1382] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:31:53.043 [1382] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:31:53.043 [1382] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:31:53.043 [1382] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:31:53.043 [1382] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:31:53.264 [1382] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:31:53.264 [1382] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:31:53.264 [1382] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:31:53.270 [1382] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:31:53.363 [1382] info  client.cpp::callSync []
2026-01-28 20:31:54.368 [1382] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:31:54.368 [1382] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:31:54.455 [1382] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:31:58.195 [1379] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:31:58.462 [1382] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:31:58.895 [1383] info  communicator.cpp::processor processing exited
2026-01-28 20:32:15.197 [1345] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:32:16.197 [1345] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:32:16.205 [2313] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:32:16.206 [2313] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:32:16.206 [2313] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:32:16.206 [2313] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:32:16.206 [2313] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:32:16.315 [2313] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:32:16.364 [2313] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:32:16.550 [2313] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:32:16.550 [2329] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:32:16.550 [2333] info  communicator.cpp::processor processing starting
2026-01-28 20:32:16.552 [2330] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:32:19.885 [2330] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:32:19.885 [2330] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:32:19.887 [2332] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:32:19.887 [2332] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:32:19.887 [2332] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:32:19.887 [2332] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:32:19.887 [2332] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:32:19.887 [2332] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:32:20.089 [2332] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:32:20.090 [2332] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:32:20.090 [2332] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:32:20.097 [2332] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:32:20.197 [2332] info  client.cpp::callSync []
2026-01-28 20:32:21.203 [2332] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:32:21.204 [2332] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:32:21.204 [2332] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:32:21.289 [2332] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:32:25.297 [2332] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:32:26.022 [2329] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:32:29.317 [2332] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:32:29.524 [2333] info  communicator.cpp::processor processing exited
2026-01-28 20:32:43.525 [2313] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:32:44.525 [2313] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:32:44.534 [3247] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:32:44.535 [3247] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:32:44.535 [3247] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:32:44.535 [3247] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:32:44.535 [3247] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:32:44.644 [3247] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:32:44.693 [3247] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:32:44.873 [3247] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:32:44.873 [3267] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:32:44.873 [3271] info  communicator.cpp::processor processing starting
2026-01-28 20:32:44.875 [3268] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:32:51.198 [3268] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:32:51.198 [3268] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:32:51.200 [3270] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:32:51.200 [3270] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:32:51.200 [3270] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:32:51.200 [3270] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:32:51.200 [3270] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:32:51.200 [3270] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:32:51.414 [3270] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:32:51.415 [3270] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:32:51.415 [3270] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:32:51.421 [3270] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:32:51.509 [3270] info  client.cpp::callSync []
2026-01-28 20:32:52.514 [3270] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:32:52.514 [3270] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:32:52.663 [3270] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:32:56.345 [3267] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:32:56.670 [3270] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:32:57.067 [3271] info  communicator.cpp::processor processing exited
2026-01-28 20:33:13.346 [3247] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:33:14.346 [3247] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:33:14.355 [4287] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:33:14.355 [4287] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:33:14.355 [4287] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:33:14.355 [4287] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:33:14.355 [4287] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:33:14.464 [4287] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:33:14.512 [4287] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:33:14.694 [4287] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:33:14.694 [4307] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:33:14.694 [4311] info  communicator.cpp::processor processing starting
2026-01-28 20:33:14.696 [4308] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:33:19.020 [4308] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:33:19.020 [4308] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:33:19.023 [4310] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:33:19.023 [4310] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:33:19.023 [4310] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:33:19.023 [4310] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:33:19.023 [4310] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:33:19.023 [4310] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:33:19.216 [4310] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:33:19.216 [4310] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:33:19.216 [4310] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:33:19.221 [4310] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:33:19.308 [4310] info  client.cpp::callSync []
2026-01-28 20:33:20.313 [4310] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:33:20.314 [4310] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:33:20.314 [4310] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:33:20.455 [4310] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:33:24.465 [4310] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:33:26.164 [4307] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:33:28.682 [4310] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:33:28.935 [4311] info  communicator.cpp::processor processing exited
2026-01-28 20:33:43.165 [4287] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:33:44.165 [4287] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:33:44.174 [5226] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:33:44.174 [5226] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:33:44.174 [5226] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:33:44.175 [5226] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:33:44.175 [5226] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:33:44.282 [5226] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:33:44.331 [5226] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:33:44.541 [5226] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:33:44.541 [5232] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:33:44.541 [5236] info  communicator.cpp::processor processing starting
2026-01-28 20:33:44.543 [5233] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:33:50.866 [5233] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:33:50.866 [5233] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:33:50.868 [5235] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:33:50.868 [5235] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:33:50.868 [5235] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:33:50.868 [5235] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:33:50.868 [5235] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:33:50.868 [5235] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:33:51.112 [5235] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:33:51.112 [5235] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:33:51.112 [5235] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:33:51.117 [5235] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:33:51.209 [5235] info  client.cpp::callSync []
2026-01-28 20:33:52.214 [5235] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:33:52.214 [5235] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:33:52.307 [5235] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:33:56.313 [5235] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:33:57.012 [5232] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:34:00.335 [5235] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:34:01.507 [5236] info  communicator.cpp::processor processing exited
2026-01-28 20:34:15.509 [5226] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:34:16.509 [5226] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:34:16.520 [6357] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:34:16.520 [6357] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:34:16.520 [6357] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:34:16.520 [6357] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:34:16.521 [6357] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:34:16.630 [6357] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:34:16.679 [6357] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:34:16.858 [6357] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:34:16.858 [6367] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:34:16.858 [6372] info  communicator.cpp::processor processing starting
2026-01-28 20:34:16.860 [6368] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:34:23.190 [6368] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:34:23.191 [6368] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:34:23.193 [6371] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:34:23.193 [6371] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:34:23.193 [6371] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:34:23.193 [6371] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:34:23.193 [6371] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:34:23.193 [6371] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:34:23.389 [6371] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:34:23.389 [6371] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:34:23.389 [6371] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:34:23.394 [6371] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:34:23.481 [6371] info  client.cpp::callSync []
2026-01-28 20:34:24.486 [6371] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:34:24.487 [6371] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:34:24.628 [6371] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:34:28.637 [6371] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:34:30.332 [6367] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:34:32.859 [6371] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:34:34.033 [6372] info  communicator.cpp::processor processing exited
2026-01-28 20:34:48.034 [6357] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:34:49.034 [6357] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:34:49.044 [7669] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:34:49.044 [7669] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:34:49.044 [7669] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:34:49.044 [7669] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:34:49.044 [7669] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:34:49.153 [7669] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:34:49.203 [7669] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:34:49.410 [7669] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:34:49.410 [7691] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:34:49.410 [7695] info  communicator.cpp::processor processing starting
2026-01-28 20:34:49.412 [7692] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:34:55.738 [7692] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:34:55.739 [7692] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:34:55.741 [7694] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:34:55.741 [7694] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:34:55.741 [7694] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:34:55.741 [7694] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:34:55.741 [7694] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:34:55.741 [7694] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:34:55.961 [7694] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:34:55.961 [7694] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:34:55.961 [7694] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:34:55.968 [7694] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:34:56.057 [7694] info  client.cpp::callSync []
2026-01-28 20:34:57.063 [7694] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:34:57.063 [7694] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:34:57.171 [7694] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:34:59.883 [7691] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:35:01.267 [7695] info  communicator.cpp::processor processing exited
2026-01-28 20:35:16.885 [7669] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:35:17.885 [7669] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:35:17.896 [8837] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:35:17.896 [8837] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:35:17.896 [8837] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:35:17.896 [8837] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:35:17.896 [8837] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:35:18.005 [8837] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:35:18.054 [8837] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:35:18.247 [8837] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:35:18.247 [8846] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:35:18.247 [8850] info  communicator.cpp::processor processing starting
2026-01-28 20:35:18.249 [8847] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:35:23.581 [8847] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:35:23.582 [8847] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:35:23.585 [8849] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:35:23.585 [8849] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:35:23.585 [8849] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:35:23.585 [8849] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:35:23.586 [8849] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:35:23.586 [8849] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:35:23.810 [8849] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:35:23.811 [8849] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:35:23.811 [8849] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:35:23.815 [8849] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:35:23.919 [8849] info  client.cpp::callSync []
2026-01-28 20:35:24.926 [8849] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:35:24.926 [8849] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:35:25.029 [8849] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:35:29.037 [8849] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:35:29.732 [8846] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:35:33.063 [8849] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:35:34.130 [8850] info  communicator.cpp::processor processing exited
2026-01-28 20:35:48.131 [8837] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:35:49.131 [8837] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:35:49.142 [9859] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:35:49.143 [9859] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:35:49.143 [9859] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:35:49.143 [9859] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:35:49.143 [9859] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:35:49.252 [9859] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:35:49.301 [9859] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:35:49.486 [9859] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:35:49.486 [9867] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:35:49.486 [9871] info  communicator.cpp::processor processing starting
2026-01-28 20:35:49.488 [9868] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:35:53.812 [9868] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:35:53.812 [9868] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:35:53.815 [9870] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:35:53.815 [9870] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:35:53.815 [9870] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:35:53.815 [9870] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:35:53.815 [9870] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:35:53.815 [9870] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:35:54.011 [9870] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:35:54.011 [9870] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:35:54.011 [9870] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:35:54.016 [9870] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:35:54.102 [9870] info  client.cpp::callSync []
2026-01-28 20:35:55.107 [9870] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:35:55.107 [9870] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:35:55.242 [9870] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:35:59.249 [9870] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:36:00.952 [9867] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:36:03.269 [9870] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:36:04.445 [9871] info  communicator.cpp::processor processing exited
2026-01-28 20:36:18.446 [9859] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:36:19.446 [9859] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:36:19.455 [10886] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:36:19.455 [10886] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:36:19.455 [10886] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:36:19.455 [10886] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:36:19.455 [10886] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:36:19.564 [10886] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:36:19.614 [10886] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:36:19.792 [10886] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:36:19.792 [10894] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:36:19.792 [10898] info  communicator.cpp::processor processing starting
2026-01-28 20:36:19.794 [10895] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:36:26.118 [10895] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:36:26.118 [10895] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:36:26.121 [10897] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:36:26.121 [10897] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:36:26.121 [10897] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:36:26.121 [10897] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:36:26.121 [10897] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:36:26.121 [10897] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:36:26.380 [10897] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:36:26.380 [10897] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:36:26.380 [10897] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:36:26.385 [10897] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:36:26.475 [10897] info  client.cpp::callSync []
2026-01-28 20:36:27.481 [10897] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:36:27.481 [10897] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:36:27.626 [10897] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:36:29.261 [10894] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:36:31.718 [10898] info  communicator.cpp::processor processing exited
2026-01-28 20:36:46.262 [10886] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:36:47.262 [10886] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:36:47.271 [11749] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:36:47.271 [11749] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:36:47.271 [11749] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:36:47.271 [11749] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:36:47.271 [11749] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:36:47.380 [11749] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:36:47.429 [11749] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:36:47.606 [11749] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:36:47.606 [11755] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:36:47.607 [11759] info  communicator.cpp::processor processing starting
2026-01-28 20:36:47.608 [11756] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:36:53.937 [11756] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:36:53.938 [11756] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:36:53.940 [11758] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:36:53.940 [11758] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:36:53.940 [11758] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:36:53.940 [11758] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:36:53.940 [11758] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:36:53.940 [11758] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:36:54.137 [11758] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:36:54.137 [11758] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:36:54.137 [11758] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:36:54.143 [11758] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:36:54.236 [11758] info  client.cpp::callSync []
2026-01-28 20:36:55.241 [11758] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:36:55.242 [11758] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:36:55.384 [11758] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:36:59.391 [11758] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:37:00.112 [11755] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:37:03.418 [11758] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:37:04.318 [11759] info  communicator.cpp::processor processing exited
2026-01-28 20:37:18.319 [11749] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:37:19.319 [11749] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:37:19.330 [12506] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:37:19.331 [12506] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:37:19.331 [12506] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:37:19.331 [12506] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:37:19.331 [12506] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:37:19.445 [12506] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:37:19.497 [12506] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:37:19.694 [12506] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:37:19.695 [12542] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:37:19.695 [12546] info  communicator.cpp::processor processing starting
2026-01-28 20:37:19.695 [12543] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:37:26.023 [12543] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:37:26.023 [12543] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:37:26.025 [12545] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:37:26.025 [12545] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:37:26.025 [12545] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:37:26.025 [12545] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:37:26.026 [12545] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:37:26.026 [12545] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:37:26.283 [12545] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:37:26.284 [12545] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:37:26.284 [12545] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:37:26.288 [12545] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:37:26.376 [12545] info  client.cpp::callSync []
2026-01-28 20:37:27.381 [12545] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:37:27.381 [12545] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:37:27.499 [12545] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:37:31.507 [12545] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:37:33.162 [12542] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:37:35.529 [12545] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:37:35.744 [12546] info  communicator.cpp::processor processing exited
2026-01-28 20:37:50.163 [12506] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:37:51.164 [12506] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:37:51.173 [13409] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:37:51.173 [13409] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:37:51.173 [13409] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:37:51.173 [13409] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:37:51.173 [13409] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:37:51.281 [13409] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:37:51.329 [13409] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:37:51.505 [13409] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:37:51.505 [13415] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:37:51.506 [13419] info  communicator.cpp::processor processing starting
2026-01-28 20:37:51.507 [13416] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:37:57.886 [13416] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:37:57.886 [13416] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:37:57.890 [13418] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:37:57.890 [13418] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:37:57.890 [13418] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:37:57.890 [13418] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:37:57.890 [13418] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:37:57.890 [13418] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:37:58.100 [13418] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:37:58.100 [13418] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:37:58.100 [13418] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:37:58.107 [13418] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:37:58.206 [13418] info  client.cpp::callSync []
2026-01-28 20:37:59.211 [13418] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:37:59.211 [13418] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:37:59.344 [13418] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:38:03.351 [13418] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:38:05.030 [13415] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:38:07.371 [13418] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:38:08.063 [13419] info  communicator.cpp::processor processing exited
2026-01-28 20:38:20.064 [13409] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:38:20.074 [13994] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:38:20.074 [13994] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:38:20.074 [13994] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:38:20.074 [13994] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:38:20.074 [13994] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:38:20.183 [13994] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:38:20.232 [13994] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:38:20.414 [13994] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:38:20.414 [14001] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:38:20.415 [14005] info  communicator.cpp::processor processing starting
2026-01-28 20:38:20.416 [14002] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:38:25.742 [14002] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:38:25.743 [14002] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:38:25.745 [14004] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:38:25.745 [14004] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:38:25.745 [14004] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:38:25.745 [14004] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:38:25.745 [14004] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:38:25.745 [14004] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:38:25.938 [14004] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:38:25.938 [14004] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:38:25.938 [14004] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:38:25.944 [14004] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:38:26.036 [14004] info  client.cpp::callSync []
2026-01-28 20:38:27.041 [14004] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:38:27.041 [14004] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:38:27.188 [14004] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:38:31.195 [14004] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:38:31.879 [14001] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:38:35.221 [14004] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:38:35.702 [14005] info  communicator.cpp::processor processing exited
2026-01-28 20:38:49.703 [13994] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:38:50.704 [13994] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:38:50.713 [14971] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:38:50.713 [14971] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:38:50.713 [14971] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:38:50.714 [14971] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:38:50.714 [14971] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:38:50.822 [14971] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:38:50.871 [14971] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:38:51.053 [14971] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:38:51.053 [14984] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:38:51.053 [14988] info  communicator.cpp::processor processing starting
2026-01-28 20:38:51.055 [14985] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:38:57.377 [14985] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:38:57.377 [14985] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:38:57.379 [14987] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:38:57.379 [14987] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:38:57.379 [14987] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:38:57.379 [14987] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:38:57.379 [14987] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:38:57.379 [14987] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:38:57.606 [14987] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:38:57.606 [14987] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:38:57.606 [14987] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:38:57.611 [14987] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:38:57.700 [14987] info  client.cpp::callSync []
2026-01-28 20:38:58.705 [14987] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:38:58.705 [14987] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:38:58.787 [14987] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:39:02.523 [14984] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:39:02.794 [14987] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:39:03.091 [14988] info  communicator.cpp::processor processing exited
2026-01-28 20:39:19.524 [14971] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:39:20.525 [14971] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:39:20.533 [16073] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:39:20.534 [16073] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:39:20.534 [16073] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:39:20.534 [16073] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:39:20.534 [16073] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:39:20.642 [16073] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:39:20.690 [16073] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:39:20.897 [16073] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:39:20.897 [16091] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:39:20.897 [16095] info  communicator.cpp::processor processing starting
2026-01-28 20:39:20.899 [16092] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:39:25.278 [16092] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:39:25.278 [16092] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:39:25.280 [16094] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:39:25.280 [16094] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:39:25.280 [16094] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:39:25.280 [16094] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:39:25.280 [16094] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:39:25.280 [16094] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:39:25.474 [16094] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:39:25.474 [16094] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:39:25.474 [16094] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:39:25.479 [16094] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:39:25.566 [16094] info  client.cpp::callSync []
2026-01-28 20:39:26.571 [16094] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:39:26.572 [16094] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:39:26.572 [16094] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:39:26.668 [16094] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:39:30.674 [16094] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:39:31.427 [16091] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:39:34.700 [16094] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:39:35.737 [16095] info  communicator.cpp::processor processing exited
2026-01-28 20:39:49.738 [16073] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:39:50.738 [16073] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:39:50.747 [17098] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:39:50.747 [17098] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:39:50.747 [17098] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:39:50.747 [17098] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:39:50.747 [17098] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:39:50.856 [17098] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:39:50.904 [17098] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:39:51.083 [17098] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:39:51.083 [17108] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:39:51.083 [17112] info  communicator.cpp::processor processing starting
2026-01-28 20:39:51.085 [17109] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:39:57.413 [17109] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:39:57.413 [17109] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:39:57.416 [17111] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:39:57.416 [17111] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:39:57.416 [17111] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:39:57.416 [17111] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:39:57.416 [17111] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:39:57.416 [17111] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:39:57.608 [17111] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:39:57.608 [17111] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:39:57.608 [17111] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:39:57.614 [17111] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:39:57.707 [17111] info  client.cpp::callSync []
2026-01-28 20:39:58.715 [17111] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:39:58.715 [17111] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:39:58.881 [17111] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:40:01.891 [17111] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:40:03.556 [17108] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:40:05.918 [17111] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:40:07.027 [17112] info  communicator.cpp::processor processing exited
2026-01-28 20:40:21.028 [17098] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:40:22.028 [17098] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:40:22.037 [18208] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:40:22.038 [18208] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:40:22.038 [18208] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:40:22.038 [18208] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:40:22.038 [18208] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:40:22.147 [18208] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:40:22.197 [18208] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:40:22.375 [18208] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:40:22.375 [18214] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:40:22.375 [18218] info  communicator.cpp::processor processing starting
2026-01-28 20:40:22.377 [18215] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:40:27.715 [18215] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:40:27.715 [18215] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:40:27.717 [18217] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:40:27.717 [18217] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:40:27.717 [18217] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:40:27.717 [18217] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:40:27.718 [18217] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:40:27.718 [18217] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:40:27.985 [18217] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:40:27.985 [18217] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:40:27.985 [18217] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:40:27.992 [18217] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:40:28.104 [18217] info  client.cpp::callSync []
2026-01-28 20:40:29.110 [18217] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:40:29.110 [18217] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:40:29.217 [18217] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:40:33.226 [18217] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:40:33.856 [18214] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:40:37.251 [18217] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:40:37.449 [18218] info  communicator.cpp::processor processing exited
2026-01-28 20:40:51.450 [18208] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:40:52.450 [18208] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:40:52.460 [19286] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:40:52.460 [19286] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:40:52.460 [19286] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:40:52.460 [19286] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:40:52.460 [19286] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:40:52.570 [19286] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:40:52.620 [19286] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:40:52.805 [19286] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:40:52.805 [19307] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:40:52.805 [19311] info  communicator.cpp::processor processing starting
2026-01-28 20:40:52.807 [19308] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:40:59.148 [19308] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:40:59.149 [19308] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:40:59.152 [19310] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:40:59.152 [19310] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:40:59.152 [19310] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:40:59.152 [19310] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:40:59.152 [19310] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:40:59.152 [19310] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:40:59.368 [19310] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:40:59.368 [19310] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:40:59.368 [19310] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:40:59.374 [19310] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:40:59.473 [19310] info  client.cpp::callSync []
2026-01-28 20:41:00.481 [19310] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:41:00.481 [19310] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:41:00.578 [19310] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:41:04.586 [19310] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:41:05.287 [19307] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:41:08.631 [19310] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:41:09.273 [19311] info  communicator.cpp::processor processing exited
2026-01-28 20:41:23.274 [19286] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:41:24.274 [19286] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:41:24.283 [20372] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:41:24.283 [20372] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:41:24.283 [20372] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:41:24.283 [20372] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:41:24.283 [20372] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:41:24.392 [20372] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:41:24.440 [20372] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:41:24.618 [20372] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:41:24.618 [20378] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:41:24.618 [20382] info  communicator.cpp::processor processing starting
2026-01-28 20:41:24.620 [20379] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:41:30.961 [20379] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:41:30.962 [20379] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:41:30.965 [20381] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:41:30.965 [20381] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:41:30.965 [20381] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:41:30.965 [20381] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:41:30.965 [20381] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:41:30.965 [20381] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:41:31.178 [20381] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:41:31.178 [20381] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:41:31.178 [20381] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:41:31.184 [20381] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:41:31.278 [20381] info  client.cpp::callSync []
2026-01-28 20:41:32.283 [20381] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:41:32.283 [20381] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:41:32.364 [20381] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:41:36.372 [20381] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:41:38.100 [20378] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:41:40.391 [20381] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:41:41.347 [20382] info  communicator.cpp::processor processing exited
2026-01-28 20:41:55.348 [20372] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:41:56.349 [20372] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:41:56.358 [21541] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:41:56.358 [21541] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:41:56.358 [21541] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:41:56.358 [21541] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:41:56.358 [21541] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:41:56.468 [21541] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:41:56.519 [21541] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:41:56.701 [21541] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:41:56.701 [21555] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:41:56.701 [21559] info  communicator.cpp::processor processing starting
2026-01-28 20:41:56.703 [21556] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:42:03.056 [21556] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:42:03.056 [21556] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:42:03.060 [21558] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:42:03.060 [21558] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:42:03.060 [21558] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:42:03.060 [21558] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:42:03.060 [21558] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:42:03.060 [21558] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:42:03.254 [21558] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:42:03.254 [21558] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:42:03.254 [21558] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:42:03.259 [21558] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:42:03.366 [21558] info  client.cpp::callSync []
2026-01-28 20:42:04.371 [21558] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:42:04.371 [21558] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:42:04.503 [21558] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:42:08.511 [21558] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:42:10.200 [21555] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:42:12.533 [21558] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:42:12.989 [21559] info  communicator.cpp::processor processing exited
2026-01-28 20:42:27.202 [21541] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:42:28.202 [21541] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:42:28.211 [22505] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:42:28.211 [22505] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:42:28.211 [22505] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:42:28.212 [22505] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:42:28.212 [22505] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:42:28.320 [22505] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:42:28.370 [22505] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:42:28.546 [22505] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:42:28.546 [22521] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:42:28.546 [22525] info  communicator.cpp::processor processing starting
2026-01-28 20:42:28.548 [22522] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:42:34.871 [22522] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:42:34.871 [22522] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:42:34.874 [22524] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:42:34.874 [22524] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:42:34.874 [22524] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:42:34.874 [22524] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:42:34.874 [22524] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:42:34.874 [22524] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:42:35.085 [22524] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:42:35.085 [22524] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:42:35.085 [22524] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:42:35.092 [22524] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:42:35.185 [22524] info  client.cpp::callSync []
2026-01-28 20:42:36.190 [22524] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:42:36.190 [22524] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:42:36.336 [22524] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:42:40.013 [22521] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:42:40.344 [22524] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:42:40.784 [22525] info  communicator.cpp::processor processing exited
2026-01-28 20:42:57.014 [22505] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:42:58.015 [22505] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:42:58.024 [23531] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:42:58.024 [23531] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:42:58.024 [23531] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:42:58.024 [23531] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:42:58.024 [23531] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:42:58.133 [23531] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:42:58.182 [23531] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:42:58.364 [23531] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:42:58.364 [23550] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:42:58.364 [23554] info  communicator.cpp::processor processing starting
2026-01-28 20:42:58.366 [23551] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:43:04.760 [23551] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:43:04.760 [23551] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:43:04.764 [23553] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:43:04.764 [23553] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:43:04.764 [23553] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:43:04.764 [23553] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:43:04.764 [23553] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:43:04.764 [23553] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:43:04.958 [23553] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:43:04.958 [23553] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:43:04.958 [23553] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:43:04.963 [23553] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:43:05.051 [23553] info  client.cpp::callSync []
2026-01-28 20:43:06.056 [23553] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:43:06.057 [23553] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:43:06.057 [23553] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:43:06.193 [23553] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:43:10.203 [23553] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:43:11.905 [23550] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:43:14.227 [23553] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:43:15.317 [23554] info  communicator.cpp::processor processing exited
2026-01-28 20:43:24.317 [23531] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:43:24.328 [24331] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:43:24.329 [24331] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:43:24.329 [24331] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:43:24.329 [24331] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:43:24.329 [24331] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:43:24.437 [24331] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:43:24.486 [24331] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:43:24.665 [24331] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:43:24.665 [24354] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:43:24.665 [24358] info  communicator.cpp::processor processing starting
2026-01-28 20:43:24.667 [24355] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:43:30.990 [24355] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:43:30.990 [24355] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:43:30.992 [24357] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:43:30.992 [24357] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:43:30.992 [24357] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:43:30.992 [24357] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:43:30.992 [24357] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:43:30.992 [24357] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:43:31.186 [24357] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:43:31.186 [24357] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:43:31.186 [24357] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:43:31.191 [24357] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:43:31.279 [24357] info  client.cpp::callSync []
2026-01-28 20:43:32.284 [24357] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:43:32.284 [24357] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:43:32.444 [24357] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:43:36.451 [24357] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:43:38.132 [24354] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:43:40.470 [24357] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:43:40.837 [24358] info  communicator.cpp::processor processing exited
2026-01-28 20:43:55.133 [24331] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:43:56.133 [24331] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:43:56.142 [25296] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:43:56.142 [25296] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:43:56.142 [25296] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:43:56.143 [25296] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:43:56.143 [25296] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:43:56.251 [25296] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:43:56.300 [25296] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:43:56.483 [25296] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:43:56.483 [25316] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:43:56.483 [25320] info  communicator.cpp::processor processing starting
2026-01-28 20:43:56.485 [25317] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:44:00.826 [25317] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:44:00.826 [25317] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:44:00.828 [25319] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:44:00.828 [25319] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:44:00.828 [25319] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:44:00.828 [25319] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:44:00.828 [25319] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:44:00.828 [25319] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:44:01.021 [25319] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:44:01.021 [25319] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:44:01.021 [25319] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:44:01.026 [25319] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:44:01.114 [25319] info  client.cpp::callSync []
2026-01-28 20:44:02.119 [25319] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:44:02.119 [25319] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:44:02.262 [25319] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:44:05.270 [25319] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:44:06.963 [25316] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:44:09.291 [25319] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:44:09.628 [25320] info  communicator.cpp::processor processing exited
2026-01-28 20:44:23.965 [25296] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:44:24.965 [25296] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:44:24.974 [26365] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:44:24.974 [26365] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:44:24.974 [26365] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:44:24.974 [26365] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:44:24.974 [26365] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:44:25.083 [26365] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:44:25.132 [26365] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:44:25.311 [26365] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:44:25.311 [26393] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:44:25.311 [26397] info  communicator.cpp::processor processing starting
2026-01-28 20:44:25.313 [26394] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:44:31.709 [26394] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:44:31.710 [26394] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:44:31.713 [26396] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:44:31.713 [26396] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:44:31.713 [26396] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:44:31.713 [26396] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:44:31.713 [26396] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:44:31.713 [26396] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:44:31.905 [26396] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:44:31.905 [26396] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:44:31.905 [26396] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:44:31.911 [26396] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:44:32.002 [26396] info  client.cpp::callSync []
2026-01-28 20:44:33.007 [26396] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:44:33.007 [26396] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:44:33.140 [26396] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:44:36.149 [26396] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:44:36.854 [26393] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:44:40.169 [26396] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:44:41.373 [26397] info  communicator.cpp::processor processing exited
2026-01-28 20:44:55.375 [26365] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:44:56.375 [26365] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:44:56.384 [27467] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:44:56.384 [27467] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:44:56.384 [27467] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:44:56.384 [27467] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:44:56.384 [27467] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:44:56.492 [27467] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:44:56.541 [27467] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:44:56.718 [27467] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:44:56.718 [27487] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:44:56.718 [27491] info  communicator.cpp::processor processing starting
2026-01-28 20:44:56.720 [27488] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:45:03.048 [27488] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:45:03.048 [27488] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:45:03.051 [27490] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:45:03.051 [27490] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:45:03.051 [27490] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:45:03.051 [27490] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:45:03.051 [27490] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:45:03.051 [27490] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:45:03.265 [27490] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:45:03.265 [27490] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:45:03.265 [27490] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:45:03.270 [27490] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:45:03.361 [27490] info  client.cpp::callSync []
2026-01-28 20:45:04.366 [27490] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:45:04.366 [27490] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:45:04.510 [27490] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:45:08.185 [27487] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:45:08.517 [27490] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:45:08.963 [27491] info  communicator.cpp::processor processing exited
2026-01-28 20:45:25.186 [27467] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:45:26.186 [27467] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:45:26.197 [28658] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:45:26.197 [28658] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:45:26.197 [28658] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:45:26.197 [28658] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:45:26.197 [28658] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:45:26.306 [28658] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:45:26.355 [28658] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:45:26.533 [28658] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:45:26.533 [28665] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:45:26.533 [28669] info  communicator.cpp::processor processing starting
2026-01-28 20:45:26.535 [28666] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:45:32.885 [28666] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:45:32.885 [28666] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:45:32.889 [28668] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:45:32.889 [28668] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:45:32.889 [28668] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:45:32.889 [28668] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:45:32.889 [28668] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:45:32.889 [28668] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:45:33.085 [28668] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:45:33.085 [28668] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:45:33.085 [28668] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:45:33.090 [28668] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:45:33.201 [28668] info  client.cpp::callSync []
2026-01-28 20:45:34.207 [28668] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:45:34.208 [28668] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:45:34.208 [28668] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:45:34.305 [28668] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:45:38.314 [28668] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:45:40.028 [28665] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:45:42.341 [28668] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:45:42.862 [28669] info  communicator.cpp::processor processing exited
2026-01-28 20:45:57.029 [28658] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:45:58.030 [28658] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:45:58.039 [29600] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:45:58.039 [29600] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:45:58.039 [29600] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:45:58.039 [29600] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:45:58.039 [29600] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:45:58.148 [29600] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:45:58.200 [29600] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:45:58.403 [29600] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:45:58.403 [29615] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:45:58.403 [29619] info  communicator.cpp::processor processing starting
2026-01-28 20:45:58.405 [29616] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:46:03.727 [29616] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:46:03.727 [29616] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:46:03.729 [29618] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:46:03.729 [29618] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:46:03.729 [29618] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:46:03.729 [29618] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:46:03.730 [29618] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:46:03.730 [29618] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:46:03.921 [29618] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:46:03.922 [29618] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:46:03.922 [29618] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:46:03.926 [29618] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:46:04.018 [29618] info  client.cpp::callSync []
2026-01-28 20:46:05.023 [29618] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:46:05.023 [29618] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:46:05.155 [29618] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:46:09.162 [29618] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:46:10.868 [29615] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:46:13.182 [29618] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:46:13.679 [29619] info  communicator.cpp::processor processing exited
2026-01-28 20:46:27.870 [29600] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:46:28.870 [29600] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:46:28.879 [30526] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:46:28.879 [30526] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:46:28.879 [30526] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:46:28.879 [30526] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:46:28.879 [30526] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:46:28.988 [30526] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:46:29.037 [30526] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:46:29.258 [30526] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:46:29.258 [30543] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:46:29.258 [30547] info  communicator.cpp::processor processing starting
2026-01-28 20:46:29.260 [30544] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:46:35.604 [30544] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:46:35.604 [30544] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:46:35.607 [30546] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:46:35.607 [30546] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:46:35.607 [30546] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:46:35.607 [30546] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:46:35.607 [30546] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:46:35.607 [30546] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:46:35.809 [30546] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:46:35.809 [30546] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:46:35.809 [30546] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:46:35.814 [30546] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:46:35.900 [30546] info  client.cpp::callSync []
2026-01-28 20:46:36.905 [30546] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:46:36.905 [30546] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:46:37.051 [30546] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:46:40.749 [30543] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:46:41.058 [30546] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:46:41.820 [30547] info  communicator.cpp::processor processing exited
2026-01-28 20:46:57.750 [30526] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:46:58.750 [30526] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:46:58.759 [31499] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:46:58.759 [31499] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:46:58.759 [31499] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:46:58.759 [31499] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:46:58.759 [31499] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:46:58.868 [31499] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:46:58.918 [31499] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:46:59.096 [31499] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:46:59.096 [31518] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:46:59.096 [31522] info  communicator.cpp::processor processing starting
2026-01-28 20:46:59.098 [31519] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:47:04.421 [31519] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:47:04.421 [31519] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:47:04.423 [31521] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:47:04.423 [31521] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:47:04.423 [31521] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:47:04.423 [31521] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:47:04.423 [31521] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:47:04.423 [31521] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:47:04.615 [31521] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:47:04.615 [31521] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:47:04.615 [31521] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:47:04.620 [31521] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:47:04.721 [31521] info  client.cpp::callSync []
2026-01-28 20:47:05.726 [31521] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:47:05.726 [31521] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:47:05.726 [31521] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:47:05.876 [31521] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:47:09.883 [31521] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:47:10.562 [31518] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:47:13.907 [31521] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:47:14.368 [31522] info  communicator.cpp::processor processing exited
2026-01-28 20:47:28.369 [31499] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:47:29.369 [31499] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:47:29.378 [32499] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:47:29.378 [32499] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:47:29.378 [32499] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:47:29.378 [32499] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:47:29.378 [32499] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:47:29.487 [32499] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:47:29.553 [32499] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:47:29.758 [32499] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:47:29.758 [32506] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:47:29.758 [32510] info  communicator.cpp::processor processing starting
2026-01-28 20:47:29.760 [32507] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:47:36.084 [32507] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:47:36.085 [32507] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:47:36.087 [32509] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:47:36.087 [32509] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:47:36.087 [32509] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:47:36.087 [32509] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:47:36.087 [32509] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:47:36.087 [32509] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:47:36.282 [32509] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:47:36.282 [32509] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:47:36.282 [32509] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:47:36.287 [32509] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:47:36.374 [32509] info  client.cpp::callSync []
2026-01-28 20:47:37.379 [32509] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:47:37.379 [32509] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:47:37.528 [32509] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:47:41.536 [32509] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:47:43.223 [32506] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:47:45.558 [32509] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:47:46.485 [32510] info  communicator.cpp::processor processing exited
2026-01-28 20:48:00.487 [32499] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:48:01.487 [32499] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:48:01.498 [33639] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:48:01.499 [33639] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:48:01.499 [33639] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:48:01.499 [33639] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:48:01.499 [33639] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:48:01.609 [33639] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:48:01.659 [33639] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:48:01.845 [33639] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:48:01.845 [33654] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:48:01.845 [33658] info  communicator.cpp::processor processing starting
2026-01-28 20:48:01.847 [33655] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:48:08.192 [33655] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:48:08.192 [33655] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:48:08.194 [33657] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:48:08.194 [33657] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:48:08.194 [33657] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:48:08.194 [33657] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:48:08.195 [33657] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:48:08.195 [33657] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:48:08.390 [33657] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:48:08.390 [33657] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:48:08.390 [33657] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:48:08.396 [33657] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:48:08.506 [33657] info  client.cpp::callSync []
2026-01-28 20:48:09.513 [33657] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:48:09.513 [33657] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:48:09.646 [33657] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:48:11.331 [33654] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:48:13.744 [33658] info  communicator.cpp::processor processing exited
2026-01-28 20:48:28.332 [33639] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:48:29.332 [33639] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:48:29.341 [34661] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:48:29.341 [34661] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:48:29.341 [34661] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:48:29.341 [34661] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:48:29.341 [34661] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:48:29.451 [34661] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:48:29.501 [34661] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:48:29.689 [34661] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:48:29.689 [34674] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:48:29.689 [34678] info  communicator.cpp::processor processing starting
2026-01-28 20:48:29.691 [34675] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:48:36.044 [34675] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:48:36.044 [34675] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:48:36.046 [34677] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:48:36.046 [34677] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:48:36.046 [34677] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:48:36.046 [34677] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:48:36.047 [34677] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:48:36.047 [34677] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:48:36.259 [34677] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:48:36.259 [34677] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:48:36.259 [34677] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:48:36.264 [34677] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:48:36.353 [34677] info  client.cpp::callSync []
2026-01-28 20:48:37.358 [34677] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:48:37.358 [34677] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:48:37.474 [34677] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:48:41.187 [34674] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:48:41.481 [34677] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:48:42.591 [34678] info  communicator.cpp::processor processing exited
2026-01-28 20:48:58.188 [34661] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:48:59.188 [34661] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:48:59.197 [35564] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:48:59.197 [35564] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:48:59.197 [35564] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:48:59.197 [35564] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:48:59.197 [35564] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:48:59.307 [35564] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:48:59.356 [35564] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:48:59.556 [35564] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:48:59.556 [35576] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:48:59.556 [35581] info  communicator.cpp::processor processing starting
2026-01-28 20:48:59.558 [35577] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:49:05.900 [35577] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:49:05.900 [35577] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:49:05.904 [35580] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:49:05.904 [35580] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:49:05.904 [35580] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:49:05.904 [35580] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:49:05.904 [35580] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:49:05.904 [35580] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:49:06.106 [35580] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:49:06.106 [35580] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:49:06.106 [35580] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:49:06.111 [35580] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:49:06.199 [35580] info  client.cpp::callSync []
2026-01-28 20:49:07.204 [35580] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:49:07.205 [35580] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:49:07.205 [35580] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:49:07.356 [35580] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:49:11.366 [35580] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:49:12.039 [35576] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:49:15.385 [35580] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:49:15.753 [35581] info  communicator.cpp::processor processing exited
2026-01-28 20:49:29.754 [35564] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:49:30.755 [35564] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:49:30.764 [36680] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:49:30.764 [36680] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:49:30.764 [36680] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:49:30.764 [36680] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:49:30.764 [36680] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:49:30.873 [36680] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:49:30.923 [36680] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:49:31.106 [36680] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:49:31.106 [36714] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:49:31.107 [36718] info  communicator.cpp::processor processing starting
2026-01-28 20:49:31.108 [36715] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:49:36.458 [36715] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:49:36.459 [36715] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:49:36.461 [36717] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:49:36.461 [36717] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:49:36.461 [36717] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:49:36.461 [36717] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:49:36.461 [36717] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:49:36.461 [36717] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:49:36.724 [36717] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:49:36.724 [36717] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:49:36.724 [36717] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:49:36.729 [36717] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:49:36.821 [36717] info  client.cpp::callSync []
2026-01-28 20:49:37.826 [36717] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:49:37.826 [36717] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:49:37.985 [36717] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:49:41.599 [36714] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:49:41.991 [36717] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:49:42.617 [36718] info  communicator.cpp::processor processing exited
2026-01-28 20:49:58.600 [36680] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:49:59.601 [36680] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:49:59.609 [37708] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:49:59.609 [37708] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:49:59.609 [37708] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:49:59.610 [37708] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:49:59.610 [37708] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:49:59.783 [37708] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:49:59.863 [37708] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:50:00.066 [37708] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:50:00.066 [37738] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:50:00.066 [37742] info  communicator.cpp::processor processing starting
2026-01-28 20:50:00.068 [37739] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:50:06.390 [37739] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:50:06.390 [37739] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:50:06.392 [37741] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:50:06.392 [37741] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:50:06.392 [37741] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:50:06.392 [37741] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:50:06.392 [37741] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:50:06.392 [37741] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:50:06.584 [37741] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:50:06.585 [37741] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:50:06.585 [37741] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:50:06.589 [37741] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:50:06.701 [37741] info  client.cpp::callSync []
2026-01-28 20:50:07.707 [37741] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:50:07.708 [37741] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:50:07.708 [37741] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:50:07.850 [37741] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:50:11.858 [37741] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:50:13.530 [37738] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:50:15.878 [37741] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:50:16.768 [37742] info  communicator.cpp::processor processing exited
2026-01-28 20:50:30.769 [37708] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:50:31.769 [37708] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:50:31.778 [38754] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:50:31.779 [38754] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:50:31.779 [38754] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:50:31.779 [38754] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:50:31.779 [38754] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:50:31.887 [38754] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:50:31.935 [38754] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:50:32.109 [38754] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:50:32.110 [38779] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:50:32.110 [38783] info  communicator.cpp::processor processing starting
2026-01-28 20:50:32.111 [38780] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:50:38.434 [38780] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:50:38.434 [38780] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:50:38.437 [38782] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:50:38.437 [38782] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:50:38.437 [38782] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:50:38.437 [38782] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:50:38.437 [38782] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:50:38.437 [38782] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:50:38.630 [38782] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:50:38.630 [38782] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:50:38.630 [38782] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:50:38.636 [38782] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:50:38.729 [38782] info  client.cpp::callSync []
2026-01-28 20:50:39.735 [38782] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:50:39.735 [38782] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:50:39.886 [38782] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:50:42.895 [38782] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:50:45.574 [38779] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:50:46.922 [38782] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:50:47.263 [38783] info  communicator.cpp::processor processing exited
2026-01-28 20:51:02.575 [38754] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:51:03.575 [38754] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:51:03.584 [39910] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:51:03.585 [39910] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:51:03.585 [39910] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:51:03.585 [39910] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:51:03.585 [39910] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:51:03.693 [39910] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:51:03.743 [39910] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:51:03.931 [39910] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:51:03.931 [39916] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:51:03.931 [39920] info  communicator.cpp::processor processing starting
2026-01-28 20:51:03.933 [39917] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:51:10.259 [39917] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:51:10.259 [39917] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:51:10.262 [39919] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:51:10.262 [39919] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:51:10.262 [39919] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:51:10.262 [39919] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:51:10.262 [39919] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:51:10.262 [39919] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:51:10.524 [39919] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:51:10.524 [39919] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:51:10.524 [39919] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:51:10.529 [39919] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:51:10.639 [39919] info  client.cpp::callSync []
2026-01-28 20:51:11.645 [39919] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:51:11.646 [39919] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:51:11.788 [39919] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:51:15.402 [39916] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:51:15.796 [39919] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:51:16.247 [39920] info  communicator.cpp::processor processing exited
2026-01-28 20:51:32.403 [39910] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:51:33.403 [39910] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:51:33.412 [40835] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:51:33.412 [40835] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:51:33.412 [40835] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:51:33.412 [40835] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:51:33.412 [40835] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:51:33.522 [40835] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:51:33.572 [40835] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:51:33.768 [40835] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:51:33.769 [40860] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:51:33.769 [40864] info  communicator.cpp::processor processing starting
2026-01-28 20:51:33.771 [40861] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:51:40.095 [40861] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:51:40.096 [40861] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:51:40.098 [40863] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:51:40.098 [40863] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:51:40.098 [40863] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:51:40.098 [40863] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:51:40.098 [40863] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:51:40.098 [40863] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:51:40.371 [40863] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:51:40.371 [40863] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:51:40.371 [40863] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:51:40.377 [40863] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:51:40.466 [40863] info  client.cpp::callSync []
2026-01-28 20:51:41.471 [40863] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:51:41.471 [40863] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:51:41.471 [40863] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:51:41.625 [40863] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:51:45.242 [40860] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:51:45.633 [40863] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:51:45.909 [40864] info  communicator.cpp::processor processing exited
2026-01-28 20:52:02.243 [40835] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:52:03.243 [40835] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:52:03.251 [41719] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:52:03.252 [41719] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:52:03.252 [41719] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:52:03.252 [41719] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:52:03.252 [41719] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:52:03.361 [41719] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:52:03.410 [41719] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:52:03.600 [41719] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:52:03.600 [41753] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:52:03.600 [41757] info  communicator.cpp::processor processing starting
2026-01-28 20:52:03.602 [41754] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:52:08.927 [41754] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:52:08.927 [41754] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:52:08.929 [41756] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:52:08.929 [41756] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:52:08.929 [41756] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:52:08.929 [41756] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:52:08.929 [41756] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:52:08.929 [41756] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:52:09.146 [41756] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:52:09.147 [41756] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:52:09.147 [41756] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:52:09.153 [41756] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:52:09.244 [41756] info  client.cpp::callSync []
2026-01-28 20:52:10.249 [41756] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:52:10.250 [41756] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:52:10.250 [41756] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:52:10.335 [41756] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:52:14.342 [41756] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:52:15.066 [41753] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:52:18.367 [41756] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:52:18.747 [41757] info  communicator.cpp::processor processing exited
2026-01-28 20:52:32.748 [41719] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:52:33.748 [41719] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:52:33.757 [42859] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:52:33.757 [42859] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:52:33.757 [42859] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:52:33.757 [42859] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:52:33.757 [42859] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:52:33.866 [42859] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:52:33.915 [42859] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:52:34.099 [42859] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:52:34.099 [42873] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:52:34.099 [42877] info  communicator.cpp::processor processing starting
2026-01-28 20:52:34.101 [42874] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:52:40.424 [42874] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:52:40.425 [42874] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:52:40.427 [42876] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:52:40.427 [42876] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:52:40.427 [42876] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:52:40.427 [42876] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:52:40.427 [42876] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:52:40.427 [42876] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:52:40.621 [42876] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:52:40.621 [42876] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:52:40.621 [42876] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:52:40.628 [42876] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:52:40.716 [42876] info  client.cpp::callSync []
2026-01-28 20:52:41.721 [42876] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:52:41.722 [42876] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:52:41.872 [42876] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:52:45.881 [42876] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:52:47.617 [42873] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:52:49.901 [42876] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:52:50.696 [42877] info  communicator.cpp::processor processing exited
2026-01-28 20:53:04.698 [42859] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:53:05.698 [42859] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:53:05.709 [43830] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:53:05.709 [43830] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:53:05.709 [43830] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:53:05.709 [43830] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:53:05.709 [43830] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:53:05.818 [43830] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:53:05.867 [43830] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:53:06.046 [43830] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:53:06.046 [43836] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:53:06.046 [43840] info  communicator.cpp::processor processing starting
2026-01-28 20:53:06.048 [43837] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:53:11.397 [43837] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:53:11.397 [43837] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:53:11.401 [43839] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:53:11.401 [43839] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:53:11.401 [43839] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:53:11.401 [43839] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:53:11.401 [43839] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:53:11.401 [43839] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:53:11.593 [43839] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:53:11.593 [43839] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:53:11.593 [43839] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:53:11.598 [43839] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:53:11.697 [43839] info  client.cpp::callSync []
2026-01-28 20:53:12.704 [43839] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:53:12.704 [43839] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:53:12.814 [43839] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:53:16.823 [43839] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:53:18.582 [43836] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:53:20.855 [43839] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:53:21.530 [43840] info  communicator.cpp::processor processing exited
2026-01-28 20:53:35.583 [43830] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:53:36.583 [43830] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:53:36.593 [44657] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:53:36.593 [44657] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:53:36.593 [44657] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:53:36.593 [44657] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:53:36.593 [44657] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:53:36.702 [44657] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:53:36.751 [44657] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:53:36.928 [44657] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:53:36.928 [44664] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:53:36.928 [44668] info  communicator.cpp::processor processing starting
2026-01-28 20:53:36.930 [44665] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:53:42.258 [44665] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:53:42.259 [44665] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:53:42.261 [44667] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:53:42.261 [44667] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:53:42.261 [44667] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:53:42.261 [44667] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:53:42.261 [44667] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:53:42.261 [44667] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:53:42.454 [44667] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:53:42.454 [44667] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:53:42.454 [44667] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:53:42.459 [44667] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:53:42.562 [44667] info  client.cpp::callSync []
2026-01-28 20:53:43.569 [44667] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:53:43.569 [44667] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:53:43.707 [44667] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:53:47.398 [44664] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:53:47.716 [44667] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:53:48.512 [44668] info  communicator.cpp::processor processing exited
2026-01-28 20:54:04.399 [44657] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:54:05.400 [44657] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:54:05.410 [45703] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:54:05.411 [45703] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:54:05.411 [45703] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:54:05.411 [45703] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:54:05.411 [45703] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:54:05.520 [45703] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:54:05.570 [45703] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:54:05.755 [45703] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:54:05.755 [45709] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:54:05.755 [45713] info  communicator.cpp::processor processing starting
2026-01-28 20:54:05.757 [45710] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:54:12.083 [45710] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:54:12.083 [45710] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:54:12.085 [45712] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:54:12.085 [45712] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:54:12.085 [45712] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:54:12.085 [45712] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:54:12.085 [45712] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:54:12.085 [45712] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:54:12.279 [45712] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:54:12.280 [45712] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:54:12.280 [45712] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:54:12.284 [45712] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:54:12.375 [45712] info  client.cpp::callSync []
2026-01-28 20:54:13.380 [45712] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:54:13.381 [45712] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:54:13.381 [45712] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:54:13.506 [45712] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:54:17.516 [45712] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:54:18.229 [45709] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:54:21.542 [45712] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:54:22.553 [45713] info  communicator.cpp::processor processing exited
2026-01-28 20:54:36.554 [45703] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:54:37.555 [45703] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:54:37.564 [46692] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:54:37.564 [46692] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:54:37.564 [46692] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:54:37.564 [46692] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:54:37.564 [46692] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:54:37.674 [46692] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:54:37.746 [46692] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:54:37.953 [46692] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:54:37.953 [46710] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:54:37.954 [46714] info  communicator.cpp::processor processing starting
2026-01-28 20:54:37.955 [46711] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:54:41.276 [46711] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:54:41.276 [46711] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:54:41.278 [46713] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:54:41.278 [46713] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:54:41.278 [46713] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:54:41.278 [46713] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:54:41.278 [46713] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:54:41.278 [46713] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:54:41.488 [46713] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:54:41.488 [46713] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:54:41.488 [46713] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:54:41.493 [46713] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:54:41.587 [46713] info  client.cpp::callSync []
2026-01-28 20:54:42.591 [46713] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:54:42.592 [46713] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:54:42.739 [46713] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:54:45.419 [46710] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:54:46.839 [46714] info  communicator.cpp::processor processing exited
2026-01-28 20:55:02.421 [46692] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:55:03.421 [46692] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:55:03.430 [47736] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:55:03.430 [47736] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:55:03.430 [47736] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:55:03.430 [47736] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:55:03.430 [47736] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:55:03.539 [47736] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:55:03.588 [47736] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:55:03.776 [47736] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:55:03.776 [47749] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:55:03.776 [47753] info  communicator.cpp::processor processing starting
2026-01-28 20:55:03.778 [47750] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:55:08.134 [47750] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:55:08.134 [47750] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:55:08.137 [47752] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:55:08.137 [47752] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:55:08.137 [47752] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:55:08.137 [47752] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:55:08.137 [47752] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:55:08.137 [47752] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:55:08.356 [47752] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:55:08.356 [47752] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:55:08.356 [47752] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:55:08.361 [47752] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:55:08.454 [47752] info  client.cpp::callSync []
2026-01-28 20:55:09.459 [47752] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:55:09.459 [47752] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:55:09.566 [47752] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:55:13.297 [47749] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:55:13.574 [47752] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:55:14.217 [47753] info  communicator.cpp::processor processing exited
2026-01-28 20:55:30.298 [47736] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:55:31.298 [47736] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:55:31.307 [48706] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:55:31.307 [48706] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:55:31.307 [48706] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:55:31.307 [48706] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:55:31.307 [48706] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:55:31.456 [48706] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:55:31.536 [48706] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:55:31.713 [48706] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:55:31.714 [48718] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:55:31.714 [48722] info  communicator.cpp::processor processing starting
2026-01-28 20:55:31.716 [48719] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:55:38.065 [48719] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:55:38.066 [48719] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:55:38.069 [48721] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:55:38.069 [48721] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:55:38.069 [48721] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:55:38.069 [48721] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:55:38.070 [48721] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:55:38.070 [48721] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:55:38.299 [48721] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:55:38.300 [48721] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:55:38.300 [48721] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:55:38.307 [48721] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:55:38.398 [48721] info  client.cpp::callSync []
2026-01-28 20:55:39.403 [48721] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:55:39.404 [48721] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:55:39.404 [48721] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:55:39.539 [48721] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:55:42.546 [48721] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:55:44.205 [48718] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:55:46.570 [48721] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:55:47.640 [48722] info  communicator.cpp::processor processing exited
2026-01-28 20:56:01.641 [48706] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:56:02.641 [48706] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:56:02.650 [49732] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:56:02.651 [49732] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:56:02.651 [49732] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:56:02.651 [49732] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:56:02.651 [49732] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:56:02.765 [49732] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:56:02.821 [49732] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:56:03.030 [49732] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:56:03.030 [49738] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:56:03.030 [49742] info  communicator.cpp::processor processing starting
2026-01-28 20:56:03.032 [49739] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:56:09.390 [49739] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:56:09.390 [49739] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:56:09.394 [49741] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:56:09.394 [49741] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:56:09.394 [49741] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:56:09.394 [49741] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:56:09.394 [49741] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:56:09.394 [49741] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:56:09.593 [49741] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:56:09.593 [49741] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:56:09.593 [49741] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:56:09.598 [49741] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:56:09.701 [49741] info  client.cpp::callSync []
2026-01-28 20:56:10.707 [49741] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:56:10.708 [49741] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:56:10.814 [49741] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:56:14.822 [49741] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:56:15.551 [49738] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:56:18.958 [49741] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:56:19.825 [49742] info  communicator.cpp::processor processing exited
2026-01-28 20:56:33.826 [49732] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:56:34.826 [49732] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:56:34.835 [50799] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:56:34.836 [50799] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:56:34.836 [50799] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:56:34.836 [50799] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:56:34.836 [50799] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:56:34.945 [50799] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:56:34.994 [50799] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:56:35.172 [50799] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:56:35.172 [50816] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:56:35.172 [50820] info  communicator.cpp::processor processing starting
2026-01-28 20:56:35.174 [50817] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:56:40.504 [50817] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:56:40.504 [50817] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:56:40.506 [50819] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:56:40.506 [50819] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:56:40.506 [50819] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:56:40.506 [50819] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:56:40.506 [50819] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:56:40.506 [50819] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:56:40.719 [50819] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:56:40.720 [50819] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:56:40.720 [50819] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:56:40.726 [50819] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:56:40.817 [50819] info  client.cpp::callSync []
2026-01-28 20:56:41.822 [50819] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:56:41.822 [50819] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:56:41.972 [50819] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:56:45.979 [50819] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:56:46.640 [50816] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:56:50.000 [50819] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:56:51.177 [50820] info  communicator.cpp::processor processing exited
2026-01-28 20:57:05.178 [50799] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:57:06.178 [50799] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:57:06.188 [51923] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:57:06.188 [51923] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:57:06.188 [51923] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:57:06.188 [51923] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:57:06.188 [51923] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:57:06.296 [51923] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:57:06.345 [51923] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:57:06.526 [51923] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:57:06.526 [51929] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:57:06.526 [51933] info  communicator.cpp::processor processing starting
2026-01-28 20:57:06.528 [51930] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:57:12.871 [51930] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:57:12.872 [51930] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:57:12.875 [51932] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:57:12.875 [51932] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:57:12.875 [51932] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:57:12.875 [51932] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:57:12.875 [51932] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:57:12.875 [51932] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:57:13.087 [51932] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:57:13.087 [51932] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:57:13.087 [51932] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:57:13.092 [51932] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:57:13.195 [51932] info  client.cpp::callSync []
2026-01-28 20:57:14.202 [51932] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:57:14.202 [51932] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:57:14.295 [51932] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:57:18.305 [51932] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:57:19.016 [51929] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:57:22.677 [51932] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:57:23.778 [51933] info  communicator.cpp::processor processing exited
2026-01-28 20:57:37.779 [51923] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:57:38.779 [51923] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:57:38.789 [52914] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:57:38.789 [52914] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:57:38.789 [52914] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:57:38.789 [52914] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:57:38.789 [52914] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:57:38.903 [52914] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:57:38.955 [52914] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:57:39.135 [52914] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:57:39.135 [52929] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:57:39.135 [52933] info  communicator.cpp::processor processing starting
2026-01-28 20:57:39.137 [52930] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:57:45.460 [52930] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:57:45.460 [52930] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:57:45.463 [52932] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:57:45.463 [52932] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:57:45.463 [52932] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:57:45.463 [52932] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:57:45.463 [52932] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:57:45.463 [52932] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:57:45.661 [52932] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:57:45.661 [52932] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:57:45.661 [52932] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:57:45.666 [52932] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:57:45.756 [52932] info  client.cpp::callSync []
2026-01-28 20:57:46.760 [52932] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:57:46.761 [52932] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:57:46.883 [52932] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:57:50.891 [52932] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:57:51.606 [52929] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:57:55.014 [52932] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:57:55.331 [52933] info  communicator.cpp::processor processing exited
2026-01-28 20:58:09.332 [52914] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:58:10.332 [52914] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:58:10.342 [54001] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:58:10.343 [54001] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:58:10.343 [54001] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:58:10.343 [54001] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:58:10.343 [54001] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:58:10.458 [54001] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:58:10.508 [54001] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:58:10.710 [54001] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:58:10.711 [54022] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:58:10.711 [54026] info  communicator.cpp::processor processing starting
2026-01-28 20:58:10.713 [54023] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:58:17.069 [54023] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:58:17.070 [54023] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:58:17.074 [54025] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:58:17.074 [54025] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:58:17.074 [54025] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:58:17.074 [54025] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:58:17.074 [54025] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:58:17.074 [54025] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:58:17.282 [54025] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:58:17.282 [54025] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:58:17.282 [54025] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:58:17.288 [54025] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:58:17.377 [54025] info  client.cpp::callSync []
2026-01-28 20:58:18.383 [54025] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:58:18.383 [54025] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:58:18.517 [54025] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:58:22.526 [54025] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:58:24.220 [54022] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:58:26.547 [54025] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:58:26.959 [54026] info  communicator.cpp::processor processing exited
2026-01-28 20:58:41.221 [54001] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:58:42.221 [54001] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:58:42.231 [55042] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:58:42.231 [55042] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:58:42.231 [55042] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:58:42.231 [55042] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:58:42.232 [55042] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:58:42.383 [55042] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:58:42.436 [55042] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:58:42.625 [55042] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:58:42.625 [55051] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:58:42.625 [55055] info  communicator.cpp::processor processing starting
2026-01-28 20:58:42.627 [55052] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:58:48.976 [55052] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:58:48.977 [55052] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:58:48.980 [55054] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:58:48.980 [55054] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:58:48.980 [55054] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:58:48.980 [55054] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:58:48.980 [55054] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:58:48.980 [55054] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:58:49.177 [55054] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:58:49.177 [55054] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:58:49.177 [55054] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:58:49.182 [55054] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:58:49.278 [55054] info  client.cpp::callSync []
2026-01-28 20:58:50.283 [55054] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:58:50.283 [55054] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:58:50.365 [55054] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:58:54.373 [55054] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:58:55.120 [55051] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:58:58.832 [55054] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:58:59.945 [55055] info  communicator.cpp::processor processing exited
2026-01-28 20:59:13.946 [55042] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:59:14.946 [55042] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:59:14.956 [55994] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:59:14.957 [55994] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:59:14.957 [55994] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:59:14.957 [55994] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:59:14.957 [55994] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:59:15.089 [55994] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:59:15.139 [55994] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:59:15.325 [55994] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:59:15.325 [56008] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:59:15.325 [56012] info  communicator.cpp::processor processing starting
2026-01-28 20:59:15.327 [56009] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:59:19.682 [56009] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:59:19.682 [56009] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:59:19.685 [56011] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:59:19.685 [56011] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:59:19.685 [56011] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:59:19.685 [56011] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:59:19.686 [56011] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:59:19.686 [56011] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:59:19.881 [56011] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:59:19.881 [56011] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:59:19.881 [56011] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:59:19.886 [56011] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:59:19.987 [56011] info  client.cpp::callSync []
2026-01-28 20:59:20.992 [56011] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:59:20.992 [56011] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:59:21.076 [56011] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:59:25.083 [56011] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:59:25.823 [56008] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:59:29.221 [56011] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:59:29.544 [56012] info  communicator.cpp::processor processing exited
2026-01-28 20:59:43.546 [55994] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 20:59:44.546 [55994] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 20:59:44.555 [56844] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 20:59:44.555 [56844] info  mbdaemon.cpp::main logLevel is info
2026-01-28 20:59:44.555 [56844] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 20:59:44.555 [56844] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 20:59:44.555 [56844] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 20:59:44.663 [56844] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 20:59:44.712 [56844] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 20:59:44.884 [56844] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 20:59:44.885 [56861] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 20:59:44.885 [56865] info  communicator.cpp::processor processing starting
2026-01-28 20:59:44.886 [56862] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:59:51.214 [56862] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 20:59:51.214 [56862] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 20:59:51.216 [56864] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 20:59:51.216 [56864] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 20:59:51.216 [56864] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 20:59:51.216 [56864] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 20:59:51.216 [56864] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 20:59:51.216 [56864] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 20:59:51.409 [56864] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 20:59:51.409 [56864] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 20:59:51.409 [56864] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 20:59:51.414 [56864] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 20:59:51.502 [56864] info  client.cpp::callSync []
2026-01-28 20:59:52.507 [56864] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 20:59:52.507 [56864] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 20:59:52.649 [56864] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 20:59:56.362 [56861] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 20:59:56.657 [56864] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 20:59:57.848 [56865] info  communicator.cpp::processor processing exited
2026-01-28 21:00:13.363 [56844] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:00:14.363 [56844] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:00:14.373 [58100] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:00:14.373 [58100] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:00:14.373 [58100] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:00:14.373 [58100] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:00:14.373 [58100] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:00:14.529 [58100] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:00:14.579 [58100] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:00:14.763 [58100] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:00:14.763 [58114] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:00:14.763 [58118] info  communicator.cpp::processor processing starting
2026-01-28 21:00:14.765 [58115] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:00:21.090 [58115] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:00:21.090 [58115] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:00:21.092 [58117] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:00:21.092 [58117] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:00:21.092 [58117] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:00:21.092 [58117] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:00:21.092 [58117] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:00:21.092 [58117] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:00:21.287 [58117] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:00:21.287 [58117] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:00:21.287 [58117] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:00:21.292 [58117] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:00:21.382 [58117] info  client.cpp::callSync []
2026-01-28 21:00:22.387 [58117] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:00:22.387 [58117] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:00:22.387 [58117] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:00:22.528 [58117] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:00:26.537 [58117] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:00:28.233 [58114] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:00:30.812 [58117] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:00:31.778 [58118] info  communicator.cpp::processor processing exited
2026-01-28 21:00:45.780 [58100] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:00:46.780 [58100] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:00:46.791 [59050] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:00:46.791 [59050] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:00:46.791 [59050] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:00:46.791 [59050] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:00:46.791 [59050] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:00:46.900 [59050] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:00:46.949 [59050] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:00:47.124 [59050] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:00:47.124 [59069] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:00:47.124 [59073] info  communicator.cpp::processor processing starting
2026-01-28 21:00:47.126 [59070] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:00:53.451 [59070] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:00:53.451 [59070] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:00:53.453 [59072] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:00:53.453 [59072] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:00:53.453 [59072] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:00:53.453 [59072] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:00:53.454 [59072] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:00:53.454 [59072] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:00:53.649 [59072] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:00:53.649 [59072] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:00:53.649 [59072] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:00:53.654 [59072] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:00:53.745 [59072] info  client.cpp::callSync []
2026-01-28 21:00:54.750 [59072] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:00:54.751 [59072] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:00:54.897 [59072] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:00:58.599 [59069] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:00:58.905 [59072] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:00:59.275 [59073] info  communicator.cpp::processor processing exited
2026-01-28 21:01:15.600 [59050] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:01:16.600 [59050] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:01:16.611 [60110] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:01:16.611 [60110] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:01:16.611 [60110] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:01:16.611 [60110] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:01:16.611 [60110] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:01:16.720 [60110] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:01:16.770 [60110] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:01:16.950 [60110] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:01:16.950 [60132] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:01:16.950 [60136] info  communicator.cpp::processor processing starting
2026-01-28 21:01:16.952 [60133] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:01:23.322 [60133] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:01:23.323 [60133] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:01:23.326 [60135] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:01:23.326 [60135] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:01:23.326 [60135] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:01:23.326 [60135] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:01:23.326 [60135] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:01:23.326 [60135] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:01:23.523 [60135] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:01:23.523 [60135] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:01:23.523 [60135] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:01:23.528 [60135] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:01:23.619 [60135] info  client.cpp::callSync []
2026-01-28 21:01:24.624 [60135] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:01:24.625 [60135] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:01:24.625 [60135] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:01:24.718 [60135] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:01:28.465 [60132] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:01:28.727 [60135] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:01:29.672 [60136] info  communicator.cpp::processor processing exited
2026-01-28 21:01:45.467 [60110] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:01:46.467 [60110] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:01:46.476 [61107] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:01:46.476 [61107] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:01:46.476 [61107] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:01:46.476 [61107] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:01:46.476 [61107] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:01:46.586 [61107] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:01:46.637 [61107] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:01:46.834 [61107] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:01:46.834 [61139] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:01:46.834 [61143] info  communicator.cpp::processor processing starting
2026-01-28 21:01:46.836 [61140] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:01:53.180 [61140] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:01:53.181 [61140] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:01:53.183 [61142] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:01:53.183 [61142] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:01:53.183 [61142] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:01:53.183 [61142] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:01:53.183 [61142] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:01:53.183 [61142] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:01:53.381 [61142] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:01:53.381 [61142] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:01:53.381 [61142] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:01:53.387 [61142] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:01:53.476 [61142] info  client.cpp::callSync []
2026-01-28 21:01:54.481 [61142] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:01:54.481 [61142] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:01:54.481 [61142] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:01:54.634 [61142] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:01:58.643 [61142] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:02:00.323 [61139] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:02:02.925 [61142] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:02:04.013 [61143] info  communicator.cpp::processor processing exited
2026-01-28 21:02:18.014 [61107] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:02:19.014 [61107] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:02:19.024 [62148] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:02:19.024 [62148] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:02:19.024 [62148] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:02:19.024 [62148] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:02:19.024 [62148] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:02:19.132 [62148] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:02:19.181 [62148] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:02:19.405 [62148] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:02:19.405 [62166] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:02:19.405 [62170] info  communicator.cpp::processor processing starting
2026-01-28 21:02:19.407 [62167] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:02:25.729 [62167] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:02:25.730 [62167] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:02:25.732 [62169] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:02:25.732 [62169] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:02:25.732 [62169] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:02:25.732 [62169] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:02:25.732 [62169] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:02:25.732 [62169] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:02:25.929 [62169] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:02:25.929 [62169] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:02:25.929 [62169] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:02:25.934 [62169] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:02:26.022 [62169] info  client.cpp::callSync []
2026-01-28 21:02:27.028 [62169] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:02:27.028 [62169] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:02:27.174 [62169] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:02:31.183 [62169] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:02:31.918 [62166] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:02:34.203 [62169] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:02:34.575 [62170] info  communicator.cpp::processor processing exited
2026-01-28 21:02:48.919 [62148] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:02:49.919 [62148] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:02:49.931 [63202] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:02:49.931 [63202] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:02:49.931 [63202] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:02:49.931 [63202] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:02:49.931 [63202] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:02:50.040 [63202] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:02:50.090 [63202] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:02:50.279 [63202] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:02:50.279 [63219] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:02:50.279 [63223] info  communicator.cpp::processor processing starting
2026-01-28 21:02:50.281 [63220] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:02:56.622 [63220] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:02:56.623 [63220] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:02:56.626 [63222] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:02:56.626 [63222] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:02:56.626 [63222] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:02:56.626 [63222] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:02:56.626 [63222] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:02:56.626 [63222] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:02:56.838 [63222] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:02:56.839 [63222] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:02:56.839 [63222] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:02:56.844 [63222] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:02:56.940 [63222] info  client.cpp::callSync []
2026-01-28 21:02:57.945 [63222] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:02:57.945 [63222] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:02:58.030 [63222] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:03:02.038 [63222] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:03:02.767 [63219] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:03:06.063 [63222] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:03:07.261 [63223] info  communicator.cpp::processor processing exited
2026-01-28 21:03:21.262 [63202] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:03:22.262 [63202] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:03:22.272 [64437] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:03:22.272 [64437] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:03:22.272 [64437] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:03:22.272 [64437] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:03:22.272 [64437] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:03:22.381 [64437] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:03:22.432 [64437] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:03:22.655 [64437] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:03:22.656 [64444] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:03:22.656 [64448] info  communicator.cpp::processor processing starting
2026-01-28 21:03:22.658 [64445] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:03:27.989 [64445] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:03:27.989 [64445] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:03:27.991 [64447] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:03:27.991 [64447] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:03:27.991 [64447] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:03:27.991 [64447] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:03:27.991 [64447] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:03:27.991 [64447] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:03:28.205 [64447] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:03:28.205 [64447] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:03:28.205 [64447] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:03:28.212 [64447] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:03:28.313 [64447] info  client.cpp::callSync []
2026-01-28 21:03:29.320 [64447] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:03:29.320 [64447] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:03:29.403 [64447] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:03:33.412 [64447] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:03:35.130 [64444] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:03:37.433 [64447] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:03:38.602 [64448] info  communicator.cpp::processor processing exited
2026-01-28 21:03:52.603 [64437] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:03:53.603 [64437] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:03:53.613 [65535] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:03:53.613 [65535] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:03:53.613 [65535] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:03:53.613 [65535] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:03:53.613 [65535] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:03:53.722 [65535] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:03:53.771 [65535] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:03:53.951 [65535] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:03:53.951 [65547] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:03:53.951 [65551] info  communicator.cpp::processor processing starting
2026-01-28 21:03:53.953 [65548] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:04:00.277 [65548] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:04:00.277 [65548] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:04:00.279 [65550] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:04:00.279 [65550] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:04:00.279 [65550] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:04:00.279 [65550] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:04:00.280 [65550] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:04:00.280 [65550] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:04:00.472 [65550] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:04:00.473 [65550] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:04:00.473 [65550] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:04:00.478 [65550] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:04:00.567 [65550] info  client.cpp::callSync []
2026-01-28 21:04:01.572 [65550] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:04:01.572 [65550] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:04:01.718 [65550] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:04:05.725 [65550] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:04:06.427 [65547] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:04:09.743 [65550] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:04:10.368 [65551] info  communicator.cpp::processor processing exited
2026-01-28 21:04:24.369 [65535] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:04:25.369 [65535] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:04:25.378 [66689] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:04:25.379 [66689] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:04:25.379 [66689] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:04:25.379 [66689] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:04:25.379 [66689] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:04:25.488 [66689] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:04:25.537 [66689] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:04:25.741 [66689] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:04:25.741 [66705] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:04:25.741 [66709] info  communicator.cpp::processor processing starting
2026-01-28 21:04:25.743 [66706] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:04:32.086 [66706] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:04:32.086 [66706] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:04:32.088 [66708] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:04:32.089 [66708] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:04:32.089 [66708] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:04:32.089 [66708] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:04:32.089 [66708] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:04:32.089 [66708] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:04:32.283 [66708] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:04:32.283 [66708] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:04:32.283 [66708] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:04:32.288 [66708] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:04:32.379 [66708] info  client.cpp::callSync []
2026-01-28 21:04:33.384 [66708] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:04:33.384 [66708] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:04:33.521 [66708] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:04:37.529 [66708] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:04:39.229 [66705] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:04:41.986 [66708] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:04:43.079 [66709] info  communicator.cpp::processor processing exited
2026-01-28 21:04:47.079 [66689] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:04:47.089 [67388] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:04:47.089 [67388] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:04:47.089 [67388] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:04:47.090 [67388] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:04:47.090 [67388] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:04:47.200 [67388] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:04:47.251 [67388] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:04:47.427 [67388] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:04:47.427 [67411] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:04:47.427 [67415] info  communicator.cpp::processor processing starting
2026-01-28 21:04:47.429 [67412] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:04:53.762 [67412] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:04:53.763 [67412] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:04:53.766 [67414] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:04:53.766 [67414] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:04:53.766 [67414] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:04:53.766 [67414] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:04:53.767 [67414] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:04:53.767 [67414] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:04:54.022 [67414] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:04:54.022 [67414] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:04:54.022 [67414] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:04:54.027 [67414] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:04:54.119 [67414] info  client.cpp::callSync []
2026-01-28 21:04:55.124 [67414] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:04:55.124 [67414] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:04:55.278 [67414] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:04:58.287 [67414] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:04:59.907 [67411] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:05:02.315 [67414] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:05:03.495 [67415] info  communicator.cpp::processor processing exited
2026-01-28 21:05:17.496 [67388] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:05:18.496 [67388] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:05:18.507 [68560] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:05:18.508 [68560] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:05:18.508 [68560] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:05:18.508 [68560] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:05:18.508 [68560] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:05:18.635 [68560] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:05:18.684 [68560] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:05:18.871 [68560] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:05:18.871 [68572] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:05:18.871 [68576] info  communicator.cpp::processor processing starting
2026-01-28 21:05:18.873 [68573] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:05:25.235 [68573] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:05:25.235 [68573] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:05:25.237 [68575] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:05:25.237 [68575] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:05:25.237 [68575] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:05:25.237 [68575] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:05:25.237 [68575] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:05:25.237 [68575] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:05:25.429 [68575] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:05:25.429 [68575] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:05:25.429 [68575] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:05:25.434 [68575] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:05:25.524 [68575] info  client.cpp::callSync []
2026-01-28 21:05:26.528 [68575] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:05:26.529 [68575] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:05:26.609 [68575] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:05:30.616 [68575] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:05:32.400 [68572] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:05:34.912 [68575] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:05:35.355 [68576] info  communicator.cpp::processor processing exited
2026-01-28 21:05:49.402 [68560] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:05:50.402 [68560] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:05:50.411 [69544] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:05:50.411 [69544] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:05:50.411 [69544] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:05:50.411 [69544] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:05:50.411 [69544] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:05:50.520 [69544] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:05:50.569 [69544] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:05:50.752 [69544] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:05:50.753 [69550] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:05:50.753 [69554] info  communicator.cpp::processor processing starting
2026-01-28 21:05:50.755 [69551] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:05:57.099 [69551] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:05:57.099 [69551] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:05:57.103 [69553] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:05:57.103 [69553] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:05:57.103 [69553] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:05:57.103 [69553] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:05:57.103 [69553] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:05:57.103 [69553] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:05:57.357 [69553] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:05:57.357 [69553] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:05:57.357 [69553] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:05:57.363 [69553] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:05:57.455 [69553] info  client.cpp::callSync []
2026-01-28 21:05:58.460 [69553] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:05:58.460 [69553] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:05:58.597 [69553] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:06:02.243 [69550] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:06:02.604 [69553] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:06:03.332 [69554] info  communicator.cpp::processor processing exited
2026-01-28 21:06:19.244 [69544] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:06:20.244 [69544] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:06:20.253 [70488] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:06:20.253 [70488] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:06:20.253 [70488] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:06:20.254 [70488] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:06:20.254 [70488] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:06:20.362 [70488] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:06:20.411 [70488] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:06:20.589 [70488] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:06:20.589 [70494] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:06:20.589 [70498] info  communicator.cpp::processor processing starting
2026-01-28 21:06:20.591 [70495] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:06:26.912 [70495] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:06:26.912 [70495] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:06:26.915 [70497] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:06:26.915 [70497] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:06:26.915 [70497] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:06:26.915 [70497] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:06:26.915 [70497] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:06:26.915 [70497] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:06:27.106 [70497] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:06:27.106 [70497] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:06:27.106 [70497] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:06:27.111 [70497] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:06:27.204 [70497] info  client.cpp::callSync []
2026-01-28 21:06:28.209 [70497] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:06:28.209 [70497] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:06:28.209 [70497] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:06:28.348 [70497] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:06:32.355 [70497] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:06:34.052 [70494] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:06:35.729 [70497] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:06:36.926 [70498] info  communicator.cpp::processor processing exited
2026-01-28 21:06:51.053 [70488] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:06:52.053 [70488] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:06:52.063 [71386] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:06:52.064 [71386] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:06:52.064 [71386] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:06:52.064 [71386] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:06:52.064 [71386] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:06:52.196 [71386] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:06:52.251 [71386] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:06:52.440 [71386] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:06:52.440 [71399] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:06:52.440 [71403] info  communicator.cpp::processor processing starting
2026-01-28 21:06:52.442 [71400] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:06:58.803 [71400] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:06:58.804 [71400] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:06:58.807 [71402] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:06:58.807 [71402] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:06:58.807 [71402] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:06:58.807 [71402] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:06:58.807 [71402] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:06:58.807 [71402] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:06:59.004 [71402] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:06:59.004 [71402] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:06:59.004 [71402] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:06:59.010 [71402] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:06:59.107 [71402] info  client.cpp::callSync []
2026-01-28 21:07:00.112 [71402] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:07:00.113 [71402] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:07:00.209 [71402] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:07:04.217 [71402] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:07:04.947 [71399] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:07:08.239 [71402] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:07:09.419 [71403] info  communicator.cpp::processor processing exited
2026-01-28 21:07:23.420 [71386] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:07:24.420 [71386] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:07:24.430 [72366] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:07:24.430 [72366] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:07:24.430 [72366] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:07:24.430 [72366] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:07:24.430 [72366] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:07:24.574 [72366] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:07:24.651 [72366] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:07:24.848 [72366] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:07:24.848 [72379] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:07:24.848 [72383] info  communicator.cpp::processor processing starting
2026-01-28 21:07:24.850 [72380] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:07:30.218 [72380] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:07:30.219 [72380] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:07:30.222 [72382] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:07:30.222 [72382] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:07:30.222 [72382] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:07:30.222 [72382] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:07:30.222 [72382] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:07:30.222 [72382] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:07:30.434 [72382] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:07:30.435 [72382] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:07:30.435 [72382] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:07:30.440 [72382] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:07:30.535 [72382] info  client.cpp::callSync []
2026-01-28 21:07:31.542 [72382] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:07:31.542 [72382] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:07:31.685 [72382] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:07:35.693 [72382] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:07:37.370 [72379] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:07:39.894 [72382] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:07:40.717 [72383] info  communicator.cpp::processor processing exited
2026-01-28 21:07:44.717 [72366] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:07:44.727 [72953] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:07:44.727 [72953] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:07:44.727 [72953] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:07:44.727 [72953] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:07:44.727 [72953] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:07:44.836 [72953] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:07:44.885 [72953] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:07:45.101 [72953] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:07:45.101 [72959] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:07:45.101 [72963] info  communicator.cpp::processor processing starting
2026-01-28 21:07:45.103 [72960] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:07:50.424 [72960] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:07:50.425 [72960] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:07:50.427 [72962] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:07:50.427 [72962] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:07:50.427 [72962] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:07:50.427 [72962] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:07:50.427 [72962] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:07:50.427 [72962] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:07:50.619 [72962] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:07:50.619 [72962] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:07:50.619 [72962] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:07:50.624 [72962] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:07:50.712 [72962] info  client.cpp::callSync []
2026-01-28 21:07:51.718 [72962] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:07:51.718 [72962] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:07:51.846 [72962] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:07:55.855 [72962] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:07:56.571 [72959] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:07:59.956 [72962] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:08:01.046 [72963] info  communicator.cpp::processor processing exited
2026-01-28 21:08:15.047 [72953] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:08:16.048 [72953] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:08:16.057 [73918] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:08:16.057 [73918] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:08:16.057 [73918] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:08:16.057 [73918] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:08:16.057 [73918] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:08:16.178 [73918] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:08:16.258 [73918] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:08:16.446 [73918] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:08:16.446 [73929] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:08:16.447 [73933] info  communicator.cpp::processor processing starting
2026-01-28 21:08:16.448 [73930] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:08:22.797 [73930] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:08:22.797 [73930] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:08:22.801 [73932] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:08:22.801 [73932] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:08:22.801 [73932] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:08:22.801 [73932] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:08:22.801 [73932] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:08:22.801 [73932] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:08:23.046 [73932] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:08:23.046 [73932] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:08:23.046 [73932] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:08:23.051 [73932] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:08:23.146 [73932] info  client.cpp::callSync []
2026-01-28 21:08:24.151 [73932] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:08:24.151 [73932] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:08:24.240 [73932] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:08:28.247 [73932] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:08:29.935 [73929] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:08:32.594 [73932] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:08:32.897 [73933] info  communicator.cpp::processor processing exited
2026-01-28 21:08:46.937 [73918] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:08:47.937 [73918] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:08:47.946 [74806] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:08:47.946 [74806] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:08:47.946 [74806] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:08:47.946 [74806] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:08:47.946 [74806] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:08:48.055 [74806] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:08:48.105 [74806] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:08:48.282 [74806] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:08:48.282 [74812] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:08:48.283 [74816] info  communicator.cpp::processor processing starting
2026-01-28 21:08:48.284 [74813] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:08:54.616 [74813] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:08:54.616 [74813] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:08:54.619 [74815] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:08:54.619 [74815] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:08:54.619 [74815] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:08:54.619 [74815] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:08:54.619 [74815] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:08:54.619 [74815] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:08:54.813 [74815] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:08:54.814 [74815] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:08:54.814 [74815] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:08:54.818 [74815] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:08:54.914 [74815] info  client.cpp::callSync []
2026-01-28 21:08:55.919 [74815] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:08:55.919 [74815] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:08:56.069 [74815] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:09:00.076 [74815] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:09:01.760 [74812] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:09:04.103 [74815] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:09:04.862 [74816] info  communicator.cpp::processor processing exited
2026-01-28 21:09:18.864 [74806] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:09:19.864 [74806] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:09:19.873 [75815] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:09:19.873 [75815] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:09:19.873 [75815] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:09:19.873 [75815] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:09:19.873 [75815] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:09:19.982 [75815] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:09:20.031 [75815] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:09:20.216 [75815] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:09:20.216 [75829] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:09:20.216 [75833] info  communicator.cpp::processor processing starting
2026-01-28 21:09:20.218 [75830] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:09:26.542 [75830] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:09:26.542 [75830] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:09:26.545 [75832] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:09:26.545 [75832] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:09:26.545 [75832] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:09:26.545 [75832] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:09:26.545 [75832] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:09:26.545 [75832] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:09:26.740 [75832] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:09:26.740 [75832] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:09:26.740 [75832] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:09:26.746 [75832] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:09:26.851 [75832] info  client.cpp::callSync []
2026-01-28 21:09:27.857 [75832] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:09:27.857 [75832] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:09:27.992 [75832] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:09:31.748 [75829] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:09:32.000 [75832] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:09:32.981 [75833] info  communicator.cpp::processor processing exited
2026-01-28 21:09:48.749 [75815] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:09:49.750 [75815] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:09:49.760 [76930] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:09:49.760 [76930] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:09:49.760 [76930] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:09:49.761 [76930] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:09:49.761 [76930] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:09:49.870 [76930] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:09:49.919 [76930] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:09:50.103 [76930] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:09:50.103 [76936] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:09:50.103 [76940] info  communicator.cpp::processor processing starting
2026-01-28 21:09:50.105 [76937] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:09:56.447 [76937] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:09:56.448 [76937] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:09:56.451 [76939] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:09:56.451 [76939] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:09:56.451 [76939] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:09:56.451 [76939] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:09:56.452 [76939] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:09:56.452 [76939] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:09:56.672 [76939] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:09:56.672 [76939] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:09:56.672 [76939] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:09:56.677 [76939] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:09:56.796 [76939] info  client.cpp::callSync []
2026-01-28 21:09:57.803 [76939] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:09:57.803 [76939] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:09:57.803 [76939] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:09:57.947 [76939] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:10:00.593 [76936] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:10:02.041 [76940] info  communicator.cpp::processor processing exited
2026-01-28 21:10:17.595 [76930] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:10:18.595 [76930] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:10:18.603 [77974] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:10:18.604 [77974] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:10:18.604 [77974] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:10:18.604 [77974] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:10:18.604 [77974] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:10:18.755 [77974] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:10:18.805 [77974] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:10:18.983 [77974] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:10:18.984 [77980] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:10:18.984 [77984] info  communicator.cpp::processor processing starting
2026-01-28 21:10:18.986 [77981] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:10:25.319 [77981] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:10:25.320 [77981] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:10:25.322 [77983] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:10:25.322 [77983] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:10:25.322 [77983] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:10:25.322 [77983] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:10:25.322 [77983] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:10:25.322 [77983] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:10:25.548 [77983] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:10:25.548 [77983] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:10:25.548 [77983] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:10:25.555 [77983] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:10:25.664 [77983] info  client.cpp::callSync []
2026-01-28 21:10:26.671 [77983] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:10:26.671 [77983] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:10:26.781 [77983] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:10:30.789 [77983] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:10:31.461 [77980] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:10:34.809 [77983] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:10:35.444 [77984] info  communicator.cpp::processor processing exited
2026-01-28 21:10:49.446 [77974] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:10:50.446 [77974] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:10:50.455 [79044] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:10:50.455 [79044] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:10:50.455 [79044] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:10:50.455 [79044] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:10:50.455 [79044] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:10:50.566 [79044] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:10:50.616 [79044] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:10:50.794 [79044] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:10:50.794 [79050] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:10:50.794 [79054] info  communicator.cpp::processor processing starting
2026-01-28 21:10:50.796 [79051] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:10:57.118 [79051] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:10:57.119 [79051] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:10:57.121 [79053] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:10:57.121 [79053] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:10:57.121 [79053] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:10:57.121 [79053] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:10:57.121 [79053] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:10:57.121 [79053] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:10:57.314 [79053] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:10:57.314 [79053] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:10:57.314 [79053] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:10:57.320 [79053] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:10:57.449 [79053] info  client.cpp::callSync []
2026-01-28 21:10:58.457 [79053] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:10:58.457 [79053] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:10:58.540 [79053] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:11:02.548 [79053] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:11:04.261 [79050] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:11:06.567 [79053] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:11:07.103 [79054] info  communicator.cpp::processor processing exited
2026-01-28 21:11:21.262 [79044] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:11:22.262 [79044] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:11:22.272 [80032] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:11:22.272 [80032] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:11:22.272 [80032] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:11:22.272 [80032] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:11:22.272 [80032] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:11:22.396 [80032] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:11:22.451 [80032] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:11:22.658 [80032] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:11:22.658 [80039] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:11:22.658 [80043] info  communicator.cpp::processor processing starting
2026-01-28 21:11:22.660 [80040] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:11:29.000 [80040] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:11:29.000 [80040] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:11:29.004 [80042] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:11:29.004 [80042] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:11:29.004 [80042] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:11:29.004 [80042] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:11:29.004 [80042] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:11:29.005 [80042] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:11:29.265 [80042] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:11:29.265 [80042] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:11:29.265 [80042] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:11:29.270 [80042] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:11:29.364 [80042] info  client.cpp::callSync []
2026-01-28 21:11:30.369 [80042] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:11:30.369 [80042] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:11:30.511 [80042] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:11:33.519 [80042] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:11:35.143 [80039] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:11:37.540 [80042] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:11:38.330 [80043] info  communicator.cpp::processor processing exited
2026-01-28 21:11:52.332 [80032] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:11:53.332 [80032] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:11:53.341 [80961] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:11:53.341 [80961] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:11:53.341 [80961] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:11:53.341 [80961] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:11:53.341 [80961] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:11:53.450 [80961] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:11:53.502 [80961] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:11:53.679 [80961] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:11:53.680 [80967] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:11:53.680 [80971] info  communicator.cpp::processor processing starting
2026-01-28 21:11:53.682 [80968] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:12:00.058 [80968] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:12:00.058 [80968] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:12:00.060 [80970] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:12:00.060 [80970] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:12:00.060 [80970] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:12:00.060 [80970] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:12:00.061 [80970] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:12:00.061 [80970] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:12:00.253 [80970] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:12:00.254 [80970] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:12:00.254 [80970] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:12:00.258 [80970] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:12:00.362 [80970] info  client.cpp::callSync []
2026-01-28 21:12:01.367 [80970] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:12:01.367 [80970] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:12:01.484 [80970] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:12:05.492 [80970] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:12:07.197 [80967] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:12:09.653 [80970] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:12:09.982 [80971] info  communicator.cpp::processor processing exited
2026-01-28 21:12:24.198 [80961] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:12:25.198 [80961] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:12:25.209 [81772] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:12:25.210 [81772] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:12:25.210 [81772] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:12:25.210 [81772] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:12:25.210 [81772] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:12:25.319 [81772] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:12:25.368 [81772] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:12:25.556 [81772] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:12:25.556 [81793] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:12:25.556 [81797] info  communicator.cpp::processor processing starting
2026-01-28 21:12:25.558 [81794] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:12:31.884 [81794] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:12:31.884 [81794] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:12:31.887 [81796] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:12:31.887 [81796] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:12:31.887 [81796] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:12:31.887 [81796] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:12:31.887 [81796] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:12:31.887 [81796] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:12:32.092 [81796] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:12:32.092 [81796] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:12:32.092 [81796] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:12:32.098 [81796] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:12:32.190 [81796] info  client.cpp::callSync []
2026-01-28 21:12:33.196 [81796] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:12:33.197 [81796] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:12:33.348 [81796] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:12:37.357 [81796] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:12:38.032 [81793] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:12:41.377 [81796] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:12:42.570 [81797] info  communicator.cpp::processor processing exited
2026-01-28 21:12:56.571 [81772] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:12:57.572 [81772] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:12:57.581 [82819] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:12:57.582 [82819] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:12:57.582 [82819] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:12:57.582 [82819] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:12:57.582 [82819] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:12:57.729 [82819] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:12:57.778 [82819] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:12:57.963 [82819] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:12:57.963 [82827] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:12:57.963 [82831] info  communicator.cpp::processor processing starting
2026-01-28 21:12:57.965 [82828] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:13:04.290 [82828] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:13:04.290 [82828] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:13:04.292 [82830] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:13:04.292 [82830] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:13:04.292 [82830] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:13:04.292 [82830] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:13:04.293 [82830] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:13:04.293 [82830] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:13:04.554 [82830] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:13:04.554 [82830] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:13:04.554 [82830] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:13:04.561 [82830] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:13:04.673 [82830] info  client.cpp::callSync []
2026-01-28 21:13:05.679 [82830] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:13:05.680 [82830] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:13:05.807 [82830] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:13:09.814 [82830] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:13:10.436 [82827] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:13:14.033 [82830] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:13:15.229 [82831] info  communicator.cpp::processor processing exited
2026-01-28 21:13:29.230 [82819] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:13:30.230 [82819] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:13:30.241 [83619] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:13:30.241 [83619] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:13:30.241 [83619] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:13:30.241 [83619] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:13:30.241 [83619] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:13:30.349 [83619] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:13:30.399 [83619] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:13:30.576 [83619] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:13:30.576 [83630] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:13:30.576 [83634] info  communicator.cpp::processor processing starting
2026-01-28 21:13:30.578 [83631] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:13:35.908 [83631] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:13:35.908 [83631] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:13:35.911 [83633] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:13:35.911 [83633] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:13:35.911 [83633] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:13:35.911 [83633] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:13:35.911 [83633] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:13:35.911 [83633] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:13:36.102 [83633] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:13:36.102 [83633] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:13:36.102 [83633] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:13:36.107 [83633] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:13:36.221 [83633] info  client.cpp::callSync []
2026-01-28 21:13:37.226 [83633] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:13:37.226 [83633] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:13:37.308 [83633] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:13:41.318 [83633] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:13:42.053 [83630] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:13:45.345 [83633] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:13:45.597 [83634] info  communicator.cpp::processor processing exited
2026-01-28 21:13:59.599 [83619] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:14:00.599 [83619] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:14:00.608 [84433] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:14:00.608 [84433] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:14:00.608 [84433] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:14:00.608 [84433] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:14:00.608 [84433] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:14:00.750 [84433] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:14:00.799 [84433] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:14:01.015 [84433] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:14:01.016 [84451] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:14:01.016 [84455] info  communicator.cpp::processor processing starting
2026-01-28 21:14:01.018 [84452] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:14:07.349 [84452] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:14:07.349 [84452] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:14:07.351 [84454] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:14:07.351 [84454] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:14:07.351 [84454] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:14:07.351 [84454] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:14:07.352 [84454] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:14:07.352 [84454] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:14:07.546 [84454] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:14:07.547 [84454] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:14:07.547 [84454] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:14:07.551 [84454] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:14:07.644 [84454] info  client.cpp::callSync []
2026-01-28 21:14:08.649 [84454] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:14:08.649 [84454] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:14:08.805 [84454] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:14:12.812 [84454] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:14:13.510 [84451] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:14:16.837 [84454] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:14:17.170 [84455] info  communicator.cpp::processor processing exited
2026-01-28 21:14:31.171 [84433] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:14:32.171 [84433] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:14:32.180 [85395] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:14:32.181 [85395] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:14:32.181 [85395] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:14:32.181 [85395] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:14:32.181 [85395] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:14:32.295 [85395] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:14:32.344 [85395] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:14:32.522 [85395] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:14:32.523 [85427] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:14:32.523 [85431] info  communicator.cpp::processor processing starting
2026-01-28 21:14:32.524 [85428] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:14:38.870 [85428] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:14:38.870 [85428] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:14:38.873 [85430] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:14:38.874 [85430] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:14:38.874 [85430] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:14:38.874 [85430] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:14:38.874 [85430] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:14:38.874 [85430] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:14:39.095 [85430] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:14:39.095 [85430] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:14:39.095 [85430] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:14:39.102 [85430] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:14:39.195 [85430] info  client.cpp::callSync []
2026-01-28 21:14:40.200 [85430] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:14:40.200 [85430] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:14:40.296 [85430] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:14:44.303 [85430] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:14:45.014 [85427] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:14:48.322 [85430] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:14:49.518 [85431] info  communicator.cpp::processor processing exited
2026-01-28 21:15:03.519 [85395] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:15:04.519 [85395] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:15:04.531 [86610] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:15:04.532 [86610] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:15:04.532 [86610] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:15:04.532 [86610] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:15:04.532 [86610] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:15:04.641 [86610] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:15:04.690 [86610] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:15:04.880 [86610] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:15:04.880 [86634] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:15:04.880 [86638] info  communicator.cpp::processor processing starting
2026-01-28 21:15:04.882 [86635] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:15:10.207 [86635] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:15:10.207 [86635] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:15:10.210 [86637] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:15:10.210 [86637] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:15:10.210 [86637] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:15:10.210 [86637] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:15:10.210 [86637] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:15:10.210 [86637] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:15:10.422 [86637] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:15:10.422 [86637] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:15:10.422 [86637] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:15:10.428 [86637] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:15:10.539 [86637] info  client.cpp::callSync []
2026-01-28 21:15:11.544 [86637] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:15:11.544 [86637] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:15:11.663 [86637] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:15:15.671 [86637] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:15:16.345 [86634] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:15:19.692 [86637] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:15:20.278 [86638] info  communicator.cpp::processor processing exited
2026-01-28 21:15:34.279 [86610] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:15:35.279 [86610] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:15:35.288 [87593] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:15:35.288 [87593] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:15:35.288 [87593] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:15:35.288 [87593] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:15:35.288 [87593] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:15:35.397 [87593] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:15:35.449 [87593] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:15:35.628 [87593] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:15:35.628 [87619] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:15:35.628 [87623] info  communicator.cpp::processor processing starting
2026-01-28 21:15:35.630 [87620] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:15:40.977 [87620] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:15:40.977 [87620] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:15:40.980 [87622] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:15:40.981 [87622] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:15:40.981 [87622] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:15:40.981 [87622] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:15:40.981 [87622] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:15:40.981 [87622] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:15:41.175 [87622] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:15:41.176 [87622] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:15:41.176 [87622] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:15:41.180 [87622] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:15:41.269 [87622] info  client.cpp::callSync []
2026-01-28 21:15:42.274 [87622] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:15:42.274 [87622] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:15:42.418 [87622] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:15:46.425 [87622] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:15:47.135 [87619] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:15:50.445 [87622] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:15:51.643 [87623] info  communicator.cpp::processor processing exited
2026-01-28 21:16:05.644 [87593] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:16:06.644 [87593] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:16:06.653 [88583] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:16:06.654 [88583] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:16:06.654 [88583] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:16:06.654 [88583] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:16:06.654 [88583] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:16:06.764 [88583] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:16:06.814 [88583] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:16:06.996 [88583] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:16:06.997 [88595] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:16:06.997 [88599] info  communicator.cpp::processor processing starting
2026-01-28 21:16:06.999 [88596] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:16:12.331 [88596] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:16:12.331 [88596] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:16:12.335 [88598] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:16:12.335 [88598] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:16:12.335 [88598] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:16:12.335 [88598] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:16:12.335 [88598] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:16:12.335 [88598] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:16:12.583 [88598] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:16:12.583 [88598] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:16:12.583 [88598] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:16:12.588 [88598] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:16:12.701 [88598] info  client.cpp::callSync []
2026-01-28 21:16:13.707 [88598] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:16:13.707 [88598] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:16:13.852 [88598] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:16:17.859 [88598] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:16:18.477 [88595] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:16:21.881 [88598] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:16:22.866 [88599] info  communicator.cpp::processor processing exited
2026-01-28 21:16:36.868 [88583] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:16:37.868 [88583] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:16:37.877 [89600] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:16:37.878 [89600] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:16:37.878 [89600] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:16:37.878 [89600] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:16:37.878 [89600] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:16:37.986 [89600] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:16:38.035 [89600] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:16:38.218 [89600] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:16:38.219 [89606] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:16:38.219 [89610] info  communicator.cpp::processor processing starting
2026-01-28 21:16:38.221 [89607] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:16:44.544 [89607] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:16:44.544 [89607] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:16:44.546 [89609] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:16:44.546 [89609] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:16:44.546 [89609] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:16:44.546 [89609] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:16:44.546 [89609] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:16:44.546 [89609] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:16:44.738 [89609] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:16:44.738 [89609] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:16:44.738 [89609] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:16:44.743 [89609] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:16:44.834 [89609] info  client.cpp::callSync []
2026-01-28 21:16:45.839 [89609] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:16:45.839 [89609] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:16:45.985 [89609] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:16:49.993 [89609] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:16:51.712 [89606] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:16:54.014 [89609] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:16:54.250 [89610] info  communicator.cpp::processor processing exited
2026-01-28 21:17:08.713 [89600] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:17:09.713 [89600] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:17:09.722 [90644] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:17:09.723 [90644] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:17:09.723 [90644] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:17:09.723 [90644] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:17:09.723 [90644] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:17:09.832 [90644] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:17:09.881 [90644] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:17:10.063 [90644] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:17:10.063 [90650] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:17:10.063 [90654] info  communicator.cpp::processor processing starting
2026-01-28 21:17:10.065 [90651] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:17:16.408 [90651] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:17:16.409 [90651] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:17:16.412 [90653] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:17:16.412 [90653] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:17:16.412 [90653] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:17:16.412 [90653] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:17:16.412 [90653] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:17:16.412 [90653] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:17:16.622 [90653] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:17:16.622 [90653] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:17:16.622 [90653] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:17:16.627 [90653] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:17:16.720 [90653] info  client.cpp::callSync []
2026-01-28 21:17:17.725 [90653] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:17:17.725 [90653] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:17:17.808 [90653] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:17:20.813 [90653] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:17:23.576 [90650] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:17:24.840 [90653] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:17:25.438 [90654] info  communicator.cpp::processor processing exited
2026-01-28 21:17:40.577 [90644] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:17:41.577 [90644] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:17:41.588 [91772] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:17:41.588 [91772] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:17:41.588 [91772] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:17:41.588 [91772] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:17:41.588 [91772] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:17:41.697 [91772] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:17:41.747 [91772] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:17:41.934 [91772] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:17:41.934 [91783] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:17:41.934 [91787] info  communicator.cpp::processor processing starting
2026-01-28 21:17:41.936 [91784] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:17:47.278 [91784] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:17:47.278 [91784] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:17:47.282 [91786] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:17:47.282 [91786] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:17:47.282 [91786] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:17:47.282 [91786] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:17:47.282 [91786] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:17:47.282 [91786] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:17:47.499 [91786] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:17:47.499 [91786] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:17:47.499 [91786] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:17:47.504 [91786] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:17:47.612 [91786] info  client.cpp::callSync []
2026-01-28 21:17:48.619 [91786] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:17:48.619 [91786] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:17:48.763 [91786] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:17:52.426 [91783] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:17:52.772 [91786] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:17:53.949 [91787] info  communicator.cpp::processor processing exited
2026-01-28 21:18:09.427 [91772] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:18:10.427 [91772] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:18:10.437 [92731] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:18:10.437 [92731] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:18:10.437 [92731] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:18:10.438 [92731] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:18:10.438 [92731] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:18:10.552 [92731] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:18:10.604 [92731] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:18:10.785 [92731] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:18:10.785 [92739] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:18:10.785 [92743] info  communicator.cpp::processor processing starting
2026-01-28 21:18:10.787 [92740] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:18:17.109 [92740] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:18:17.109 [92740] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:18:17.111 [92742] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:18:17.111 [92742] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:18:17.111 [92742] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:18:17.111 [92742] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:18:17.111 [92742] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:18:17.111 [92742] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:18:17.304 [92742] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:18:17.304 [92742] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:18:17.304 [92742] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:18:17.309 [92742] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:18:17.401 [92742] info  client.cpp::callSync []
2026-01-28 21:18:18.406 [92742] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:18:18.406 [92742] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:18:18.407 [92742] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:18:18.554 [92742] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:18:22.561 [92742] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:18:23.248 [92739] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:18:25.584 [92742] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:18:26.564 [92743] info  communicator.cpp::processor processing exited
2026-01-28 21:18:40.565 [92731] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:18:41.565 [92731] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:18:41.575 [93865] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:18:41.575 [93865] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:18:41.575 [93865] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:18:41.575 [93865] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:18:41.575 [93865] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:18:41.684 [93865] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:18:41.734 [93865] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:18:41.922 [93865] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:18:41.922 [93879] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:18:41.923 [93883] info  communicator.cpp::processor processing starting
2026-01-28 21:18:41.924 [93880] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:18:48.253 [93880] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:18:48.253 [93880] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:18:48.256 [93882] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:18:48.256 [93882] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:18:48.256 [93882] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:18:48.256 [93882] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:18:48.256 [93882] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:18:48.256 [93882] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:18:48.495 [93882] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:18:48.496 [93882] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:18:48.496 [93882] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:18:48.501 [93882] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:18:48.590 [93882] info  client.cpp::callSync []
2026-01-28 21:18:49.595 [93882] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:18:49.595 [93882] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:18:49.692 [93882] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:18:53.700 [93882] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:18:55.403 [93879] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:18:57.718 [93882] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:18:58.753 [93883] info  communicator.cpp::processor processing exited
2026-01-28 21:19:12.754 [93865] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:19:13.755 [93865] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:19:13.766 [94967] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:19:13.766 [94967] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:19:13.766 [94967] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:19:13.766 [94967] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:19:13.766 [94967] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:19:13.876 [94967] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:19:13.934 [94967] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:19:14.123 [94967] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:19:14.123 [94977] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:19:14.123 [94981] info  communicator.cpp::processor processing starting
2026-01-28 21:19:14.125 [94978] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:19:20.460 [94978] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:19:20.460 [94978] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:19:20.463 [94980] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:19:20.463 [94980] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:19:20.463 [94980] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:19:20.463 [94980] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:19:20.463 [94980] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:19:20.463 [94980] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:19:20.662 [94980] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:19:20.662 [94980] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:19:20.662 [94980] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:19:20.668 [94980] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:19:20.766 [94980] info  client.cpp::callSync []
2026-01-28 21:19:21.771 [94980] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:19:21.771 [94980] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:19:21.911 [94980] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:19:25.919 [94980] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:19:26.613 [94977] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:19:29.959 [94980] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:19:30.865 [94981] info  communicator.cpp::processor processing exited
2026-01-28 21:19:44.866 [94967] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:19:45.867 [94967] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:19:45.876 [95949] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:19:45.876 [95949] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:19:45.876 [95949] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:19:45.876 [95949] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:19:45.876 [95949] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:19:45.985 [95949] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:19:46.034 [95949] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:19:46.218 [95949] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:19:46.218 [95957] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:19:46.218 [95961] info  communicator.cpp::processor processing starting
2026-01-28 21:19:46.220 [95958] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:19:52.551 [95958] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:19:52.551 [95958] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:19:52.554 [95960] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:19:52.554 [95960] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:19:52.554 [95960] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:19:52.554 [95960] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:19:52.554 [95960] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:19:52.554 [95960] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:19:52.764 [95960] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:19:52.764 [95960] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:19:52.764 [95960] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:19:52.770 [95960] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:19:52.863 [95960] info  client.cpp::callSync []
2026-01-28 21:19:53.870 [95960] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:19:53.870 [95960] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:19:53.978 [95960] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:19:57.987 [95960] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:19:59.692 [95957] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:20:02.246 [95960] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:20:02.988 [95961] info  communicator.cpp::processor processing exited
2026-01-28 21:20:16.989 [95949] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:20:17.989 [95949] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:20:17.998 [96972] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:20:17.998 [96972] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:20:17.998 [96972] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:20:17.998 [96972] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:20:17.998 [96972] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:20:18.170 [96972] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:20:18.219 [96972] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:20:18.396 [96972] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:20:18.397 [96995] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:20:18.397 [96999] info  communicator.cpp::processor processing starting
2026-01-28 21:20:18.399 [96996] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:20:23.725 [96996] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:20:23.725 [96996] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:20:23.728 [96998] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:20:23.728 [96998] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:20:23.728 [96998] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:20:23.728 [96998] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:20:23.728 [96998] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:20:23.728 [96998] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:20:23.921 [96998] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:20:23.921 [96998] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:20:23.921 [96998] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:20:23.926 [96998] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:20:24.021 [96998] info  client.cpp::callSync []
2026-01-28 21:20:25.026 [96998] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:20:25.026 [96998] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:20:25.168 [96998] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:20:28.864 [96995] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:20:29.174 [96998] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:20:30.200 [96999] info  communicator.cpp::processor processing exited
2026-01-28 21:20:45.865 [96972] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:20:46.865 [96972] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:20:46.874 [97765] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:20:46.875 [97765] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:20:46.875 [97765] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:20:46.875 [97765] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:20:46.875 [97765] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:20:46.984 [97765] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:20:47.033 [97765] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:20:47.213 [97765] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:20:47.213 [97807] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:20:47.213 [97811] info  communicator.cpp::processor processing starting
2026-01-28 21:20:47.215 [97808] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:20:53.579 [97808] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:20:53.579 [97808] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:20:53.583 [97810] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:20:53.583 [97810] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:20:53.583 [97810] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:20:53.583 [97810] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:20:53.583 [97810] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:20:53.583 [97810] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:20:53.775 [97810] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:20:53.776 [97810] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:20:53.776 [97810] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:20:53.781 [97810] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:20:53.870 [97810] info  client.cpp::callSync []
2026-01-28 21:20:54.875 [97810] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:20:54.876 [97810] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:20:54.876 [97810] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:20:54.962 [97810] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:20:58.970 [97810] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:21:00.722 [97807] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:21:03.437 [97810] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:21:04.356 [97811] info  communicator.cpp::processor processing exited
2026-01-28 21:21:18.357 [97765] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:21:19.357 [97765] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:21:19.366 [98800] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:21:19.367 [98800] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:21:19.367 [98800] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:21:19.367 [98800] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:21:19.367 [98800] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:21:19.475 [98800] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:21:19.525 [98800] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:21:19.700 [98800] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:21:19.701 [98806] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:21:19.701 [98810] info  communicator.cpp::processor processing starting
2026-01-28 21:21:19.703 [98807] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:21:26.025 [98807] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:21:26.026 [98807] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:21:26.029 [98809] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:21:26.029 [98809] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:21:26.029 [98809] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:21:26.029 [98809] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:21:26.029 [98809] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:21:26.029 [98809] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:21:26.223 [98809] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:21:26.223 [98809] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:21:26.223 [98809] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:21:26.228 [98809] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:21:26.322 [98809] info  client.cpp::callSync []
2026-01-28 21:21:27.327 [98809] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:21:27.327 [98809] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:21:27.472 [98809] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:21:30.170 [98806] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:21:31.585 [98810] info  communicator.cpp::processor processing exited
2026-01-28 21:21:47.171 [98800] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:21:48.171 [98800] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:21:48.180 [99714] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:21:48.180 [99714] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:21:48.180 [99714] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:21:48.180 [99714] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:21:48.180 [99714] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:21:48.328 [99714] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:21:48.378 [99714] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:21:48.570 [99714] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:21:48.570 [99728] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:21:48.570 [99732] info  communicator.cpp::processor processing starting
2026-01-28 21:21:48.572 [99729] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:21:54.936 [99729] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:21:54.937 [99729] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:21:54.939 [99731] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:21:54.939 [99731] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:21:54.939 [99731] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:21:54.939 [99731] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:21:54.939 [99731] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:21:54.939 [99731] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:21:55.131 [99731] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:21:55.131 [99731] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:21:55.131 [99731] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:21:55.136 [99731] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:21:55.236 [99731] info  client.cpp::callSync []
2026-01-28 21:21:56.243 [99731] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:21:56.243 [99731] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:21:56.378 [99731] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:22:00.083 [99728] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:22:00.388 [99731] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:22:01.576 [99732] info  communicator.cpp::processor processing exited
2026-01-28 21:22:17.085 [99714] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:22:18.085 [99714] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:22:18.094 [100611] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:22:18.094 [100611] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:22:18.094 [100611] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:22:18.094 [100611] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:22:18.094 [100611] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:22:18.204 [100611] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:22:18.253 [100611] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:22:18.437 [100611] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:22:18.437 [100625] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:22:18.437 [100629] info  communicator.cpp::processor processing starting
2026-01-28 21:22:18.439 [100626] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:22:23.788 [100626] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:22:23.788 [100626] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:22:23.791 [100628] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:22:23.791 [100628] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:22:23.791 [100628] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:22:23.791 [100628] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:22:23.791 [100628] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:22:23.791 [100628] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:22:23.990 [100628] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:22:23.990 [100628] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:22:23.990 [100628] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:22:23.995 [100628] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:22:24.085 [100628] info  client.cpp::callSync []
2026-01-28 21:22:25.090 [100628] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:22:25.091 [100628] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:22:25.091 [100628] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:22:25.193 [100628] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:22:29.200 [100628] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:22:29.934 [100625] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:22:33.246 [100628] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:22:33.474 [100629] info  communicator.cpp::processor processing exited
2026-01-28 21:22:47.475 [100611] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:22:48.475 [100611] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:22:48.486 [101619] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:22:48.486 [101619] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:22:48.486 [101619] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:22:48.486 [101619] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:22:48.486 [101619] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:22:48.597 [101619] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:22:48.648 [101619] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:22:48.836 [101619] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:22:48.836 [101639] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:22:48.836 [101643] info  communicator.cpp::processor processing starting
2026-01-28 21:22:48.838 [101640] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:22:53.198 [101640] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:22:53.198 [101640] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:22:53.202 [101642] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:22:53.202 [101642] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:22:53.202 [101642] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:22:53.202 [101642] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:22:53.202 [101642] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:22:53.202 [101642] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:22:53.403 [101642] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:22:53.403 [101642] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:22:53.403 [101642] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:22:53.409 [101642] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:22:53.497 [101642] info  client.cpp::callSync []
2026-01-28 21:22:54.503 [101642] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:22:54.503 [101642] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:22:54.635 [101642] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:22:58.644 [101642] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:23:00.342 [101639] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:23:03.140 [101642] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:23:03.613 [101643] info  communicator.cpp::processor processing exited
2026-01-28 21:23:17.614 [101619] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:23:18.614 [101619] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:23:18.624 [102649] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:23:18.624 [102649] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:23:18.624 [102649] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:23:18.624 [102649] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:23:18.624 [102649] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:23:18.738 [102649] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:23:18.788 [102649] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:23:18.979 [102649] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:23:18.980 [102685] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:23:18.980 [102689] info  communicator.cpp::processor processing starting
2026-01-28 21:23:18.982 [102686] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:23:25.377 [102686] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:23:25.378 [102686] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:23:25.381 [102688] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:23:25.381 [102688] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:23:25.382 [102688] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:23:25.382 [102688] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:23:25.382 [102688] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:23:25.382 [102688] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:23:25.657 [102688] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:23:25.658 [102688] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:23:25.658 [102688] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:23:25.665 [102688] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:23:25.776 [102688] info  client.cpp::callSync []
2026-01-28 21:23:26.784 [102688] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:23:26.784 [102688] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:23:26.929 [102688] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:23:30.559 [102685] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:23:30.938 [102688] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:23:31.173 [102689] info  communicator.cpp::processor processing exited
2026-01-28 21:23:47.560 [102649] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:23:48.560 [102649] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:23:48.570 [103730] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:23:48.571 [103730] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:23:48.571 [103730] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:23:48.571 [103730] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:23:48.571 [103730] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:23:48.679 [103730] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:23:48.733 [103730] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:23:48.924 [103730] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:23:48.925 [103753] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:23:48.925 [103757] info  communicator.cpp::processor processing starting
2026-01-28 21:23:48.927 [103754] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:23:53.301 [103754] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:23:53.302 [103754] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:23:53.304 [103756] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:23:53.304 [103756] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:23:53.304 [103756] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:23:53.304 [103756] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:23:53.304 [103756] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:23:53.304 [103756] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:23:53.545 [103756] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:23:53.545 [103756] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:23:53.545 [103756] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:23:53.550 [103756] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:23:53.637 [103756] info  client.cpp::callSync []
2026-01-28 21:23:54.641 [103756] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:23:54.642 [103756] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:23:54.642 [103756] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:23:54.789 [103756] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:23:58.796 [103756] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:23:59.704 [103753] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:24:03.388 [103756] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:24:03.893 [103757] info  communicator.cpp::processor processing exited
2026-01-28 21:24:17.894 [103730] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:24:18.894 [103730] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:24:18.904 [104747] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:24:18.904 [104747] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:24:18.904 [104747] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:24:18.904 [104747] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:24:18.904 [104747] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:24:19.045 [104747] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:24:19.095 [104747] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:24:19.315 [104747] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:24:19.315 [104762] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:24:19.315 [104766] info  communicator.cpp::processor processing starting
2026-01-28 21:24:19.317 [104763] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:24:25.640 [104763] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:24:25.640 [104763] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:24:25.642 [104765] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:24:25.642 [104765] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:24:25.642 [104765] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:24:25.642 [104765] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:24:25.642 [104765] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:24:25.643 [104765] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:24:25.853 [104765] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:24:25.853 [104765] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:24:25.853 [104765] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:24:25.860 [104765] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:24:25.969 [104765] info  client.cpp::callSync []
2026-01-28 21:24:26.975 [104765] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:24:26.976 [104765] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:24:27.061 [104765] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:24:31.069 [104765] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:24:32.818 [104762] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:24:35.118 [104765] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:24:36.097 [104766] info  communicator.cpp::processor processing exited
2026-01-28 21:24:50.099 [104747] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:24:51.099 [104747] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:24:51.108 [105697] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:24:51.108 [105697] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:24:51.108 [105697] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:24:51.108 [105697] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:24:51.108 [105697] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:24:51.250 [105697] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:24:51.299 [105697] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:24:51.483 [105697] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:24:51.483 [105726] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:24:51.483 [105730] info  communicator.cpp::processor processing starting
2026-01-28 21:24:51.485 [105727] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:24:56.815 [105727] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:24:56.815 [105727] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:24:56.818 [105729] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:24:56.818 [105729] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:24:56.818 [105729] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:24:56.818 [105729] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:24:56.818 [105729] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:24:56.818 [105729] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:24:57.060 [105729] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:24:57.060 [105729] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:24:57.060 [105729] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:24:57.065 [105729] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:24:57.153 [105729] info  client.cpp::callSync []
2026-01-28 21:24:58.158 [105729] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:24:58.158 [105729] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:24:58.291 [105729] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:25:01.967 [105726] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:25:02.300 [105729] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:25:03.131 [105730] info  communicator.cpp::processor processing exited
2026-01-28 21:25:18.968 [105697] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:25:19.968 [105697] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:25:19.977 [106677] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:25:19.978 [106677] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:25:19.978 [106677] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:25:19.978 [106677] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:25:19.978 [106677] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:25:20.086 [106677] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:25:20.135 [106677] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:25:20.313 [106677] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:25:20.313 [106683] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:25:20.313 [106687] info  communicator.cpp::processor processing starting
2026-01-28 21:25:20.315 [106684] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:25:26.640 [106684] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:25:26.640 [106684] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:25:26.642 [106686] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:25:26.642 [106686] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:25:26.642 [106686] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:25:26.642 [106686] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:25:26.642 [106686] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:25:26.642 [106686] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:25:26.865 [106686] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:25:26.865 [106686] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:25:26.865 [106686] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:25:26.871 [106686] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:25:26.976 [106686] info  client.cpp::callSync []
2026-01-28 21:25:27.981 [106686] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:25:27.982 [106686] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:25:27.982 [106686] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:25:28.069 [106686] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:25:31.782 [106683] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:25:32.077 [106686] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:25:32.779 [106687] info  communicator.cpp::processor processing exited
2026-01-28 21:25:48.783 [106677] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:25:49.783 [106677] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:25:49.794 [107741] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:25:49.794 [107741] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:25:49.794 [107741] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:25:49.794 [107741] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:25:49.794 [107741] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:25:49.905 [107741] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:25:49.954 [107741] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:25:50.155 [107741] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:25:50.155 [107771] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:25:50.155 [107775] info  communicator.cpp::processor processing starting
2026-01-28 21:25:50.158 [107772] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:25:55.484 [107772] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:25:55.484 [107772] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:25:55.486 [107774] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:25:55.486 [107774] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:25:55.486 [107774] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:25:55.486 [107774] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:25:55.486 [107774] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:25:55.487 [107774] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:25:55.680 [107774] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:25:55.680 [107774] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:25:55.680 [107774] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:25:55.685 [107774] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:25:55.777 [107774] info  client.cpp::callSync []
2026-01-28 21:25:56.782 [107774] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:25:56.783 [107774] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:25:56.783 [107774] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:25:56.926 [107774] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:26:00.933 [107774] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:26:01.627 [107771] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:26:04.956 [107774] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:26:05.286 [107775] info  communicator.cpp::processor processing exited
2026-01-28 21:26:19.287 [107741] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:26:20.288 [107741] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:26:20.299 [108794] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:26:20.299 [108794] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:26:20.299 [108794] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:26:20.299 [108794] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:26:20.300 [108794] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:26:20.408 [108794] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:26:20.458 [108794] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:26:20.656 [108794] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:26:20.656 [108800] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:26:20.656 [108804] info  communicator.cpp::processor processing starting
2026-01-28 21:26:20.658 [108801] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:26:26.984 [108801] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:26:26.984 [108801] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:26:26.986 [108803] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:26:26.986 [108803] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:26:26.986 [108803] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:26:26.986 [108803] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:26:26.987 [108803] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:26:26.987 [108803] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:26:27.182 [108803] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:26:27.182 [108803] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:26:27.182 [108803] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:26:27.187 [108803] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:26:27.298 [108803] info  client.cpp::callSync []
2026-01-28 21:26:28.305 [108803] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:26:28.305 [108803] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:26:28.454 [108803] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:26:32.462 [108803] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:26:33.124 [108800] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:26:36.488 [108803] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:26:37.569 [108804] info  communicator.cpp::processor processing exited
2026-01-28 21:26:51.570 [108794] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:26:52.571 [108794] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:26:52.580 [109867] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:26:52.580 [109867] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:26:52.580 [109867] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:26:52.580 [109867] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:26:52.580 [109867] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:26:52.689 [109867] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:26:52.738 [109867] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:26:52.912 [109867] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:26:52.912 [109890] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:26:52.913 [109894] info  communicator.cpp::processor processing starting
2026-01-28 21:26:52.914 [109891] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:26:58.258 [109891] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:26:58.259 [109891] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:26:58.261 [109893] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:26:58.261 [109893] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:26:58.261 [109893] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:26:58.261 [109893] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:26:58.261 [109893] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:26:58.261 [109893] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:26:58.453 [109893] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:26:58.453 [109893] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:26:58.453 [109893] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:26:58.458 [109893] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:26:58.546 [109893] info  client.cpp::callSync []
2026-01-28 21:26:59.551 [109893] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:26:59.551 [109893] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:26:59.681 [109893] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:27:03.688 [109893] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:27:04.396 [109890] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:27:07.716 [109893] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:27:08.176 [109894] info  communicator.cpp::processor processing exited
2026-01-28 21:27:22.177 [109867] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:27:23.177 [109867] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:27:23.187 [110985] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:27:23.187 [110985] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:27:23.187 [110985] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:27:23.187 [110985] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:27:23.187 [110985] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:27:23.296 [110985] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:27:23.345 [110985] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:27:23.522 [110985] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:27:23.522 [111005] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:27:23.522 [111009] info  communicator.cpp::processor processing starting
2026-01-28 21:27:23.524 [111006] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:27:29.849 [111006] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:27:29.849 [111006] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:27:29.852 [111008] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:27:29.852 [111008] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:27:29.852 [111008] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:27:29.852 [111008] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:27:29.852 [111008] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:27:29.852 [111008] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:27:30.045 [111008] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:27:30.045 [111008] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:27:30.045 [111008] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:27:30.050 [111008] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:27:30.155 [111008] info  client.cpp::callSync []
2026-01-28 21:27:31.160 [111008] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:27:31.160 [111008] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:27:31.327 [111008] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:27:35.335 [111008] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:27:35.989 [111005] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:27:38.648 [111008] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:27:39.236 [111009] info  communicator.cpp::processor processing exited
2026-01-28 21:27:53.237 [110985] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:27:54.237 [110985] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:27:54.246 [111967] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:27:54.246 [111967] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:27:54.246 [111967] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:27:54.246 [111967] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:27:54.246 [111967] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:27:54.377 [111967] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:27:54.456 [111967] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:27:54.652 [111967] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:27:54.652 [111980] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:27:54.652 [111984] info  communicator.cpp::processor processing starting
2026-01-28 21:27:54.654 [111981] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:28:00.000 [111981] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:28:00.000 [111981] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:28:00.003 [111983] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:28:00.004 [111983] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:28:00.004 [111983] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:28:00.004 [111983] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:28:00.004 [111983] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:28:00.004 [111983] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:28:00.196 [111983] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:28:00.197 [111983] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:28:00.197 [111983] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:28:00.203 [111983] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:28:00.309 [111983] info  client.cpp::callSync []
2026-01-28 21:28:01.316 [111983] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:28:01.316 [111983] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:28:01.408 [111983] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:28:05.417 [111983] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:28:06.148 [111980] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:28:09.457 [111983] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:28:10.654 [111984] info  communicator.cpp::processor processing exited
2026-01-28 21:28:24.655 [111967] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:28:25.655 [111967] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:28:25.665 [113128] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:28:25.666 [113128] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:28:25.666 [113128] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:28:25.666 [113128] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:28:25.666 [113128] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:28:25.778 [113128] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:28:25.828 [113128] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:28:26.017 [113128] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:28:26.017 [113144] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:28:26.017 [113148] info  communicator.cpp::processor processing starting
2026-01-28 21:28:26.019 [113145] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:28:32.347 [113145] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:28:32.348 [113145] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:28:32.350 [113147] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:28:32.350 [113147] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:28:32.350 [113147] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:28:32.350 [113147] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:28:32.350 [113147] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:28:32.350 [113147] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:28:32.563 [113147] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:28:32.563 [113147] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:28:32.563 [113147] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:28:32.570 [113147] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:28:32.674 [113147] info  client.cpp::callSync []
2026-01-28 21:28:33.681 [113147] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:28:33.681 [113147] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:28:33.763 [113147] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:28:37.494 [113144] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:28:37.768 [113147] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:28:38.556 [113148] info  communicator.cpp::processor processing exited
2026-01-28 21:28:54.495 [113128] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:28:55.496 [113128] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:28:55.504 [114074] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:28:55.505 [114074] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:28:55.505 [114074] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:28:55.505 [114074] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:28:55.505 [114074] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:28:55.613 [114074] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:28:55.661 [114074] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:28:55.839 [114074] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:28:55.839 [114090] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:28:55.839 [114094] info  communicator.cpp::processor processing starting
2026-01-28 21:28:55.841 [114091] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:29:02.176 [114091] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:29:02.176 [114091] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:29:02.178 [114093] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:29:02.178 [114093] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:29:02.178 [114093] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:29:02.178 [114093] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:29:02.178 [114093] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:29:02.178 [114093] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:29:02.372 [114093] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:29:02.372 [114093] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:29:02.372 [114093] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:29:02.377 [114093] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:29:02.467 [114093] info  client.cpp::callSync []
2026-01-28 21:29:03.472 [114093] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:29:03.473 [114093] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:29:03.473 [114093] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:29:03.597 [114093] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:29:07.606 [114093] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:29:09.321 [114090] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:29:11.919 [114093] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:29:12.950 [114094] info  communicator.cpp::processor processing exited
2026-01-28 21:29:26.951 [114074] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:29:27.951 [114074] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:29:27.960 [115154] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:29:27.961 [115154] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:29:27.961 [115154] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:29:27.961 [115154] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:29:27.961 [115154] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:29:28.070 [115154] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:29:28.120 [115154] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:29:28.303 [115154] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:29:28.303 [115160] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:29:28.303 [115164] info  communicator.cpp::processor processing starting
2026-01-28 21:29:28.305 [115161] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:29:31.654 [115161] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:29:31.654 [115161] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:29:31.657 [115163] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:29:31.657 [115163] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:29:31.657 [115163] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:29:31.657 [115163] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:29:31.657 [115163] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:29:31.657 [115163] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:29:31.908 [115163] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:29:31.908 [115163] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:29:31.908 [115163] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:29:31.914 [115163] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:29:32.005 [115163] info  client.cpp::callSync []
2026-01-28 21:29:33.013 [115163] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:29:33.013 [115163] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:29:33.154 [115163] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:29:36.833 [115160] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:29:37.161 [115163] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:29:37.387 [115164] info  communicator.cpp::processor processing exited
2026-01-28 21:29:53.834 [115154] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:29:54.834 [115154] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:29:54.843 [115984] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:29:54.843 [115984] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:29:54.843 [115984] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:29:54.843 [115984] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:29:54.843 [115984] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:29:54.951 [115984] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:29:55.000 [115984] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:29:55.183 [115984] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:29:55.183 [116011] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:29:55.183 [116015] info  communicator.cpp::processor processing starting
2026-01-28 21:29:55.185 [116012] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:29:59.515 [116012] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:29:59.515 [116012] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:29:59.518 [116014] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:29:59.518 [116014] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:29:59.518 [116014] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:29:59.518 [116014] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:29:59.518 [116014] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:29:59.518 [116014] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:29:59.771 [116014] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:29:59.772 [116014] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:29:59.772 [116014] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:29:59.777 [116014] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:29:59.872 [116014] info  client.cpp::callSync []
2026-01-28 21:30:00.877 [116014] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:30:00.878 [116014] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:30:00.878 [116014] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:30:00.991 [116014] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:30:04.999 [116014] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:30:06.660 [116011] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:30:09.251 [116014] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:30:10.202 [116015] info  communicator.cpp::processor processing exited
2026-01-28 21:30:24.203 [115984] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:30:25.203 [115984] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:30:25.212 [117206] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:30:25.213 [117206] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:30:25.213 [117206] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:30:25.213 [117206] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:30:25.213 [117206] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:30:25.321 [117206] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:30:25.369 [117206] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:30:25.544 [117206] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:30:25.544 [117224] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:30:25.544 [117228] info  communicator.cpp::processor processing starting
2026-01-28 21:30:25.545 [117225] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:30:31.874 [117225] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:30:31.874 [117225] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:30:31.877 [117227] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:30:31.877 [117227] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:30:31.877 [117227] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:30:31.877 [117227] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:30:31.877 [117227] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:30:31.877 [117227] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:30:32.085 [117227] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:30:32.085 [117227] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:30:32.085 [117227] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:30:32.092 [117227] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:30:32.199 [117227] info  client.cpp::callSync []
2026-01-28 21:30:33.207 [117227] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:30:33.207 [117227] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:30:33.288 [117227] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:30:37.297 [117227] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:30:38.021 [117224] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:30:41.345 [117227] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:30:42.274 [117228] info  communicator.cpp::processor processing exited
2026-01-28 21:30:56.276 [117206] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:30:57.276 [117206] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:30:57.285 [118354] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:30:57.285 [118354] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:30:57.285 [118354] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:30:57.285 [118354] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:30:57.285 [118354] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:30:57.464 [118354] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:30:57.519 [118354] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:30:57.699 [118354] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:30:57.699 [118364] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:30:57.699 [118368] info  communicator.cpp::processor processing starting
2026-01-28 21:30:57.701 [118365] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:31:04.032 [118365] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:31:04.033 [118365] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:31:04.036 [118367] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:31:04.036 [118367] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:31:04.036 [118367] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:31:04.036 [118367] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:31:04.036 [118367] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:31:04.036 [118367] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:31:04.251 [118367] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:31:04.252 [118367] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:31:04.252 [118367] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:31:04.258 [118367] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:31:04.373 [118367] info  client.cpp::callSync []
2026-01-28 21:31:05.380 [118367] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:31:05.380 [118367] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:31:05.498 [118367] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:31:09.505 [118367] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:31:10.179 [118364] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:31:11.080 [118368] info  communicator.cpp::processor processing exited
2026-01-28 21:31:27.180 [118354] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:31:28.180 [118354] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:31:28.190 [119265] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:31:28.190 [119265] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:31:28.190 [119265] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:31:28.190 [119265] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:31:28.190 [119265] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:31:28.298 [119265] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:31:28.347 [119265] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:31:28.524 [119265] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:31:28.524 [119271] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:31:28.524 [119275] info  communicator.cpp::processor processing starting
2026-01-28 21:31:28.526 [119272] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:31:34.851 [119272] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:31:34.852 [119272] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:31:34.855 [119274] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:31:34.855 [119274] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:31:34.855 [119274] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:31:34.855 [119274] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:31:34.855 [119274] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:31:34.855 [119274] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:31:35.069 [119274] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:31:35.069 [119274] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:31:35.069 [119274] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:31:35.076 [119274] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:31:35.188 [119274] info  client.cpp::callSync []
2026-01-28 21:31:36.193 [119274] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:31:36.193 [119274] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:31:36.194 [119274] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:31:36.282 [119274] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:31:40.289 [119274] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:31:41.997 [119271] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:31:44.636 [119274] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:31:45.349 [119275] info  communicator.cpp::processor processing exited
2026-01-28 21:31:59.350 [119265] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:32:00.350 [119265] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:32:00.360 [120318] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:32:00.360 [120318] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:32:00.360 [120318] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:32:00.360 [120318] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:32:00.360 [120318] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:32:00.469 [120318] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:32:00.518 [120318] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:32:00.701 [120318] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:32:00.701 [120328] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:32:00.701 [120332] info  communicator.cpp::processor processing starting
2026-01-28 21:32:00.704 [120329] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:32:07.038 [120329] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:32:07.038 [120329] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:32:07.040 [120331] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:32:07.040 [120331] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:32:07.040 [120331] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:32:07.040 [120331] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:32:07.040 [120331] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:32:07.040 [120331] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:32:07.234 [120331] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:32:07.234 [120331] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:32:07.234 [120331] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:32:07.239 [120331] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:32:07.330 [120331] info  client.cpp::callSync []
2026-01-28 21:32:08.336 [120331] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:32:08.336 [120331] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:32:08.475 [120331] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:32:12.484 [120331] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:32:14.187 [120328] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:32:16.512 [120331] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:32:16.928 [120332] info  communicator.cpp::processor processing exited
2026-01-28 21:32:31.189 [120318] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:32:32.189 [120318] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:32:32.200 [121311] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:32:32.200 [121311] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:32:32.200 [121311] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:32:32.200 [121311] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:32:32.200 [121311] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:32:32.312 [121311] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:32:32.362 [121311] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:32:32.536 [121311] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:32:32.537 [121334] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:32:32.537 [121338] info  communicator.cpp::processor processing starting
2026-01-28 21:32:32.539 [121335] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:32:38.891 [121335] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:32:38.900 [121335] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:32:38.903 [121337] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:32:38.903 [121337] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:32:38.903 [121337] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:32:38.903 [121337] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:32:38.903 [121337] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:32:38.903 [121337] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:32:39.126 [121337] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:32:39.126 [121337] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:32:39.126 [121337] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:32:39.131 [121337] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:32:39.225 [121337] info  client.cpp::callSync []
2026-01-28 21:32:40.231 [121337] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:32:40.231 [121337] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:32:40.369 [121337] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:32:44.377 [121337] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:32:46.040 [121334] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:32:48.765 [121337] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:32:49.961 [121338] info  communicator.cpp::processor processing exited
2026-01-28 21:33:03.962 [121311] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:33:04.963 [121311] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:33:04.972 [122409] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:33:04.972 [122409] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:33:04.972 [122409] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:33:04.972 [122409] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:33:04.972 [122409] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:33:05.084 [122409] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:33:05.135 [122409] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:33:05.323 [122409] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:33:05.323 [122419] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:33:05.323 [122423] info  communicator.cpp::processor processing starting
2026-01-28 21:33:05.325 [122420] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:33:11.670 [122420] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:33:11.671 [122420] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:33:11.674 [122422] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:33:11.674 [122422] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:33:11.674 [122422] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:33:11.674 [122422] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:33:11.674 [122422] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:33:11.674 [122422] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:33:11.932 [122422] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:33:11.932 [122422] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:33:11.932 [122422] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:33:11.937 [122422] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:33:12.029 [122422] info  client.cpp::callSync []
2026-01-28 21:33:13.036 [122422] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:33:13.036 [122422] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:33:13.175 [122422] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:33:17.182 [122422] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:33:18.816 [122419] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:33:21.502 [122422] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:33:21.694 [122423] info  communicator.cpp::processor processing exited
2026-01-28 21:33:35.818 [122409] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:33:36.818 [122409] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:33:36.828 [123355] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:33:36.828 [123355] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:33:36.828 [123355] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:33:36.828 [123355] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:33:36.828 [123355] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:33:36.943 [123355] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:33:37.011 [123355] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:33:37.237 [123355] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:33:37.237 [123361] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:33:37.237 [123365] info  communicator.cpp::processor processing starting
2026-01-28 21:33:37.239 [123362] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:33:43.595 [123362] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:33:43.595 [123362] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:33:43.598 [123364] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:33:43.598 [123364] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:33:43.598 [123364] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:33:43.598 [123364] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:33:43.598 [123364] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:33:43.598 [123364] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:33:43.796 [123364] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:33:43.796 [123364] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:33:43.796 [123364] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:33:43.801 [123364] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:33:43.889 [123364] info  client.cpp::callSync []
2026-01-28 21:33:44.896 [123364] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:33:44.896 [123364] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:33:45.013 [123364] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:33:47.738 [123361] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:33:49.124 [123365] info  communicator.cpp::processor processing exited
2026-01-28 21:34:04.740 [123355] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:34:05.740 [123355] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:34:05.748 [124358] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:34:05.749 [124358] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:34:05.749 [124358] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:34:05.749 [124358] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:34:05.749 [124358] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:34:05.857 [124358] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:34:05.906 [124358] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:34:06.078 [124358] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:34:06.078 [124364] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:34:06.079 [124368] info  communicator.cpp::processor processing starting
2026-01-28 21:34:06.080 [124365] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:34:12.401 [124365] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:34:12.402 [124365] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:34:12.404 [124367] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:34:12.404 [124367] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:34:12.404 [124367] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:34:12.404 [124367] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:34:12.404 [124367] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:34:12.404 [124367] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:34:12.594 [124367] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:34:12.594 [124367] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:34:12.594 [124367] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:34:12.599 [124367] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:34:12.689 [124367] info  client.cpp::callSync []
2026-01-28 21:34:13.694 [124367] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:34:13.694 [124367] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:34:13.829 [124367] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:34:17.836 [124367] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:34:18.537 [124364] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:34:21.857 [124367] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:34:23.035 [124368] info  communicator.cpp::processor processing exited
2026-01-28 21:34:37.036 [124358] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:34:38.036 [124358] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:34:38.045 [125267] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:34:38.045 [125267] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:34:38.045 [125267] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:34:38.045 [125267] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:34:38.045 [125267] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:34:38.154 [125267] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:34:38.202 [125267] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:34:38.374 [125267] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:34:38.374 [125285] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:34:38.374 [125289] info  communicator.cpp::processor processing starting
2026-01-28 21:34:38.376 [125286] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:34:44.692 [125286] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:34:44.693 [125286] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:34:44.695 [125288] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:34:44.695 [125288] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:34:44.695 [125288] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:34:44.695 [125288] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:34:44.695 [125288] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:34:44.695 [125288] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:34:44.889 [125288] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:34:44.889 [125288] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:34:44.889 [125288] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:34:44.894 [125288] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:34:44.980 [125288] info  client.cpp::callSync []
2026-01-28 21:34:45.984 [125288] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:34:45.985 [125288] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:34:46.120 [125288] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:34:50.128 [125288] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:34:50.825 [125285] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:34:54.259 [125288] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:34:54.468 [125289] info  communicator.cpp::processor processing exited
2026-01-28 21:35:08.470 [125267] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:35:09.470 [125267] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:35:09.479 [126237] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:35:09.479 [126237] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:35:09.479 [126237] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:35:09.479 [126237] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:35:09.479 [126237] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:35:09.587 [126237] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:35:09.634 [126237] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:35:09.804 [126237] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:35:09.804 [126249] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:35:09.804 [126253] info  communicator.cpp::processor processing starting
2026-01-28 21:35:09.806 [126250] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:35:16.128 [126250] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:35:16.128 [126250] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:35:16.130 [126252] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:35:16.130 [126252] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:35:16.130 [126252] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:35:16.130 [126252] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:35:16.130 [126252] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:35:16.130 [126252] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:35:16.324 [126252] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:35:16.324 [126252] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:35:16.324 [126252] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:35:16.329 [126252] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:35:16.419 [126252] info  client.cpp::callSync []
2026-01-28 21:35:17.424 [126252] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:35:17.424 [126252] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:35:17.548 [126252] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:35:21.554 [126252] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:35:23.265 [126249] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:35:25.574 [126252] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:35:26.750 [126253] info  communicator.cpp::processor processing exited
2026-01-28 21:35:40.751 [126237] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:35:41.751 [126237] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:35:41.760 [127197] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:35:41.760 [127197] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:35:41.760 [127197] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:35:41.761 [127197] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:35:41.761 [127197] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:35:41.868 [127197] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:35:41.917 [127197] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:35:42.091 [127197] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:35:42.091 [127217] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:35:42.091 [127221] info  communicator.cpp::processor processing starting
2026-01-28 21:35:42.093 [127218] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:35:47.415 [127218] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:35:47.415 [127218] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:35:47.417 [127220] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:35:47.417 [127220] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:35:47.417 [127220] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:35:47.417 [127220] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:35:47.417 [127220] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:35:47.417 [127220] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:35:47.613 [127220] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:35:47.613 [127220] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:35:47.613 [127220] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:35:47.617 [127220] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:35:47.705 [127220] info  client.cpp::callSync []
2026-01-28 21:35:48.710 [127220] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:35:48.710 [127220] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:35:48.846 [127220] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:35:52.856 [127220] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:35:53.550 [127217] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:35:56.882 [127220] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:35:57.119 [127221] info  communicator.cpp::processor processing exited
2026-01-28 21:36:11.120 [127197] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:36:12.120 [127197] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:36:12.129 [128218] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:36:12.129 [128218] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:36:12.129 [128218] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:36:12.130 [128218] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:36:12.130 [128218] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:36:12.238 [128218] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:36:12.287 [128218] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:36:12.462 [128218] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:36:12.463 [128258] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:36:12.463 [128262] info  communicator.cpp::processor processing starting
2026-01-28 21:36:12.465 [128259] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:36:18.787 [128259] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:36:18.787 [128259] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-28 21:36:18.790 [128261] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-28 21:36:18.790 [128261] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-28 21:36:18.790 [128261] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-28 21:36:18.790 [128261] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-28 21:36:18.790 [128261] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-28 21:36:18.790 [128261] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:36:18.983 [128261] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-28 21:36:18.983 [128261] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-28 21:36:18.983 [128261] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-28 21:36:18.988 [128261] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-28 21:36:19.088 [128261] info  client.cpp::callSync []
2026-01-28 21:36:20.093 [128261] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-28 21:36:20.093 [128261] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-28 21:36:20.247 [128261] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-28 21:36:24.254 [128261] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:36:25.921 [128258] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-28 21:36:28.493 [128261] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-28 21:36:29.685 [128262] info  communicator.cpp::processor processing exited
2026-01-28 21:36:43.686 [128218] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-28 21:36:44.686 [128218] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-28 21:36:44.698 [129210] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-28 21:36:44.698 [129210] info  mbdaemon.cpp::main logLevel is info
2026-01-28 21:36:44.698 [129210] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-28 21:36:44.698 [129210] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-28 21:36:44.698 [129210] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-28 21:36:44.806 [129210] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-28 21:36:44.855 [129210] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-28 21:36:45.029 [129210] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-28 21:36:45.029 [129228] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-28 21:36:45.029 [129232] info  communicator.cpp::processor processing starting
2026-01-28 21:36:45.031 [129229] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-28 21:36:51.348 [129229] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-28 21:36:51.349 [129229] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-29 07:19:18.248 [6522] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-29 07:19:18.258 [6522] info  mbdaemon.cpp::main logLevel is info
2026-01-29 07:19:18.258 [6522] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-29 07:19:18.258 [6522] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-29 07:19:18.258 [6522] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-29 07:19:18.665 [6522] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-29 07:19:18.733 [6522] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-29 07:19:19.198 [6522] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-29 07:19:19.199 [9158] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-29 07:19:19.199 [9163] info  communicator.cpp::processor processing starting
2026-01-29 07:19:19.200 [9159] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-29 07:19:23.564 [9159] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-29 07:19:23.564 [9159] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-29 07:19:23.574 [9162] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-29 07:19:23.574 [9162] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-29 07:19:23.574 [9162] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-29 07:19:23.574 [9162] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-29 07:19:23.574 [9162] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-29 07:19:23.574 [9162] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-29 07:19:23.766 [9162] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-29 07:19:23.766 [9162] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-29 07:19:23.766 [9162] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-29 07:19:23.769 [9162] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-29 07:19:23.860 [9162] info  client.cpp::callSync []
2026-01-29 07:19:24.864 [9162] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-29 07:19:24.864 [9162] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-29 07:19:24.947 [9162] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-29 07:19:28.687 [9158] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-29 07:19:28.951 [9162] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-29 07:19:29.873 [9163] info  communicator.cpp::processor processing exited
2026-01-29 07:19:45.689 [6522] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-29 07:19:46.689 [6522] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-29 07:19:47.186 [21749] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-29 07:19:47.187 [21749] info  mbdaemon.cpp::main logLevel is info
2026-01-29 07:19:47.187 [21749] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-29 07:19:47.187 [21749] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-29 07:19:47.187 [21749] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-29 07:19:47.306 [21749] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-29 07:19:47.363 [21749] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-29 07:19:47.491 [21749] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-29 07:19:47.491 [21767] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-29 07:19:47.491 [21771] info  communicator.cpp::processor processing starting
2026-01-29 07:19:47.492 [21768] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-29 07:19:53.839 [21768] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-29 07:19:53.839 [21768] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-29 07:19:53.840 [21770] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-29 07:19:53.840 [21770] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-29 07:19:53.840 [21770] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-29 07:19:53.840 [21770] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-29 07:19:53.841 [21770] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-29 07:19:53.841 [21770] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-29 07:19:54.035 [21770] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-29 07:19:54.035 [21770] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-29 07:19:54.035 [21770] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-29 07:19:54.038 [21770] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-29 07:19:54.124 [21770] info  client.cpp::callSync []
2026-01-29 07:19:55.127 [21770] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-29 07:19:55.129 [21770] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-29 07:19:55.129 [21770] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-29 07:19:55.266 [21770] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-29 07:19:59.272 [21770] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-29 07:20:00.981 [21767] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-29 07:20:03.291 [21770] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-29 07:20:03.627 [21771] info  communicator.cpp::processor processing exited
2026-01-29 07:20:17.982 [21749] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-29 07:20:18.982 [21749] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-29 07:20:18.990 [22511] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.84  **************
2026-01-29 07:20:18.990 [22511] info  mbdaemon.cpp::main logLevel is info
2026-01-29 07:20:18.990 [22511] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-29 07:20:18.990 [22511] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-29 07:20:18.990 [22511] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-29 07:20:19.097 [22511] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-29 07:20:19.145 [22511] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-29 07:20:19.261 [22511] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-29 07:20:19.261 [22518] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-29 07:20:19.262 [22522] info  communicator.cpp::processor processing starting
2026-01-29 07:20:19.263 [22519] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-29 07:20:25.573 [22519] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-01-29 07:20:25.573 [22519] info  update.cpp::launchAgentUpdate Found downloaded agent update: 1.1.84 -> 1.1.85
2026-01-29 07:20:25.575 [22521] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-29 07:20:25.575 [22521] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-29 07:20:25.575 [22521] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-29 07:20:25.575 [22521] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-29 07:20:25.575 [22521] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-29 07:20:25.575 [22521] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-29 07:20:25.768 [22521] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-29 07:20:25.768 [22521] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-29 07:20:25.768 [22521] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-29 07:20:25.771 [22521] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-29 07:20:25.861 [22521] info  client.cpp::callSync []
2026-01-29 07:20:26.864 [22521] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-29 07:20:26.864 [22521] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-29 07:20:26.997 [22521] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-29 07:20:31.001 [22521] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-29 07:20:32.696 [22518] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-29 07:20:35.018 [22521] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.84", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.84", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5b0834efbaff5455677b8cff0b914718:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-29 07:20:36.196 [22522] info  communicator.cpp::processor processing exited
2026-01-29 07:20:50.198 [22511] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-29 07:20:51.198 [22511] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-29 16:27:59.354 [175810] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.85  **************
2026-01-29 16:27:59.354 [175810] info  mbdaemon.cpp::main logLevel is info
2026-01-29 16:27:59.354 [175810] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-29 16:27:59.354 [175810] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-29 16:27:59.354 [175810] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-29 16:27:59.512 [175810] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-29 16:27:59.559 [175810] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-29 16:27:59.736 [175810] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-29 16:27:59.737 [175824] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-29 16:27:59.737 [175828] info  communicator.cpp::processor processing starting
2026-01-29 16:27:59.739 [175825] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-29 16:28:06.110 [175825] info  sirius.cpp::downloadUpdates updating package: epa.linux
2026-01-29 16:28:06.209 [175825] info  sirius.cpp::backupEntry Backing up package: epa.linux
2026-01-29 16:28:06.226 [175825] info  sirius.cpp::download updated epa.linux to version 1.1.87

2026-01-29 16:28:06.362 [175827] info  client.cpp::initialize Upgrade detected from mblinux/1.1.84 to mblinux/1.1.85
2026-01-29 16:28:06.362 [175825] info  sirius.cpp::unpack Extracting epa.linux to /usr/share/mblinux/installers/epa.linux/
2026-01-29 16:28:06.365 [175827] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-29 16:28:06.365 [175827] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-29 16:28:06.365 [175827] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-29 16:28:06.366 [175827] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-29 16:28:07.365 [175825] info  sirius.cpp::unpack Unpacked epa.linux 1.1.87
2026-01-29 16:28:07.365 [175825] info  sirius.cpp::installDownloaded installed epa.linux 1.1.87
2026-01-29 16:28:07.367 [175827] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-29 16:28:07.367 [175827] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-29 16:28:07.502 [175827] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-29 16:28:07.502 [175827] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-29 16:28:07.502 [175827] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-29 16:28:07.508 [175827] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-29 16:28:07.637 [175827] info  client.cpp::callSync []
2026-01-29 16:28:07.755 [175827] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-29 16:28:07.755 [175827] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-29 16:28:07.755 [175827] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-29 16:28:07.755 [175827] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-29 16:28:08.760 [175827] info  client.cpp::checkAgentAndAssetInfo Sending asset info for new version
2026-01-29 16:28:08.760 [175827] info  asset_mgmt.cpp::collectData Collecting asset information
2026-01-29 16:28:08.760 [175827] info  asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-01-29 16:28:08.760 [175827] info  asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-29 16:28:08.761 [175827] info  asset_mgmt.cpp::collectMemory Collecting memory information
2026-01-29 16:28:08.761 [175827] info  asset_mgmt.cpp::collectDrives Collecting drive information
2026-01-29 16:28:12.511 [175824] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-29 16:28:18.828 [175827] info  asset_mgmt.cpp::collectStartups Collecting startups information
2026-01-29 16:28:19.836 [175827] info  asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-01-29 16:28:27.262 [175827] info  client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 286578470912, \"freespace_total\": 286578470912, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 720893558784, \"freespace_total\": 720893558784, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.85\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 29895585792, \"free_virtual\": 8589930496, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\
2026-01-29 16:28:27.284 [175827] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.85", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.85", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "1464911f43b4d8ce7e5cf89b76bb38af:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-29 16:28:27.412 [175827] info  client.cpp::syncExclusions Updated exclusions: 8a626f82e575fd117fddae5131a070c1
2026-01-29 16:28:27.422 [175827] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-29 16:28:28.507 [175828] info  communicator.cpp::processor processing exited
2026-01-29 16:28:42.508 [175810] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-29 16:28:42.700 [177163] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.85  **************
2026-01-29 16:28:42.700 [177163] info  mbdaemon.cpp::main logLevel is info
2026-01-29 16:28:42.700 [177163] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-29 16:28:42.700 [177163] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-29 16:28:42.700 [177163] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-29 16:28:42.758 [177163] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-29 16:28:42.810 [177163] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-29 16:28:43.019 [177163] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-29 16:28:43.019 [177183] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-29 16:28:43.019 [177187] info  communicator.cpp::processor processing starting
2026-01-29 16:28:46.040 [177186] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-29 16:28:46.040 [177186] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-29 16:28:46.040 [177186] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-29 16:28:46.040 [177186] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-29 16:28:46.040 [177186] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-29 16:28:46.040 [177186] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-29 16:28:46.216 [177186] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-29 16:28:46.216 [177186] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-29 16:28:46.216 [177186] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-29 16:28:46.223 [177186] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-29 16:28:46.328 [177186] info  client.cpp::callSync []
2026-01-29 16:28:47.334 [177186] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-29 16:28:47.334 [177186] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-29 16:28:47.478 [177186] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-29 16:28:51.486 [177186] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.85", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.85", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "1464911f43b4d8ce7e5cf89b76bb38af:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-29 16:28:51.583 [177186] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: 8a626f82e575fd117fddae5131a070c1
2026-01-29 16:28:51.583 [177186] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-29 16:28:51.583 [177186] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-29 16:28:51.601 [177186] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-29 18:24:54.488 [177186] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-29 18:24:54.575 [177186] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-29 19:02:40.124 [177186] info  client.cpp::sync Command received : event.policy.refresh
2026-01-29 19:02:40.276 [177186] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-29 19:02:40.276 [177186] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-29 19:02:40.276 [177186] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-29 19:02:40.276 [177186] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-29 19:02:40.276 [177186] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-29 19:02:41.609 [177186] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.85", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.85", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "630d02167820869119a2a33dd0436f76:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-29 19:02:41.609 [177186] info  client.cpp::sync Command received : event.exclusion.refresh
2026-01-29 19:02:41.609 [177186] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-29 19:02:41.781 [177186] info  client.cpp::syncExclusions Updated exclusions: nebula-1769731361
2026-01-29 19:02:41.781 [177186] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1769731361
2026-01-29 19:02:41.781 [177186] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-29 19:02:41.782 [177186] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-29 19:02:41.782 [177186] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-29 20:24:37.584 [177186] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-29 20:24:37.667 [177186] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-29 21:53:42.945 [177186] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-29 21:53:43.026 [177186] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-29 23:50:43.752 [177186] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-29 23:50:43.853 [177186] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-30 01:18:01.855 [177186] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-30 01:18:01.940 [177186] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-30 02:29:21.343 [177186] info  client.cpp::sync Command received : event.policy.refresh
2026-01-30 02:29:21.463 [177186] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-30 02:29:21.463 [177186] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-30 02:29:21.463 [177186] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-30 02:29:21.463 [177186] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-30 02:29:21.463 [177186] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-30 02:29:22.471 [177186] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.85", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.85", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "8b13c23fcb9bcd1c08d125ce727722d7:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-30 02:29:22.472 [177186] info  client.cpp::sync Command received : event.exclusion.refresh
2026-01-30 02:29:22.472 [177186] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-30 02:29:22.591 [177186] info  client.cpp::syncExclusions Updated exclusions: nebula-1769758162
2026-01-30 02:29:22.591 [177186] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1769758162
2026-01-30 02:29:22.591 [177186] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-30 02:29:22.592 [177186] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-30 02:29:22.592 [177186] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-30 02:53:00.023 [177186] info  client.cpp::sync Command received : event.policy.refresh
2026-01-30 02:53:00.144 [177186] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-30 02:53:00.145 [177186] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-30 02:53:00.145 [177186] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-30 02:53:00.145 [177186] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-30 02:53:00.145 [177186] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-30 02:53:01.152 [177186] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.85", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.85", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "d41d49a9b2fc7a91242f1e98100b7a4f:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-30 02:53:01.153 [177186] info  client.cpp::sync Command received : event.exclusion.refresh
2026-01-30 02:53:01.153 [177186] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-30 02:53:01.307 [177186] info  client.cpp::syncExclusions Updated exclusions: nebula-1769759581
2026-01-30 02:53:01.307 [177186] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1769759581
2026-01-30 02:53:01.307 [177186] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-30 02:53:01.307 [177186] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-30 02:53:01.308 [177186] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-30 03:14:07.941 [177186] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-30 03:14:08.044 [177186] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-30 03:45:25.224 [177186] info  client.cpp::sync Command received : event.policy.refresh
2026-01-30 03:45:25.351 [177186] warn  serialization.hpp::getMemberOr error parsing data member: pause_until
2026-01-30 03:45:25.351 [177186] warn  serialization.hpp::getMemberOr ParseError at /src/core/serialization.hpp:105 ()
2026-01-30 03:45:25.351 [177186] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-30 03:45:25.351 [177186] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-30 03:45:25.351 [177186] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-30 03:45:26.473 [177186] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.85", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.85", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "deb63be4e9c84fff1ae90d41e6853360:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:69", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-30 03:45:26.530 [177186] info  client.cpp::sync Command received : event.exclusion.refresh
2026-01-30 03:45:26.530 [177186] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-30 03:45:26.622 [177186] info  client.cpp::syncExclusions Updated exclusions: nebula-1769762726
2026-01-30 03:45:26.622 [177186] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1769762726
2026-01-30 03:45:26.622 [177186] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-30 03:45:26.623 [177186] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-30 03:45:26.627 [177186] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-30 04:18:56.046 [177186] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-30 04:18:56.135 [177186] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-30 05:32:44.137 [177186] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-30 05:32:44.218 [177186] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-30 07:08:08.221 [177186] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-30 07:08:08.324 [177186] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-30 08:19:15.332 [177186] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-30 08:19:15.414 [177186] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-30 09:18:23.956 [177186] info  client.cpp::sync Command received : event.policy.refresh
2026-01-30 09:18:24.157 [177186] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-30 09:18:24.158 [177186] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-30 09:18:24.158 [177186] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-30 09:18:25.168 [177186] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.85", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.85", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "7fd6766f8fd7af246a803457502156bb:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:70", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-30 09:18:25.168 [177186] info  client.cpp::sync Command received : event.exclusion.refresh
2026-01-30 09:18:25.168 [177186] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-30 09:18:25.338 [177186] info  client.cpp::syncExclusions Updated exclusions: nebula-1769782705
2026-01-30 09:18:25.338 [177186] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1769782705
2026-01-30 09:18:25.338 [177186] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-30 09:18:25.339 [177186] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-30 09:18:25.339 [177186] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-30 09:24:57.417 [177186] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-30 09:24:57.500 [177186] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-30 11:17:27.644 [177186] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-30 11:17:27.733 [177186] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-30 12:05:34.753 [177186] info  client.cpp::sync Command received : event.policy.refresh
2026-01-30 12:05:34.885 [177186] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-30 12:05:34.885 [177186] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-30 12:05:34.885 [177186] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-30 12:05:35.892 [177186] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.85", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.85", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "502d36af8b07db761757e9bca04be002:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:71", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-30 12:05:35.893 [177186] info  client.cpp::sync Command received : event.exclusion.refresh
2026-01-30 12:05:35.893 [177186] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-30 12:05:36.060 [177186] info  client.cpp::syncExclusions Updated exclusions: nebula-1769792735
2026-01-30 12:05:36.060 [177186] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1769792735
2026-01-30 12:05:36.060 [177186] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-30 12:05:36.061 [177186] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-30 12:05:36.061 [177186] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-30 13:12:39.734 [177186] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-30 13:12:39.822 [177186] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-30 15:00:39.823 [177186] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-30 15:00:39.904 [177186] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-30 16:28:47.324 [177184] info  command_history.cpp::Cleanup Performing command history cleanup
2026-01-30 16:56:46.047 [177186] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-30 16:56:46.132 [177186] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-30 18:06:59.144 [177186] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-30 18:06:59.245 [177186] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-30 18:53:02.885 [177186] info  client.cpp::sync Command received : event.policy.refresh
2026-01-30 18:53:03.013 [177186] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-30 18:53:03.013 [177186] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-30 18:53:03.013 [177186] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-30 18:53:04.025 [177186] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.85", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.85", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "bf117b22a4baba02532388a765e48d1d:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:71", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-30 18:53:04.026 [177186] info  client.cpp::sync Command received : event.exclusion.refresh
2026-01-30 18:53:04.026 [177186] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-30 18:53:04.180 [177186] info  client.cpp::syncExclusions Updated exclusions: nebula-1769817184
2026-01-30 18:53:04.180 [177186] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1769817184
2026-01-30 18:53:04.180 [177186] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-30 18:53:04.181 [177186] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-30 18:53:04.181 [177186] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-30 19:23:29.247 [177186] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-30 19:23:29.336 [177186] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-30 20:49:53.338 [177186] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-30 20:49:53.441 [177186] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-30 21:52:03.274 [177183] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-01-30 21:52:04.047 [177187] info  communicator.cpp::processor processing exited
2026-01-30 21:52:20.275 [177163] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-01-30 21:52:21.489 [177163] info  mbdaemon.cpp::main Exiting Main - 0
2026-01-30 21:52:21.677 [190596] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.86  **************
2026-01-30 21:52:21.678 [190596] info  mbdaemon.cpp::main logLevel is info
2026-01-30 21:52:21.678 [190596] info  mbdaemon.cpp::main syslogLevel is warn
2026-01-30 21:52:21.678 [190596] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-01-30 21:52:21.678 [190596] info  sirius.cpp::initialize Setting Sirius channel: release
2026-01-30 21:52:22.111 [190596] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-01-30 21:52:22.164 [190596] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-01-30 21:52:22.359 [190596] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-01-30 21:52:22.359 [190622] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-01-30 21:52:22.359 [190626] info  communicator.cpp::processor processing starting
2026-01-30 21:52:25.387 [190625] info  client.cpp::initialize Upgrade detected from mblinux/1.1.85 to mblinux/1.1.86
2026-01-30 21:52:25.388 [190625] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-30 21:52:25.388 [190625] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-30 21:52:25.388 [190625] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-01-30 21:52:25.388 [190625] info  sirius.cpp::downloadUpdates checking for new updates
2026-01-30 21:52:25.536 [190625] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-01-30 21:52:25.536 [190625] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-01-30 21:52:25.536 [190625] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-01-30 21:52:25.541 [190625] info  schedule_store.cpp::load Loaded nebula schedules
2026-01-30 21:52:25.648 [190625] info  client.cpp::callSync []
2026-01-30 21:52:26.653 [190625] info  client.cpp::checkAgentAndAssetInfo Sending asset info for new version
2026-01-30 21:52:26.653 [190625] info  asset_mgmt.cpp::collectData Collecting asset information
2026-01-30 21:52:26.653 [190625] info  asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-01-30 21:52:26.653 [190625] info  asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-30 21:52:26.653 [190625] info  asset_mgmt.cpp::collectMemory Collecting memory information
2026-01-30 21:52:26.653 [190625] info  asset_mgmt.cpp::collectDrives Collecting drive information
2026-01-30 21:52:37.547 [190625] info  asset_mgmt.cpp::collectStartups Collecting startups information
2026-01-30 21:52:38.554 [190625] info  asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-01-30 21:52:45.922 [190625] info  client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 253490163712, \"freespace_total\": 253490163712, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 718590459904, \"freespace_total\": 718590459904, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.86\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 1710092288, \"free_virtual\": 8578912256, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2026-01-30 21:52:45.942 [190625] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.86", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.86", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "bf117b22a4baba02532388a765e48d1d:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:71", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-30 21:52:46.083 [190625] info  client.cpp::syncExclusions Updated exclusions: ae7bb51fbfb60e4b8b0d020a7c3fb3b8
2026-01-30 21:52:46.092 [190625] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-01-30 21:52:46.092 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-30 21:52:46.180 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-30 21:52:50.190 [190625] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.86", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.86", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "bf117b22a4baba02532388a765e48d1d:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:71", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-30 21:52:50.190 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: ae7bb51fbfb60e4b8b0d020a7c3fb3b8
2026-01-30 21:52:50.190 [190625] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-30 21:52:50.191 [190625] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-30 21:52:50.191 [190625] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-30 23:24:34.921 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-30 23:24:35.036 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-31 01:02:00.073 [190625] info  on_nebula.cpp::handle Performing threat scan
2026-01-31 02:28:22.640 [190625] info  on_nebula.cpp::handle Scan complete, duration: 5182
2026-01-31 02:28:22.644 [190625] info  schedule_store.cpp::save Saved nebula schedules
2026-01-31 02:28:22.646 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-31 02:28:22.770 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-31 02:51:44.234 [190625] info  client.cpp::sync Command received : event.policy.refresh
2026-01-31 02:51:44.356 [190625] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-31 02:51:44.356 [190625] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-01-31 02:51:44.356 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-01-31 02:51:45.367 [190625] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.86", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.86", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "97f3f9b8cf94bac69a1ecb9b76b4d927:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:71", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-31 02:51:45.368 [190625] info  client.cpp::sync Command received : event.exclusion.refresh
2026-01-31 02:51:45.368 [190625] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-01-31 02:51:45.518 [190625] info  client.cpp::syncExclusions Updated exclusions: nebula-1769845905
2026-01-31 02:51:45.518 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1769845905
2026-01-31 02:51:45.518 [190625] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-01-31 02:51:45.518 [190625] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-01-31 02:51:45.518 [190625] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-01-31 04:02:52.771 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-31 04:02:52.878 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-31 05:30:10.880 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-31 05:30:11.027 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-31 06:01:00.076 [190625] info  DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-01-31 06:01:00.076 [190625] info  asset_mgmt.cpp::collectData Collecting asset information
2026-01-31 06:01:00.076 [190625] info  asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-01-31 06:01:00.076 [190625] info  asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-01-31 06:01:00.077 [190625] info  asset_mgmt.cpp::collectMemory Collecting memory information
2026-01-31 06:01:00.077 [190625] info  asset_mgmt.cpp::collectDrives Collecting drive information
2026-01-31 06:01:07.474 [190625] info  asset_mgmt.cpp::collectStartups Collecting startups information
2026-01-31 06:01:08.482 [190625] info  asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-01-31 06:01:17.157 [190625] info  client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 247020535808, \"freespace_total\": 247020535808, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 717948624896, \"freespace_total\": 717948624896, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.86\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 11447484416, \"free_virtual\": 8429236224, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\
2026-01-31 06:01:17.244 [190625] info  schedule_store.cpp::save Saved nebula schedules
2026-01-31 06:37:41.029 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-31 06:37:41.129 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-31 08:23:53.131 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-31 08:23:53.221 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-31 09:58:23.223 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-31 09:58:23.310 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-31 11:28:23.312 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-31 11:28:23.402 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-31 12:46:41.403 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-31 12:46:41.489 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-31 14:22:05.685 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-31 14:22:05.782 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-31 16:14:35.784 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-31 16:14:35.892 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-31 18:02:35.894 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-31 18:02:36.007 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-31 19:03:48.407 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-31 19:03:48.495 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-31 20:58:06.496 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-31 20:58:06.594 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-31 21:52:27.356 [190623] info  command_history.cpp::Cleanup Performing command history cleanup
2026-01-31 21:52:30.727 [190625] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.86", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.86", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "97f3f9b8cf94bac69a1ecb9b76b4d927:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:71", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-31 21:52:34.742 [190625] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.86", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.86", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "97f3f9b8cf94bac69a1ecb9b76b4d927:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:71", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-01-31 22:04:42.455 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-31 22:04:42.545 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-01-31 23:59:54.688 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-01-31 23:59:54.808 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-01 01:01:59.003 [190625] info  on_nebula.cpp::handle Performing threat scan
2026-02-01 02:28:44.819 [190625] info  on_nebula.cpp::handle Scan complete, duration: 5205
2026-02-01 02:28:44.821 [190625] info  schedule_store.cpp::save Saved nebula schedules
2026-02-01 02:28:44.822 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-01 02:28:44.925 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-01 04:12:14.946 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-01 04:12:15.110 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-01 06:00:59.291 [190625] info  DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-02-01 06:00:59.291 [190625] info  asset_mgmt.cpp::collectData Collecting asset information
2026-02-01 06:00:59.291 [190625] info  asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-02-01 06:00:59.291 [190625] info  asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-01 06:00:59.296 [190625] info  asset_mgmt.cpp::collectMemory Collecting memory information
2026-02-01 06:00:59.297 [190625] info  asset_mgmt.cpp::collectDrives Collecting drive information
2026-02-01 06:01:08.497 [190625] info  asset_mgmt.cpp::collectStartups Collecting startups information
2026-02-01 06:01:09.509 [190625] info  asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-02-01 06:01:18.339 [190625] info  client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 230940913664, \"freespace_total\": 230940913664, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 716173180928, \"freespace_total\": 716173180928, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.86\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 8897527808, \"free_virtual\": 8487170048, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2026-02-01 06:01:18.413 [190625] info  schedule_store.cpp::save Saved nebula schedules
2026-02-01 06:01:18.414 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-01 06:01:18.505 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-01 07:22:19.527 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-01 07:22:19.622 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-01 08:25:19.624 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-01 08:25:19.728 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-01 09:34:38.307 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-01 09:34:38.397 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-01 10:36:44.399 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-01 10:36:44.497 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-01 12:17:32.699 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-01 12:17:32.807 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-01 13:40:21.819 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-01 13:40:21.906 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-01 14:52:21.908 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-01 14:52:21.996 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-01 16:49:22.188 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-01 16:49:22.278 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-01 18:37:23.292 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-01 18:37:23.382 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-01 20:09:11.383 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-01 20:09:11.480 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-01 21:32:00.493 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-01 21:32:00.581 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-01 21:52:32.190 [190623] info  command_history.cpp::Cleanup Performing command history cleanup
2026-02-01 21:52:35.483 [190625] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.86", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.86", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "97f3f9b8cf94bac69a1ecb9b76b4d927:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:71", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-01 21:52:45.932 [190625] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.86", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.86", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "97f3f9b8cf94bac69a1ecb9b76b4d927:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:71", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-01 22:56:36.595 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-01 22:56:36.685 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-02 00:11:18.874 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-02 00:11:18.983 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-02 01:01:59.036 [190625] info  on_nebula.cpp::handle Performing threat scan
2026-02-02 02:25:37.719 [190625] info  on_nebula.cpp::handle Scan complete, duration: 5018
2026-02-02 02:25:37.802 [190625] info  schedule_store.cpp::save Saved nebula schedules
2026-02-02 02:25:37.804 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-02 02:25:37.925 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-02 03:14:30.989 [190625] info  client.cpp::sync Command received : event.policy.refresh
2026-02-02 03:14:31.097 [190625] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-02 03:14:31.097 [190625] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-02 03:14:31.097 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-02 03:14:32.108 [190625] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.86", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.86", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "82edcd2ad76177c46628790cf22d4339:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:72", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-02 03:14:32.108 [190625] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-02 03:14:32.108 [190625] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-02 03:14:32.237 [190625] info  client.cpp::syncExclusions Updated exclusions: nebula-1770020072
2026-02-02 03:14:32.237 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1770020072
2026-02-02 03:14:32.237 [190625] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-02 03:14:32.237 [190625] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-02 03:14:32.237 [190625] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-02 03:45:43.928 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-02 03:45:44.024 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-02 04:46:56.026 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-02 04:46:56.117 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-02 06:07:57.130 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-02 06:07:57.289 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-02 07:34:05.432 [190625] info  client.cpp::sync Command received : event.policy.refresh
2026-02-02 07:34:05.556 [190625] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-02 07:34:05.556 [190625] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-02 07:34:05.556 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-02 07:34:06.567 [190625] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.86", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.86", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "39208a200317b86c75b301b93e971c05:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:72", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-02 07:34:06.568 [190625] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-02 07:34:06.568 [190625] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-02 07:34:06.725 [190625] info  client.cpp::syncExclusions Updated exclusions: nebula-1770035646
2026-02-02 07:34:06.725 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1770035646
2026-02-02 07:34:06.725 [190625] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-02 07:34:06.726 [190625] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-02 07:34:06.726 [190625] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-02 07:50:33.290 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-02 07:50:33.406 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-02 08:55:21.408 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-02 08:55:21.498 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-02 10:28:03.499 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-02 10:28:03.590 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-02 11:29:15.592 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-02 11:29:15.686 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-02 11:42:26.201 [190625] info  client.cpp::sync Command received : event.policy.refresh
2026-02-02 11:42:26.311 [190625] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-02 11:42:26.311 [190625] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-02 11:42:26.311 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-02 11:42:27.322 [190625] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.86", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.86", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "3bf6a4cb8eb9442b49e1e1e54815003d:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:72", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-02 11:42:27.322 [190625] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-02 11:42:27.323 [190625] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-02 11:42:27.454 [190625] info  client.cpp::syncExclusions Updated exclusions: nebula-1770050547
2026-02-02 11:42:27.454 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1770050547
2026-02-02 11:42:27.454 [190625] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-02 11:42:27.455 [190625] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-02 11:42:27.485 [190625] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-02 12:35:51.687 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-02 12:35:51.798 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-02 13:03:51.453 [190625] info  client.cpp::sync Command received : event.policy.refresh
2026-02-02 13:03:51.794 [190625] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-02 13:03:51.804 [190625] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-02 13:03:51.804 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-02 13:03:52.832 [190625] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.86", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.86", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "b721a17132f9c747b208a45ab72491bd:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:72", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-02 13:03:52.832 [190625] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-02 13:03:52.832 [190625] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-02 13:03:52.990 [190625] info  client.cpp::syncExclusions Updated exclusions: nebula-1770055432
2026-02-02 13:03:52.990 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1770055432
2026-02-02 13:03:52.990 [190625] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-02 13:03:52.991 [190625] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-02 13:03:52.991 [190625] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-02 13:14:45.508 [190625] info  client.cpp::sync Command received : event.policy.refresh
2026-02-02 13:14:45.624 [190625] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-02 13:14:45.624 [190625] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-02 13:14:45.624 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-02 13:14:46.636 [190625] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.86", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.86", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "8049902ea4cc3c26bca7197c9ff68672:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:72", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-02 13:14:46.636 [190625] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-02 13:14:46.636 [190625] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-02 13:14:46.734 [190625] info  client.cpp::syncExclusions Updated exclusions: nebula-1770056086
2026-02-02 13:14:46.734 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1770056086
2026-02-02 13:14:46.734 [190625] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-02 13:14:46.734 [190625] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-02 13:14:46.735 [190625] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-02 13:16:30.919 [190625] info  client.cpp::sync Command received : event.policy.refresh
2026-02-02 13:16:31.197 [190625] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-02 13:16:31.197 [190625] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-02 13:16:31.197 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-02 13:16:31.212 [190625] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.86", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.86", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "0c17e65bee9afcc596e8bf0707fa568b:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:72", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-02 13:16:31.213 [190625] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-02 13:16:31.213 [190625] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-02 13:16:31.370 [190625] info  client.cpp::syncExclusions Updated exclusions: nebula-1770056191
2026-02-02 13:16:31.370 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1770056191
2026-02-02 13:16:31.370 [190625] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-02 13:16:31.370 [190625] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-02 13:16:31.370 [190625] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-02 13:52:21.799 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-02 13:52:21.893 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-02 14:30:00.233 [190625] info  client.cpp::sync Command received : event.policy.refresh
2026-02-02 14:30:00.370 [190625] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-02 14:30:00.370 [190625] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-02 14:30:00.370 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-02 14:30:01.383 [190625] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.86", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.86", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "5bfe3a87dacc5342aa8f1facfa7280ed:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:72", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-02 14:30:01.383 [190625] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-02 14:30:01.383 [190625] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-02 14:30:01.531 [190625] info  client.cpp::syncExclusions Updated exclusions: nebula-1770060601
2026-02-02 14:30:01.532 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1770060601
2026-02-02 14:30:01.532 [190625] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-02 14:30:01.532 [190625] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-02 14:30:01.533 [190625] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-02 15:44:51.894 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-02 15:44:51.985 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-02 16:27:27.049 [190625] info  client.cpp::sync Command received : event.policy.refresh
2026-02-02 16:27:27.174 [190625] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-02 16:27:27.174 [190625] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-02 16:27:27.174 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-02 16:27:28.185 [190625] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.86", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.86", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "7ab600357f6e6d294309ed159823d16c:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:72", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-02 16:27:28.186 [190625] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-02 16:27:28.186 [190625] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-02 16:27:28.323 [190625] info  client.cpp::syncExclusions Updated exclusions: nebula-1770067648
2026-02-02 16:27:28.324 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1770067648
2026-02-02 16:27:28.324 [190625] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-02 16:27:28.324 [190625] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-02 16:27:28.324 [190625] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-02 16:53:15.987 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-02 16:53:16.079 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-02 18:18:47.092 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-02 18:18:47.182 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-02 19:54:12.193 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-02 19:54:12.286 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-02 21:23:18.288 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-02 21:23:18.380 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-02 21:52:36.600 [190623] info  command_history.cpp::Cleanup Performing command history cleanup
2026-02-02 22:50:36.381 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-02 22:50:36.489 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-02 23:51:49.502 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-02 23:51:49.593 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-03 01:07:25.594 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-03 01:07:25.683 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-03 02:09:32.697 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-03 02:09:32.791 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-03 04:04:44.999 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-03 04:04:45.110 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-03 04:45:52.852 [190625] info  client.cpp::sync Command received : event.policy.refresh
2026-02-03 04:45:52.991 [190625] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-03 04:45:52.991 [190625] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-03 04:45:52.992 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-03 04:45:54.300 [190625] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.86", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.86", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "aa111a5339ab97fd4ab99bbcda90354b:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:72", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-03 04:45:54.301 [190625] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-03 04:45:54.301 [190625] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-03 04:45:54.471 [190625] info  client.cpp::syncExclusions Updated exclusions: nebula-1770111954
2026-02-03 04:45:54.472 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1770111954
2026-02-03 04:45:54.472 [190625] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-03 04:45:54.472 [190625] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-03 04:45:54.472 [190625] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-03 05:05:44.392 [190625] info  client.cpp::sync Command received : event.policy.refresh
2026-02-03 05:05:44.526 [190625] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-03 05:05:44.526 [190625] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-03 05:05:44.526 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-03 05:05:45.885 [190625] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.86", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.86", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "c38343d786fd60da94139873a94e58d0:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:72", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-03 05:05:45.886 [190625] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-03 05:05:45.886 [190625] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-03 05:05:46.031 [190625] info  client.cpp::syncExclusions Updated exclusions: nebula-1770113145
2026-02-03 05:05:46.031 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1770113145
2026-02-03 05:05:46.031 [190625] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-03 05:05:46.032 [190625] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-03 05:05:46.032 [190625] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-03 05:23:03.112 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-03 05:23:03.199 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-03 06:00:59.234 [190625] info  DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-02-03 06:00:59.243 [190625] info  asset_mgmt.cpp::collectData Collecting asset information
2026-02-03 06:00:59.243 [190625] info  asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-02-03 06:00:59.243 [190625] info  asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-03 06:00:59.244 [190625] info  asset_mgmt.cpp::collectMemory Collecting memory information
2026-02-03 06:00:59.245 [190625] info  asset_mgmt.cpp::collectDrives Collecting drive information
2026-02-03 06:01:06.553 [190625] info  asset_mgmt.cpp::collectStartups Collecting startups information
2026-02-03 06:01:07.562 [190625] info  asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-02-03 06:01:18.061 [190625] info  client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 207215017984, \"freespace_total\": 207215017984, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 712554418176, \"freespace_total\": 712554418176, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.86\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 9644273664, \"free_virtual\": 8474230784, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2026-02-03 06:01:18.152 [190625] info  schedule_store.cpp::save Saved nebula schedules
2026-02-03 06:45:51.200 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-03 06:45:51.361 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-03 08:30:15.362 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-03 08:30:15.454 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-03 09:47:39.457 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-03 09:47:39.566 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-03 10:53:21.567 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-03 10:53:21.679 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-03 11:55:27.682 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-03 11:55:27.779 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-03 13:52:27.958 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-03 13:52:28.051 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-03 14:58:10.053 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-03 14:58:10.143 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-03 16:37:10.145 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-03 16:37:10.233 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-03 17:58:10.234 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-03 17:58:10.450 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-03 19:41:40.451 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-03 19:41:40.560 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-03 21:14:23.571 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-03 21:14:23.659 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-03 21:52:41.662 [190623] info  command_history.cpp::Cleanup Performing command history cleanup
2026-02-03 21:52:45.886 [190625] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.86", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.86", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "c38343d786fd60da94139873a94e58d0:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:72", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-03 21:52:49.901 [190625] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.86", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.86", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "c38343d786fd60da94139873a94e58d0:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:72", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-03 22:31:47.662 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-03 22:31:47.775 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-04 00:32:23.777 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-04 00:32:23.887 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-04 01:02:00.041 [190625] info  on_nebula.cpp::handle Performing threat scan
2026-02-04 01:34:14.867 [190625] info  on_nebula.cpp::handle Scan complete, duration: 1934
2026-02-04 01:34:14.869 [190625] info  schedule_store.cpp::save Saved nebula schedules
2026-02-04 01:34:14.870 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-04 01:34:15.003 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-04 02:37:15.002 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-04 02:37:15.099 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-04 03:46:33.101 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-04 03:46:33.209 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-04 04:47:46.222 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-04 04:47:46.312 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-04 06:01:00.398 [190625] info  DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-02-04 06:01:00.416 [190625] info  asset_mgmt.cpp::collectData Collecting asset information
2026-02-04 06:01:00.416 [190625] info  asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-02-04 06:01:00.416 [190625] info  asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-04 06:01:00.417 [190625] info  asset_mgmt.cpp::collectMemory Collecting memory information
2026-02-04 06:01:00.426 [190625] info  asset_mgmt.cpp::collectDrives Collecting drive information
2026-02-04 06:01:07.636 [190625] info  asset_mgmt.cpp::collectStartups Collecting startups information
2026-02-04 06:01:08.699 [190625] info  asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-02-04 06:01:17.060 [190625] info  client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 189267759104, \"freespace_total\": 189267759104, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 710813020160, \"freespace_total\": 710813020160, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.86\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 10136846336, \"free_virtual\": 8422187008, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\
2026-02-04 06:01:17.094 [190625] info  schedule_store.cpp::save Saved nebula schedules
2026-02-04 06:20:29.328 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-04 06:20:29.419 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-04 08:17:29.419 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-04 08:17:29.507 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-04 09:42:05.508 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-04 09:42:05.598 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-04 10:51:23.599 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-04 10:51:23.691 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-04 12:16:53.692 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-04 12:16:53.796 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-04 13:36:59.800 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-04 13:36:59.906 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-04 15:01:35.907 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-04 15:01:35.995 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-04 16:09:59.997 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-04 16:10:00.104 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-04 18:03:24.105 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-04 18:03:24.214 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-04 19:23:30.215 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-04 19:23:30.304 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-04 20:12:20.366 [190625] info  client.cpp::sync Command received : event.policy.refresh
2026-02-04 20:12:20.764 [190625] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-04 20:12:20.776 [190625] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-04 20:12:20.776 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-04 20:12:21.815 [190625] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.86", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.86", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "392ebfa852f3a4db1ecba29b570513a0:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:72", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-04 20:12:21.816 [190625] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-04 20:12:21.816 [190625] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-04 20:12:21.973 [190625] info  client.cpp::syncExclusions Updated exclusions: nebula-1770253941
2026-02-04 20:12:21.973 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1770253941
2026-02-04 20:12:21.973 [190625] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-04 20:12:22.043 [190625] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-04 20:12:22.043 [190625] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-04 21:06:07.316 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-04 21:06:07.404 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-04 21:52:46.195 [190623] info  command_history.cpp::Cleanup Performing command history cleanup
2026-02-04 21:52:49.187 [190625] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.86", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.86", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "392ebfa852f3a4db1ecba29b570513a0:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:72", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-04 21:52:53.201 [190625] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.86", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.86", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "392ebfa852f3a4db1ecba29b570513a0:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:72", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-04 23:00:25.417 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-04 23:00:25.512 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-05 00:55:37.513 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-05 00:55:37.601 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-05 01:01:59.617 [190625] info  on_nebula.cpp::handle Performing threat scan
2026-02-05 01:43:55.204 [190625] info  on_nebula.cpp::handle Scan complete, duration: 2516
2026-02-05 01:43:55.206 [190625] info  schedule_store.cpp::save Saved nebula schedules
2026-02-05 01:43:55.207 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-05 01:43:55.361 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-05 03:37:19.363 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-05 03:37:19.452 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-05 04:55:37.451 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-05 04:55:37.541 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-05 05:56:49.554 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-05 05:56:49.717 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-05 07:55:37.719 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-05 07:55:37.815 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-05 09:10:19.816 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-05 09:10:19.907 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-05 10:19:37.909 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-05 10:19:38.000 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-05 11:30:44.018 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-05 11:30:44.105 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-05 12:58:02.107 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-05 12:58:02.205 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-05 13:38:49.445 [190625] info  client.cpp::registerRefresh nebula client refresh success
2026-02-05 13:38:49.446 [190625] info  plugin_manager.cpp::updateAuthToken sending updated auth token to epa.linux.plugin.edr
2026-02-05 13:38:49.470 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-05 13:38:49.586 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-05 14:53:31.587 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-05 14:53:31.684 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-05 16:53:13.685 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-05 16:53:13.780 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-05 18:32:13.781 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-05 18:32:13.901 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-05 20:32:49.902 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-05 20:32:50.013 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-05 21:33:08.014 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-05 21:33:08.107 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-05 21:52:50.751 [190623] info  command_history.cpp::Cleanup Performing command history cleanup
2026-02-05 21:52:53.646 [190625] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.86", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.86", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "392ebfa852f3a4db1ecba29b570513a0:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:72", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-05 21:52:59.346 [190625] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.86", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.86", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "392ebfa852f3a4db1ecba29b570513a0:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:72", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-05 22:34:20.107 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-05 22:34:20.197 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-06 00:04:20.201 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-06 00:04:20.311 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-06 01:02:00.326 [190625] info  on_nebula.cpp::handle Performing threat scan
2026-02-06 01:59:48.467 [190625] info  on_nebula.cpp::handle Scan complete, duration: 3468
2026-02-06 01:59:48.502 [190625] info  schedule_store.cpp::save Saved nebula schedules
2026-02-06 01:59:48.504 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-06 01:59:48.645 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-06 03:31:37.660 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-06 03:31:37.773 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-06 05:16:01.775 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-06 05:16:01.864 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-06 06:01:00.063 [190625] info  DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-02-06 06:01:00.063 [190625] info  asset_mgmt.cpp::collectData Collecting asset information
2026-02-06 06:01:00.063 [190625] info  asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-02-06 06:01:00.063 [190625] info  asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-06 06:01:00.072 [190625] info  asset_mgmt.cpp::collectMemory Collecting memory information
2026-02-06 06:01:00.072 [190625] info  asset_mgmt.cpp::collectDrives Collecting drive information
2026-02-06 06:01:10.255 [190625] info  asset_mgmt.cpp::collectStartups Collecting startups information
2026-02-06 06:01:11.282 [190625] info  asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-02-06 06:01:19.831 [190625] info  client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 159438446592, \"freespace_total\": 159438446592, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 707287437312, \"freespace_total\": 707287437312, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.86\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 10184220672, \"free_virtual\": 8447586304, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\
2026-02-06 06:01:19.874 [190625] info  schedule_store.cpp::save Saved nebula schedules
2026-02-06 06:01:19.875 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-06 06:01:20.007 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-06 06:08:45.060 [190625] info  client.cpp::sync Command received : event.policy.refresh
2026-02-06 06:08:45.187 [190625] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-06 06:08:45.187 [190625] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-06 06:08:45.200 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-06 06:08:46.214 [190625] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.86", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.86", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "0fb09464a7892627542d77610ef8ee17:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:73", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-06 06:08:46.236 [190625] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-06 06:08:46.236 [190625] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-06 06:08:46.378 [190625] info  client.cpp::syncExclusions Updated exclusions: nebula-1770376126
2026-02-06 06:08:46.378 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1770376126
2026-02-06 06:08:46.378 [190625] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-06 06:08:46.379 [190625] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-06 06:08:46.379 [190625] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-06 07:07:56.009 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-06 07:07:56.107 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-06 08:32:33.120 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-06 08:32:33.249 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-06 10:16:57.252 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-06 10:16:57.344 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-06 11:36:09.346 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-06 11:36:09.457 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-06 12:49:57.459 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-06 12:49:57.574 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-06 14:34:21.576 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-06 14:34:22.330 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-06 15:50:52.331 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-06 15:50:52.424 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-06 17:18:52.322 [190625] info  client.cpp::sync Command received : event.policy.refresh
2026-02-06 17:18:52.454 [190625] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-06 17:18:52.454 [190625] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-06 17:18:52.454 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-06 17:18:53.781 [190625] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.86", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.86", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "d34c5acc620d7d20d80697fcdaf051f3:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:73", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-06 17:18:53.781 [190625] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-06 17:18:53.781 [190625] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-06 17:18:53.887 [190625] info  client.cpp::syncExclusions Updated exclusions: nebula-1770416333
2026-02-06 17:18:53.887 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1770416333
2026-02-06 17:18:53.887 [190625] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-06 17:18:53.888 [190625] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-06 17:18:53.888 [190625] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-06 17:41:34.426 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-06 17:41:34.522 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-06 18:53:34.523 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-06 18:53:34.613 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-06 19:17:36.558 [190625] info  client.cpp::sync Command received : event.policy.refresh
2026-02-06 19:17:36.682 [190625] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-06 19:17:36.682 [190625] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-06 19:17:36.682 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-06 19:17:37.694 [190625] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.86", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.86", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "b9010532f77d06ecbd7733e2f5c80465:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:73", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-06 19:17:37.694 [190625] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-06 19:17:37.694 [190625] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-06 19:17:37.798 [190625] info  client.cpp::syncExclusions Updated exclusions: nebula-1770423457
2026-02-06 19:17:37.798 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1770423457
2026-02-06 19:17:37.798 [190625] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-06 19:17:37.799 [190625] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-06 19:17:37.799 [190625] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-06 20:19:58.615 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-06 20:19:58.708 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-06 21:30:10.709 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-06 21:30:10.823 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-06 21:52:55.263 [190623] info  command_history.cpp::Cleanup Performing command history cleanup
2026-02-06 21:53:00.261 [190625] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.86", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.86", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "b9010532f77d06ecbd7733e2f5c80465:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:73", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-06 21:53:15.317 [190625] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.86", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.86", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "b9010532f77d06ecbd7733e2f5c80465:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:73", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-06 22:40:22.821 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-06 22:40:22.928 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-07 00:08:34.931 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-07 00:08:35.029 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-07 02:04:41.030 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-07 02:04:41.124 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-07 03:55:23.125 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-07 03:55:23.217 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-07 05:24:29.400 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-07 05:24:29.568 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-07 06:00:58.695 [190625] info  DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-02-07 06:00:58.695 [190625] info  asset_mgmt.cpp::collectData Collecting asset information
2026-02-07 06:00:58.695 [190625] info  asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-02-07 06:00:58.695 [190625] info  asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-07 06:00:58.696 [190625] info  asset_mgmt.cpp::collectMemory Collecting memory information
2026-02-07 06:00:58.705 [190625] info  asset_mgmt.cpp::collectDrives Collecting drive information
2026-02-07 06:01:07.879 [190625] info  asset_mgmt.cpp::collectStartups Collecting startups information
2026-02-07 06:01:07.889 [190625] info  asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-02-07 06:01:16.580 [190625] info  client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 140337762304, \"freespace_total\": 140337762304, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 705568083968, \"freespace_total\": 705568083968, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.86\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 10890158080, \"free_virtual\": 8391749632, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\
2026-02-07 06:01:16.618 [190625] info  schedule_store.cpp::save Saved nebula schedules
2026-02-07 06:31:59.570 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-07 06:31:59.680 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-07 07:57:30.700 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-07 07:57:30.801 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-07 09:34:42.802 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-07 09:34:42.904 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-07 10:53:54.905 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-07 10:53:55.016 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-07 12:22:07.018 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-07 12:22:07.129 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-07 13:44:55.131 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-07 13:44:55.226 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-07 15:32:55.228 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-07 15:32:55.341 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-07 16:44:55.343 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-07 16:44:55.439 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-07 17:45:14.452 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-07 17:45:14.540 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-07 17:58:40.302 [190625] info  client.cpp::sync Command received : event.policy.refresh
2026-02-07 17:58:40.591 [190625] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-07 17:58:40.613 [190625] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-07 17:58:40.613 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-07 17:58:40.695 [190625] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.86", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.86", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "6aa835974ed6732e8aeaea5dd69d0fc0:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:73", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-07 17:58:40.696 [190625] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-07 17:58:40.708 [190625] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-07 17:58:40.858 [190625] info  client.cpp::syncExclusions Updated exclusions: nebula-1770505120
2026-02-07 17:58:40.858 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1770505120
2026-02-07 17:58:40.858 [190625] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-07 17:58:41.011 [190625] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-07 17:58:41.012 [190625] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-07 18:56:21.552 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-07 18:56:21.664 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-07 20:20:12.703 [190625] info  client.cpp::sync Command received : event.policy.refresh
2026-02-07 20:20:12.905 [190625] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-07 20:20:12.905 [190625] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-07 20:20:12.905 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-07 20:20:13.920 [190625] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.86", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.86", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "3522ee12b56188b329a495c8bd487486:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:73", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-07 20:20:13.921 [190625] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-07 20:20:13.921 [190625] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-07 20:20:14.042 [190625] info  client.cpp::syncExclusions Updated exclusions: nebula-1770513613
2026-02-07 20:20:14.042 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1770513613
2026-02-07 20:20:14.042 [190625] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-07 20:20:14.043 [190625] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-07 20:20:14.043 [190625] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-07 20:29:57.666 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-07 20:29:57.763 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-07 21:50:57.784 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-07 21:50:57.876 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-07 21:53:00.148 [190623] info  command_history.cpp::Cleanup Performing command history cleanup
2026-02-07 21:53:01.926 [190625] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.86", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.86", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "3522ee12b56188b329a495c8bd487486:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:73", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-07 21:53:09.956 [190625] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.86", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.86", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "3522ee12b56188b329a495c8bd487486:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:73", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-07 23:10:10.068 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-07 23:10:10.159 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-08 00:50:58.161 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-08 00:50:58.268 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-08 01:01:59.333 [190625] info  on_nebula.cpp::handle Performing threat scan
2026-02-08 02:20:45.203 [190625] info  on_nebula.cpp::handle Scan complete, duration: 4726
2026-02-08 02:20:45.412 [190625] info  schedule_store.cpp::save Saved nebula schedules
2026-02-08 02:20:45.414 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-08 02:20:45.507 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-08 03:40:51.509 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-08 03:40:51.617 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-08 05:09:58.633 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-08 05:09:58.733 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-08 06:00:58.881 [190625] info  DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-02-08 06:00:58.881 [190625] info  asset_mgmt.cpp::collectData Collecting asset information
2026-02-08 06:00:58.881 [190625] info  asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-02-08 06:00:58.881 [190625] info  asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-08 06:00:58.882 [190625] info  asset_mgmt.cpp::collectMemory Collecting memory information
2026-02-08 06:00:58.882 [190625] info  asset_mgmt.cpp::collectDrives Collecting drive information
2026-02-08 06:01:08.021 [190625] info  asset_mgmt.cpp::collectStartups Collecting startups information
2026-02-08 06:01:09.034 [190625] info  asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-02-08 06:01:17.450 [190625] info  client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 119967924224, \"freespace_total\": 119967924224, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 703901483008, \"freespace_total\": 703901483008, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.86\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 6612377600, \"free_virtual\": 8400662528, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2026-02-08 06:01:17.523 [190625] info  schedule_store.cpp::save Saved nebula schedules
2026-02-08 06:03:41.534 [190625] info  client.cpp::sync Command received : event.policy.refresh
2026-02-08 06:03:41.665 [190625] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-08 06:03:41.665 [190625] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-08 06:03:41.708 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-08 06:03:42.941 [190625] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.86", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.86", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "ee971e88b90e818df835180e77f9c7d0:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:73", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-08 06:03:42.941 [190625] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-08 06:03:42.941 [190625] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-08 06:03:43.130 [190625] info  client.cpp::syncExclusions Updated exclusions: nebula-1770548622
2026-02-08 06:03:43.130 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1770548622
2026-02-08 06:03:43.130 [190625] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-08 06:03:43.131 [190625] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-08 06:03:43.131 [190625] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-08 06:47:11.745 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-08 06:47:11.836 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-08 08:41:29.837 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-08 08:41:29.946 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-08 10:15:05.947 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-08 10:15:06.067 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-08 11:59:30.070 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-08 11:59:30.171 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-08 13:15:06.172 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-08 13:15:06.268 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-08 14:16:18.270 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-08 14:16:18.365 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-08 16:09:42.366 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-08 16:09:42.457 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-08 17:57:42.459 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-08 17:57:42.568 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-08 18:17:26.878 [190625] info  client.cpp::sync Command received : event.policy.refresh
2026-02-08 18:17:27.008 [190625] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-08 18:17:27.008 [190625] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-08 18:17:27.008 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-08 18:17:29.632 [190625] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.86", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.86", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "1dfc588ecd489322c846f03db2a59489:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:73", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-08 18:17:29.632 [190625] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-08 18:17:29.632 [190625] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-08 18:17:29.853 [190625] info  client.cpp::syncExclusions Updated exclusions: nebula-1770592649
2026-02-08 18:17:29.853 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1770592649
2026-02-08 18:17:29.853 [190625] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-08 18:17:29.854 [190625] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-08 18:17:29.854 [190625] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-08 19:43:00.569 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-08 19:43:00.778 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-08 20:28:09.436 [190625] info  client.cpp::sync Command received : event.policy.refresh
2026-02-08 20:28:09.591 [190625] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-08 20:28:09.591 [190625] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-08 20:28:09.591 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-08 20:28:10.606 [190625] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.86", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.86", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "b86a5506962050c983ac751329297025:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:73", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-08 20:28:10.606 [190625] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-08 20:28:10.606 [190625] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-08 20:28:10.787 [190625] info  client.cpp::syncExclusions Updated exclusions: nebula-1770600490
2026-02-08 20:28:10.787 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1770600490
2026-02-08 20:28:10.787 [190625] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-08 20:28:10.788 [190625] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-08 20:28:10.788 [190625] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-08 20:59:30.779 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-08 20:59:30.912 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-08 21:53:04.390 [190623] info  command_history.cpp::Cleanup Performing command history cleanup
2026-02-08 21:53:08.228 [190625] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.86", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.86", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "b86a5506962050c983ac751329297025:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:73", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-08 21:53:12.241 [190625] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.86", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.86", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "b86a5506962050c983ac751329297025:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:73", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-08 22:52:00.914 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-08 22:52:01.015 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-09 00:26:31.017 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-09 00:26:31.125 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-09 02:01:55.125 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-09 02:01:55.217 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-09 02:22:33.160 [190625] info  client.cpp::sync Command received : event.policy.refresh
2026-02-09 02:22:33.292 [190625] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-09 02:22:33.292 [190625] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-09 02:22:33.292 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-09 02:22:33.303 [190625] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.86", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.86", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "03d35b6b1807ad3785400416a9af8b3c:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:73", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-09 02:22:33.304 [190625] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-09 02:22:33.304 [190625] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-09 02:22:33.445 [190625] info  client.cpp::syncExclusions Updated exclusions: nebula-1770621753
2026-02-09 02:22:33.445 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1770621753
2026-02-09 02:22:33.446 [190625] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-09 02:22:33.447 [190625] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-09 02:22:33.447 [190625] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-09 03:54:25.220 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-09 03:54:25.309 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-09 04:22:32.358 [190625] info  client.cpp::sync Command received : event.policy.refresh
2026-02-09 04:22:32.467 [190625] warn  client.cpp::syncPolicy NetworkError at /src/nebula/client.cpp:1080 ()
2026-02-09 04:22:33.478 [190625] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-09 04:22:33.478 [190625] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-09 04:22:33.584 [190625] info  client.cpp::syncExclusions Updated exclusions: nebula-1770628953
2026-02-09 04:22:33.584 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1770628953
2026-02-09 04:22:33.584 [190625] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-09 04:22:33.584 [190625] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-09 04:22:33.585 [190625] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-09 05:06:26.330 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-09 05:06:26.525 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-09 06:57:08.526 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-09 06:57:08.617 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-09 08:15:26.618 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-09 08:15:26.707 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-09 09:17:32.708 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-09 09:17:32.818 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-09 11:01:02.820 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-09 11:01:02.920 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-09 12:15:44.922 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-09 12:15:45.038 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-09 14:02:51.039 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-09 14:02:51.128 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-09 15:49:57.130 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-09 15:49:57.221 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-09 17:12:45.222 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-09 17:12:45.310 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-09 19:07:57.311 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-09 19:07:57.443 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-09 20:49:39.446 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-09 20:49:39.533 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-09 21:53:08.906 [190623] info  command_history.cpp::Cleanup Performing command history cleanup
2026-02-09 21:53:11.059 [190625] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.86", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.86", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "03d35b6b1807ad3785400416a9af8b3c:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:73", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-09 21:53:15.093 [190625] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.86", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.86", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "03d35b6b1807ad3785400416a9af8b3c:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:73", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-09 22:13:21.534 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-09 22:13:21.645 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-09 23:55:57.648 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-09 23:55:57.760 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-10 01:01:58.026 [190625] info  on_nebula.cpp::handle Performing threat scan
2026-02-10 01:32:04.561 [190625] info  on_nebula.cpp::handle Scan complete, duration: 1806
2026-02-10 01:32:04.569 [190625] info  schedule_store.cpp::save Saved nebula schedules
2026-02-10 01:32:04.571 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-10 01:32:04.741 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-10 02:03:00.184 [190625] info  client.cpp::callSync []
2026-02-10 02:03:00.335 [190625] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-10 02:03:00.335 [190625] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-10 02:03:01.345 [190625] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.86", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.86", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "cf7f7d072cc96f16b4333d2b9db5486e:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:73", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-10 02:03:01.488 [190625] info  client.cpp::syncExclusions Updated exclusions: 52e4303a79db5d74d8a269364f513578
2026-02-10 02:03:01.488 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-10 02:03:01.489 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: 52e4303a79db5d74d8a269364f513578
2026-02-10 02:03:01.489 [190625] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-10 02:03:01.490 [190625] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-10 02:03:01.490 [190625] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-10 02:03:01.492 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-10 02:03:01.588 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-10 03:55:31.590 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-10 03:55:31.722 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-10 05:13:49.920 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-10 05:13:50.012 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-10 06:00:58.136 [190625] info  DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-02-10 06:00:58.136 [190625] info  asset_mgmt.cpp::collectData Collecting asset information
2026-02-10 06:00:58.137 [190625] info  asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-02-10 06:00:58.137 [190625] info  asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-10 06:00:58.138 [190625] info  asset_mgmt.cpp::collectMemory Collecting memory information
2026-02-10 06:00:58.138 [190625] info  asset_mgmt.cpp::collectDrives Collecting drive information
2026-02-10 06:01:09.297 [190625] info  asset_mgmt.cpp::collectStartups Collecting startups information
2026-02-10 06:01:10.309 [190625] info  asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-02-10 06:01:19.676 [190625] info  client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 87460810752, \"freespace_total\": 87460810752, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 700369756160, \"freespace_total\": 700369756160, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.86\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 4784066560, \"free_virtual\": 8444121088, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\": 
2026-02-10 06:01:19.755 [190625] info  schedule_store.cpp::save Saved nebula schedules
2026-02-10 06:47:27.033 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-10 06:47:27.132 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-10 07:53:09.134 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-10 07:53:09.246 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-10 09:26:45.452 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-10 09:26:45.543 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-10 11:21:58.559 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-10 11:21:58.650 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-10 12:24:04.651 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-10 12:24:04.748 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-10 13:42:23.760 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-10 13:42:23.850 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-10 15:28:35.852 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-10 15:28:35.964 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-10 16:50:13.101 [190625] info  client.cpp::sync Command received : event.policy.refresh
2026-02-10 16:50:13.230 [190625] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-10 16:50:13.230 [190625] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-10 16:50:13.240 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-10 16:50:14.252 [190625] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.86", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.86", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "7f51c48b3440c58315b4b52f3a37f2aa:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:73", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-10 16:50:14.253 [190625] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-10 16:50:14.253 [190625] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-10 16:50:14.396 [190625] info  client.cpp::syncExclusions Updated exclusions: nebula-1770760214
2026-02-10 16:50:14.396 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1770760214
2026-02-10 16:50:14.396 [190625] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-10 16:50:14.397 [190625] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-10 16:50:14.407 [190625] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-10 16:53:11.967 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-10 16:53:12.071 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-10 17:58:54.071 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-10 17:58:54.183 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-10 19:15:24.185 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-10 19:15:24.295 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-10 20:30:06.297 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-10 20:30:06.394 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-10 21:53:13.874 [190623] info  command_history.cpp::Cleanup Performing command history cleanup
2026-02-10 22:26:13.411 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-10 22:26:13.525 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-10 23:45:25.526 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-10 23:45:25.624 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-11 01:01:59.645 [190625] info  on_nebula.cpp::handle Performing threat scan
2026-02-11 01:39:14.688 [190625] info  on_nebula.cpp::handle Scan complete, duration: 2235
2026-02-11 01:39:14.690 [190625] info  schedule_store.cpp::save Saved nebula schedules
2026-02-11 01:39:14.691 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-11 01:39:14.841 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-11 02:46:44.842 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-11 02:46:44.964 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-11 04:11:20.965 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-11 04:11:21.063 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-11 05:13:27.455 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-11 05:13:27.543 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-11 06:00:59.718 [190625] info  DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-02-11 06:00:59.718 [190625] info  asset_mgmt.cpp::collectData Collecting asset information
2026-02-11 06:00:59.719 [190625] info  asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-02-11 06:00:59.719 [190625] info  asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-11 06:00:59.721 [190625] info  asset_mgmt.cpp::collectMemory Collecting memory information
2026-02-11 06:00:59.721 [190625] info  asset_mgmt.cpp::collectDrives Collecting drive information
2026-02-11 06:01:11.028 [190625] info  asset_mgmt.cpp::collectStartups Collecting startups information
2026-02-11 06:01:12.051 [190625] info  asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-02-11 06:01:20.569 [190625] info  client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 66713321472, \"freespace_total\": 66713321472, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 698703097856, \"freespace_total\": 698703097856, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.86\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 536039424, \"free_virtual\": 8416915456, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\": [
2026-02-11 06:01:20.784 [190625] info  schedule_store.cpp::save Saved nebula schedules
2026-02-11 06:01:20.786 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-11 06:01:20.879 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-11 07:24:08.880 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-11 07:24:08.970 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-11 08:24:22.148 [190625] info  client.cpp::sync Command received : event.policy.refresh
2026-02-11 08:24:22.302 [190625] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-11 08:24:22.302 [190625] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-11 08:24:22.302 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-11 08:24:23.315 [190625] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.86", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.86", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "7df6e1b863638e662b591c08305af96a:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:73", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-11 08:24:23.315 [190625] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-11 08:24:23.315 [190625] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-11 08:24:23.452 [190625] info  client.cpp::syncExclusions Updated exclusions: nebula-1770816263
2026-02-11 08:24:23.452 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1770816263
2026-02-11 08:24:23.452 [190625] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-11 08:24:23.465 [190625] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-11 08:24:23.465 [190625] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-11 09:09:26.971 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-11 09:09:27.091 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-11 10:15:09.293 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-11 10:15:09.433 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-11 10:45:10.932 [190625] info  client.cpp::sync Command received : event.policy.refresh
2026-02-11 10:45:11.177 [190625] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-11 10:45:11.177 [190625] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-11 10:45:11.177 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-11 10:45:12.190 [190625] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.86", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.86", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "4368fa9b5d194bfec3201bc9bbc251eb:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:73", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-11 10:45:12.191 [190625] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-11 10:45:12.191 [190625] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-11 10:45:12.292 [190625] info  client.cpp::syncExclusions Updated exclusions: nebula-1770824712
2026-02-11 10:45:12.292 [190625] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1770824712
2026-02-11 10:45:12.292 [190625] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-11 10:45:12.293 [190625] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-11 10:45:12.321 [190625] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-11 11:34:21.436 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-11 11:34:21.565 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-11 12:46:21.567 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-11 12:46:21.659 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-11 14:19:03.661 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-11 14:19:03.759 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-11 15:35:33.761 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-11 15:35:33.851 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-11 17:26:15.853 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-11 17:26:15.943 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-11 19:07:57.943 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-11 19:07:58.034 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-11 20:24:28.035 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-11 20:24:28.487 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-11 21:50:51.842 [190625] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-11 21:50:51.958 [190625] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-11 21:51:44.915 [190622] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-02-11 21:51:49.974 [190625] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.86", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.86", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "4368fa9b5d194bfec3201bc9bbc251eb:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:73", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-11 21:51:50.751 [190626] info  communicator.cpp::processor processing exited
2026-02-11 21:52:04.809 [190596] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-02-11 21:52:05.809 [190596] info  mbdaemon.cpp::main Exiting Main - 0
2026-02-11 21:52:06.065 [165055] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.88  **************
2026-02-11 21:52:06.065 [165055] info  apilevel.cpp::migrateToCurrentLevel Migrating data to API level 5...
2026-02-11 21:52:06.066 [165055] info  apilevel.cpp::migrateToCurrentLevel Migration complete
2026-02-11 21:52:06.066 [165055] info  mbdaemon.cpp::main logLevel is info
2026-02-11 21:52:06.066 [165055] info  mbdaemon.cpp::main syslogLevel is warn
2026-02-11 21:52:06.066 [165055] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-02-11 21:52:06.066 [165055] info  sirius.cpp::initialize Setting Sirius channel: release
2026-02-11 21:52:06.339 [165055] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-02-11 21:52:06.387 [165055] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-02-11 21:52:06.589 [165055] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-02-11 21:52:06.590 [165086] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-02-11 21:52:06.590 [165090] info  communicator.cpp::processor processing starting
2026-02-11 21:52:09.916 [165089] info  client.cpp::initialize Upgrade detected from mblinux/1.1.86 to mblinux/1.1.88
2026-02-11 21:52:09.969 [165089] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-11 21:52:09.969 [165089] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-11 21:52:09.969 [165089] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-02-11 21:52:09.969 [165089] info  sirius.cpp::downloadUpdates checking for new updates
2026-02-11 21:52:10.145 [165089] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-02-11 21:52:10.261 [165089] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-02-11 21:52:10.261 [165089] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-02-11 21:52:10.279 [165089] info  schedule_store.cpp::load Loaded nebula schedules
2026-02-11 21:52:10.414 [165089] info  client.cpp::callSync []
2026-02-11 21:52:10.684 [165087] info  sirius.cpp::downloadUpdates checking for new updates
2026-02-11 21:52:10.832 [165087] info  sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-02-11 21:52:10.832 [165087] info  sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-02-11 21:52:11.540 [165087] info  sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-02-11 21:52:11.698 [165089] info  client.cpp::checkAgentAndAssetInfo Sending asset info for new version
2026-02-11 21:52:11.959 [165089] info  asset_mgmt.cpp::collectData Collecting asset information
2026-02-11 21:52:11.959 [165089] info  asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-02-11 21:52:11.959 [165089] info  asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-11 21:52:11.960 [165089] info  asset_mgmt.cpp::collectMemory Collecting memory information
2026-02-11 21:52:12.216 [165089] info  asset_mgmt.cpp::collectDrives Collecting drive information
2026-02-11 21:52:12.371 [165087] info  sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.107187

2026-02-11 21:52:14.130 [165087] info  sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.107187
2026-02-11 21:52:14.130 [165087] info  sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.107187
2026-02-11 21:52:15.201 [165087] info  IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-02-11 21:52:15.384 [165087] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-02-11 21:52:23.974 [165089] info  asset_mgmt.cpp::collectStartups Collecting startups information
2026-02-11 21:52:25.142 [165089] info  asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-02-11 21:52:34.550 [165089] info  client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 52236894208, \"freespace_total\": 52236894208, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 697565839360, \"freespace_total\": 697565839360, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 2113511424, \"free_virtual\": 8417439744, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\": 
2026-02-11 21:52:34.673 [165089] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "4368fa9b5d194bfec3201bc9bbc251eb:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:73", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-11 21:52:34.986 [165089] info  client.cpp::syncExclusions Updated exclusions: 44a5efe10576ce81d9ccc81d869a0d96
2026-02-11 21:52:34.997 [165089] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-02-11 21:52:34.997 [165089] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-11 21:52:35.128 [165089] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-11 21:52:39.272 [165089] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "4368fa9b5d194bfec3201bc9bbc251eb:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:73", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-11 21:52:39.272 [165089] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: 44a5efe10576ce81d9ccc81d869a0d96
2026-02-11 21:52:39.272 [165089] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-11 21:52:39.273 [165089] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-11 21:52:39.277 [165089] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-11 23:09:59.778 [165089] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-11 23:09:59.892 [165089] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-12 00:52:35.893 [165089] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-12 00:52:35.987 [165089] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-12 01:01:59.226 [165089] info  on_nebula.cpp::handle Performing threat scan
2026-02-12 01:40:50.380 [165089] info  on_nebula.cpp::handle Scan complete, duration: 2331
2026-02-12 01:40:50.433 [165089] info  schedule_store.cpp::save Saved nebula schedules
2026-02-12 01:40:50.434 [165089] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-12 01:40:50.550 [165089] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-12 02:23:25.629 [165089] info  client.cpp::sync Command received : event.policy.refresh
2026-02-12 02:23:25.737 [165089] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-12 02:23:25.737 [165089] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-12 02:23:25.737 [165089] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-12 02:23:25.753 [165089] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "37ac43bf68bd5d65f9fc22ab2b43da5c:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:73", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-12 02:23:25.753 [165089] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-12 02:23:25.753 [165089] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-12 02:23:25.897 [165089] info  client.cpp::syncExclusions Updated exclusions: nebula-1770881005
2026-02-12 02:23:25.897 [165089] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1770881005
2026-02-12 02:23:25.897 [165089] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-12 02:23:25.898 [165089] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-12 02:23:25.898 [165089] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-12 03:01:57.023 [165086] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-02-12 03:01:57.718 [165090] info  communicator.cpp::processor processing exited
2026-02-12 03:02:14.001 [165055] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-02-12 03:02:15.002 [165055] info  mbdaemon.cpp::main Exiting Main - 0
2026-02-12 03:08:53.580 [1063] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.88  **************
2026-02-12 03:08:53.599 [1063] info  mbdaemon.cpp::main logLevel is info
2026-02-12 03:08:53.599 [1063] info  mbdaemon.cpp::main syslogLevel is warn
2026-02-12 03:08:53.599 [1063] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-02-12 03:08:53.599 [1063] info  sirius.cpp::initialize Setting Sirius channel: release
2026-02-12 03:08:54.041 [1063] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-02-12 03:08:54.122 [1063] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-02-12 03:08:54.529 [1063] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-02-12 03:08:54.530 [1434] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-02-12 03:08:54.530 [1438] info  communicator.cpp::processor processing starting
2026-02-12 03:08:57.563 [1437] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-12 03:08:57.563 [1437] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-12 03:08:57.563 [1437] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-02-12 03:08:57.563 [1437] info  sirius.cpp::downloadUpdates checking for new updates
2026-02-12 03:08:58.875 [1437] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-02-12 03:08:58.876 [1437] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-02-12 03:08:58.876 [1437] info  plugin_manager.cpp::ensureInstalled NotFound at /src/nebula/plugin_manager.cpp:132 ()
2026-02-12 03:08:58.881 [1437] info  schedule_store.cpp::load Loaded nebula schedules
2026-02-12 03:08:59.103 [1437] info  client.cpp::callSync []
2026-02-12 03:08:59.106 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "37ac43bf68bd5d65f9fc22ab2b43da5c:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:73", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-12 03:08:59.349 [1437] info  client.cpp::syncExclusions Updated exclusions: 5e5ee06ed5c40694b4e43207d18d52bd
2026-02-12 03:08:59.356 [1437] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-02-12 03:08:59.381 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-12 03:08:59.479 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-12 03:08:59.532 [1435] info  sirius.cpp::downloadUpdates checking for new updates
2026-02-12 03:08:59.707 [1435] info  sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-02-12 03:08:59.707 [1435] info  sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-02-12 03:09:00.220 [1435] info  sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-02-12 03:09:00.337 [1435] info  sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.107195

2026-02-12 03:09:01.244 [1435] info  sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.107195
2026-02-12 03:09:01.267 [1435] info  sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.107195
2026-02-12 03:09:01.338 [1435] info  IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-02-12 03:09:01.473 [1435] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-02-12 03:09:02.484 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "37ac43bf68bd5d65f9fc22ab2b43da5c:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:73", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-12 03:09:02.485 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: 5e5ee06ed5c40694b4e43207d18d52bd
2026-02-12 03:09:02.485 [1437] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-12 03:09:02.485 [1437] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-12 03:09:02.486 [1437] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-12 04:09:17.320 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-12 04:09:17.411 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-12 05:17:42.421 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-12 05:17:42.520 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-12 06:00:58.531 [1437] info  DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-02-12 06:00:58.531 [1437] info  asset_mgmt.cpp::collectData Collecting asset information
2026-02-12 06:00:58.531 [1437] info  asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-02-12 06:00:58.531 [1437] info  asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-12 06:00:58.532 [1437] info  asset_mgmt.cpp::collectMemory Collecting memory information
2026-02-12 06:00:58.533 [1437] info  asset_mgmt.cpp::collectDrives Collecting drive information
2026-02-12 06:01:09.605 [1437] info  asset_mgmt.cpp::collectStartups Collecting startups information
2026-02-12 06:01:10.613 [1437] info  asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-02-12 06:01:18.133 [1437] info  client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 49066045440, \"freespace_total\": 49066045440, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 697147916288, \"freespace_total\": 697147916288, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 4454019072, \"free_virtual\": 8588873728, \"total_physical\": 65940361216, \"total_virtual\": 8589930496}, \"nics\": 
2026-02-12 06:01:18.169 [1437] info  schedule_store.cpp::save Saved nebula schedules
2026-02-12 06:56:42.522 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-12 06:56:42.639 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-12 08:16:49.648 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-12 08:16:49.760 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-12 10:13:49.760 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-12 10:13:49.858 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-12 11:30:19.859 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-12 11:30:19.948 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-12 12:54:55.949 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-12 12:54:56.070 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-12 14:37:33.078 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-12 14:37:33.191 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-12 15:55:52.189 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-12 15:55:52.302 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-12 17:06:04.304 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-12 17:06:04.415 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-12 18:28:52.419 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-12 18:28:52.509 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-12 20:23:10.510 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-12 20:23:10.598 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-12 22:14:46.598 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-12 22:14:46.704 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-12 22:20:25.599 [1437] info  client.cpp::sync Command received : event.policy.refresh
2026-02-12 22:20:25.832 [1437] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-12 22:20:25.832 [1437] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-12 22:20:25.832 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-12 22:20:26.837 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "cadfb60281a801727b0529bdc2f5ef2b:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:73", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-12 22:20:26.839 [1437] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-12 22:20:26.839 [1437] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-12 22:20:26.994 [1437] info  client.cpp::syncExclusions Updated exclusions: nebula-1770952826
2026-02-12 22:20:26.994 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1770952826
2026-02-12 22:20:26.994 [1437] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-12 22:20:26.995 [1437] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-12 22:20:26.995 [1437] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-12 23:58:16.706 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-12 23:58:16.793 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-13 01:02:00.935 [1437] info  on_nebula.cpp::handle Performing threat scan
2026-02-13 01:24:29.074 [1437] info  on_nebula.cpp::handle Scan complete, duration: 1349
2026-02-13 01:24:29.075 [1437] info  schedule_store.cpp::save Saved nebula schedules
2026-02-13 01:24:29.076 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-13 01:24:29.207 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-13 02:41:16.258 [1437] info  client.cpp::sync Command received : event.policy.refresh
2026-02-13 02:41:16.389 [1437] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-13 02:41:16.390 [1437] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-13 02:41:16.390 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-13 02:41:17.575 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "66632bcd16d6e5edcde4f3570907a0ed:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:73", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-13 02:41:17.575 [1437] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-13 02:41:17.575 [1437] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-13 02:41:17.713 [1437] info  client.cpp::syncExclusions Updated exclusions: nebula-1770968477
2026-02-13 02:41:17.713 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1770968477
2026-02-13 02:41:17.713 [1437] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-13 02:41:17.714 [1437] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-13 02:41:17.714 [1437] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-13 03:09:05.815 [1435] info  sirius.cpp::downloadUpdates checking for new updates
2026-02-13 03:09:06.557 [1435] info  sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-02-13 03:09:06.557 [1435] info  sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-02-13 03:09:06.863 [1435] info  sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-02-13 03:09:07.378 [1435] info  sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.107229

2026-02-13 03:09:08.565 [1435] info  sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.107229
2026-02-13 03:09:08.565 [1435] info  sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.107229
2026-02-13 03:09:08.851 [1435] info  IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-02-13 03:09:09.137 [1435] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-02-13 03:09:09.142 [1435] info  command_history.cpp::Cleanup Performing command history cleanup
2026-02-13 03:09:09.400 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "66632bcd16d6e5edcde4f3570907a0ed:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:73", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-13 03:09:17.422 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "66632bcd16d6e5edcde4f3570907a0ed:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:73", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-13 03:19:42.218 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-13 03:19:42.312 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-13 05:07:42.312 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-13 05:07:42.400 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-13 06:01:00.432 [1437] info  DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-02-13 06:01:00.432 [1437] info  asset_mgmt.cpp::collectData Collecting asset information
2026-02-13 06:01:00.432 [1437] info  asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-02-13 06:01:00.432 [1437] info  asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-13 06:01:00.433 [1437] info  asset_mgmt.cpp::collectMemory Collecting memory information
2026-02-13 06:01:00.433 [1437] info  asset_mgmt.cpp::collectDrives Collecting drive information
2026-02-13 06:01:07.524 [1437] info  asset_mgmt.cpp::collectStartups Collecting startups information
2026-02-13 06:01:07.531 [1437] info  asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-02-13 06:01:15.956 [1437] info  client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 41520713728, \"freespace_total\": 41520713728, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 696039514112, \"freespace_total\": 696039514112, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 5527810048, \"free_virtual\": 8582844416, \"total_physical\": 65940361216, \"total_virtual\": 8589930496}, \"nics\": 
2026-02-13 06:01:15.989 [1437] info  schedule_store.cpp::save Saved nebula schedules
2026-02-13 06:15:12.401 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-13 06:15:12.510 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-13 07:32:36.513 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-13 07:32:36.602 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-13 08:49:06.604 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-13 08:49:06.713 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-13 10:26:19.723 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-13 10:26:19.815 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-13 11:40:07.817 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-13 11:40:07.904 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-13 13:28:07.906 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-13 13:28:07.996 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-13 14:57:13.995 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-13 14:57:14.107 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-13 16:07:26.108 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-13 16:07:26.218 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-13 18:02:38.221 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-13 18:02:38.311 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-13 19:57:50.310 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-13 19:57:50.400 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-13 21:31:26.402 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-13 21:31:26.503 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-13 23:31:09.518 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-13 23:31:09.634 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-14 00:45:51.637 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-14 00:45:51.729 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-14 01:02:00.893 [1437] info  on_nebula.cpp::handle Performing threat scan
2026-02-14 01:41:48.738 [1437] info  on_nebula.cpp::handle Scan complete, duration: 2388
2026-02-14 01:41:48.740 [1437] info  schedule_store.cpp::save Saved nebula schedules
2026-02-14 01:41:48.741 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-14 01:41:48.872 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-14 03:05:30.875 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-14 03:05:30.971 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-14 03:09:13.179 [1435] info  sirius.cpp::downloadUpdates checking for new updates
2026-02-14 03:09:13.452 [1435] info  sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-02-14 03:09:13.452 [1435] info  sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-02-14 03:09:13.703 [1435] info  sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-02-14 03:09:14.419 [1435] info  sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.107271

2026-02-14 03:09:15.180 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "66632bcd16d6e5edcde4f3570907a0ed:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:73", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-14 03:09:15.988 [1435] info  sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.107271
2026-02-14 03:09:16.055 [1435] info  sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.107271
2026-02-14 03:09:16.156 [1435] info  IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-02-14 03:09:16.297 [1435] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-02-14 03:09:16.298 [1435] info  command_history.cpp::Cleanup Performing command history cleanup
2026-02-14 03:10:24.049 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "66632bcd16d6e5edcde4f3570907a0ed:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:73", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-14 04:57:06.974 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-14 04:57:07.088 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-14 06:00:59.273 [1437] info  DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-02-14 06:00:59.273 [1437] info  asset_mgmt.cpp::collectData Collecting asset information
2026-02-14 06:00:59.273 [1437] info  asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-02-14 06:00:59.273 [1437] info  asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-14 06:00:59.274 [1437] info  asset_mgmt.cpp::collectMemory Collecting memory information
2026-02-14 06:00:59.274 [1437] info  asset_mgmt.cpp::collectDrives Collecting drive information
2026-02-14 06:01:08.405 [1437] info  asset_mgmt.cpp::collectStartups Collecting startups information
2026-02-14 06:01:08.415 [1437] info  asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-02-14 06:01:16.895 [1437] info  client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 32221753344, \"freespace_total\": 32221753344, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 694813921280, \"freespace_total\": 694813921280, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 6808907776, \"free_virtual\": 8345305088, \"total_physical\": 65940361216, \"total_virtual\": 8589930496}, \"nics\": 
2026-02-14 06:01:16.929 [1437] info  schedule_store.cpp::save Saved nebula schedules
2026-02-14 06:01:16.930 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-14 06:01:17.048 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-14 07:01:35.224 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-14 07:01:35.316 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-14 08:40:36.330 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-14 08:40:36.418 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-14 09:51:42.419 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-14 09:51:42.514 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-14 11:16:18.515 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-14 11:16:18.625 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-14 12:59:48.626 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-14 12:59:48.715 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-14 14:05:31.729 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-14 14:05:31.817 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-14 15:53:31.819 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-14 15:53:31.928 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-14 16:59:13.931 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-14 16:59:14.042 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-14 18:10:20.044 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-14 18:10:20.150 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-14 18:47:47.325 [1437] info  client.cpp::sync Command received : event.policy.refresh
2026-02-14 18:47:47.584 [1437] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-14 18:47:47.584 [1437] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-14 18:47:47.585 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-14 18:47:48.595 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "802e51eae20d96428ad82ac34efc4f2a:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:74", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-14 18:47:48.595 [1437] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-14 18:47:48.595 [1437] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-14 18:47:48.765 [1437] info  client.cpp::syncExclusions Updated exclusions: nebula-1771112868
2026-02-14 18:47:48.765 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1771112868
2026-02-14 18:47:48.765 [1437] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-14 18:47:48.766 [1437] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-14 18:47:48.767 [1437] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-14 19:26:50.151 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-14 19:26:50.268 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-14 21:05:50.269 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-14 21:05:50.379 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-14 22:21:26.381 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-14 22:21:26.473 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-14 22:52:03.299 [1437] info  client.cpp::sync Command received : event.policy.refresh
2026-02-14 22:52:03.433 [1437] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-14 22:52:03.433 [1437] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-14 22:52:03.433 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-14 22:52:04.444 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "a49f6277fe6dea943b66a9b94df3de46:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:74", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-14 22:52:04.444 [1437] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-14 22:52:04.444 [1437] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-14 22:52:04.594 [1437] info  client.cpp::syncExclusions Updated exclusions: nebula-1771127524
2026-02-14 22:52:04.594 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1771127524
2026-02-14 22:52:04.594 [1437] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-14 22:52:04.595 [1437] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-14 22:52:04.596 [1437] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-15 00:15:44.669 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-15 00:15:44.792 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-15 01:01:58.887 [1437] info  on_nebula.cpp::handle Performing threat scan
2026-02-15 01:54:03.659 [1437] info  on_nebula.cpp::handle Scan complete, duration: 3125
2026-02-15 01:54:03.660 [1437] info  schedule_store.cpp::save Saved nebula schedules
2026-02-15 01:54:03.662 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-15 01:54:03.800 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-15 03:09:20.795 [1435] info  sirius.cpp::downloadUpdates checking for new updates
2026-02-15 03:09:21.469 [1435] info  sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-02-15 03:09:21.469 [1435] info  sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-02-15 03:09:21.891 [1435] info  sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-02-15 03:09:22.284 [1435] info  sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.107301

2026-02-15 03:09:22.925 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "a49f6277fe6dea943b66a9b94df3de46:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:74", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-15 03:09:23.373 [1435] info  sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.107301
2026-02-15 03:09:23.373 [1435] info  sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.107301
2026-02-15 03:09:23.913 [1435] info  IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-02-15 03:09:24.349 [1435] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-02-15 03:09:24.350 [1435] info  command_history.cpp::Cleanup Performing command history cleanup
2026-02-15 03:09:30.952 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "a49f6277fe6dea943b66a9b94df3de46:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:74", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-15 03:34:52.812 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-15 03:34:52.904 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-15 04:36:58.905 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-15 04:36:59.001 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-15 06:10:35.001 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-15 06:10:35.090 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-15 07:12:42.106 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-15 07:12:42.216 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-15 08:49:00.217 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-15 08:49:00.305 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-15 10:46:01.319 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-15 10:46:01.426 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-15 12:29:31.618 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-15 12:29:31.706 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-15 14:25:37.707 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-15 14:25:37.819 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-15 15:52:02.830 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-15 15:52:02.928 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-15 16:02:20.155 [1437] info  client.cpp::callSync []
2026-02-15 16:02:21.267 [1437] info  client.cpp::syncExclusions Updated exclusions: f37c49c09583e58a5f963c4d538bacf1
2026-02-15 16:02:21.267 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: f37c49c09583e58a5f963c4d538bacf1
2026-02-15 16:02:21.267 [1437] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-15 16:02:21.269 [1437] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-15 16:02:21.269 [1437] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-15 16:02:21.271 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-15 16:02:21.361 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-15 17:05:21.363 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-15 17:05:21.453 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-15 18:21:51.455 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-15 18:21:51.569 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-15 20:07:09.572 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-15 20:07:09.690 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-15 21:43:27.691 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-15 21:43:27.779 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-15 23:42:15.795 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-15 23:42:15.883 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-15 23:47:21.113 [1437] info  client.cpp::callSync []
2026-02-15 23:47:22.265 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-15 23:47:22.360 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-16 01:01:59.550 [1437] info  on_nebula.cpp::handle Performing threat scan
2026-02-16 01:42:11.582 [1437] info  on_nebula.cpp::handle Scan complete, duration: 2412
2026-02-16 01:42:11.658 [1437] info  schedule_store.cpp::save Saved nebula schedules
2026-02-16 01:42:11.659 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-16 01:42:11.750 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-16 02:17:32.285 [1437] info  client.cpp::sync Command received : event.policy.refresh
2026-02-16 02:17:32.513 [1437] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-16 02:17:32.513 [1437] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-16 02:17:32.513 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-16 02:17:32.526 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "1dcf667fbddbfea94014d6648abf0000:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:74", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-16 02:17:32.527 [1437] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-16 02:17:32.527 [1437] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-16 02:17:32.648 [1437] info  client.cpp::syncExclusions Updated exclusions: nebula-1771226252
2026-02-16 02:17:32.648 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1771226252
2026-02-16 02:17:32.648 [1437] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-16 02:17:32.649 [1437] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-16 02:17:32.651 [1437] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-16 03:09:29.282 [1435] info  sirius.cpp::downloadUpdates checking for new updates
2026-02-16 03:09:30.292 [1435] info  sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-02-16 03:09:30.292 [1435] info  sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-02-16 03:09:31.018 [1435] info  sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-02-16 03:09:31.320 [1435] info  sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.107337

2026-02-16 03:09:32.649 [1435] info  sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.107337
2026-02-16 03:09:32.649 [1435] info  sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.107337
2026-02-16 03:09:33.255 [1435] info  IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-02-16 03:09:33.452 [1435] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-02-16 03:09:33.452 [1435] info  command_history.cpp::Cleanup Performing command history cleanup
2026-02-16 03:09:33.762 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "1dcf667fbddbfea94014d6648abf0000:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:74", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-16 03:09:41.789 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "1dcf667fbddbfea94014d6648abf0000:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:74", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-16 03:15:47.945 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-16 03:15:48.054 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-16 05:00:12.056 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-16 05:00:12.145 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-16 06:46:25.157 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-16 06:46:25.246 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-16 07:48:32.262 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-16 07:48:32.350 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-16 09:18:33.364 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-16 09:18:33.454 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-16 10:35:04.468 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-16 10:35:04.563 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-16 12:23:05.574 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-16 12:23:05.686 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-16 13:55:47.687 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-16 13:55:47.778 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-16 15:28:29.780 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-16 15:28:29.890 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-16 16:20:42.841 [1437] info  client.cpp::sync Command received : event.policy.refresh
2026-02-16 16:20:42.979 [1437] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-16 16:20:42.979 [1437] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-16 16:20:42.980 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-16 16:20:43.281 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "108b397d179f706c58d6406380ccd15d:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:74", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-16 16:20:43.282 [1437] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-16 16:20:43.282 [1437] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-16 16:20:43.467 [1437] info  client.cpp::syncExclusions Updated exclusions: nebula-1771276843
2026-02-16 16:20:43.467 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1771276843
2026-02-16 16:20:43.467 [1437] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-16 16:20:43.469 [1437] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-16 16:20:43.470 [1437] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-16 16:36:53.892 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-16 16:36:53.980 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-16 18:00:23.505 [1437] info  client.cpp::sync Command received : event.policy.refresh
2026-02-16 18:00:23.651 [1437] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-16 18:00:23.651 [1437] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-16 18:00:23.651 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-16 18:00:25.190 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "1559cdcb1fb942ffd10d9582e2feffca:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:74", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-16 18:00:25.191 [1437] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-16 18:00:25.191 [1437] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-16 18:00:25.350 [1437] info  client.cpp::syncExclusions Updated exclusions: nebula-1771282825
2026-02-16 18:00:25.350 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1771282825
2026-02-16 18:00:25.350 [1437] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-16 18:00:25.351 [1437] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-16 18:00:25.364 [1437] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-16 18:11:23.981 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-16 18:11:24.092 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-16 19:54:00.277 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-16 19:54:00.370 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-16 21:18:36.561 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-16 21:18:36.675 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-16 22:47:42.674 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-16 22:47:42.765 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-17 00:44:42.958 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-17 00:44:43.047 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-17 01:02:00.273 [1437] info  on_nebula.cpp::handle Performing threat scan
2026-02-17 01:25:15.101 [1437] info  on_nebula.cpp::handle Scan complete, duration: 1395
2026-02-17 01:25:15.103 [1437] info  schedule_store.cpp::save Saved nebula schedules
2026-02-17 01:25:15.104 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-17 01:25:15.206 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-17 03:09:38.170 [1435] info  sirius.cpp::downloadUpdates checking for new updates
2026-02-17 03:09:38.486 [1435] info  sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-02-17 03:09:38.486 [1435] info  sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-02-17 03:09:38.765 [1435] info  sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-02-17 03:09:39.173 [1435] info  sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.107371

2026-02-17 03:09:40.321 [1435] info  sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.107371
2026-02-17 03:09:40.321 [1435] info  sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.107371
2026-02-17 03:09:40.847 [1435] info  IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-02-17 03:09:41.091 [1435] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-02-17 03:09:41.092 [1435] info  command_history.cpp::Cleanup Performing command history cleanup
2026-02-17 03:09:43.418 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "1559cdcb1fb942ffd10d9582e2feffca:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:74", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-17 03:10:41.242 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "1559cdcb1fb942ffd10d9582e2feffca:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:74", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-17 03:25:51.416 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-17 03:25:51.509 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-17 04:46:52.519 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-17 04:46:52.631 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-17 06:01:00.749 [1437] info  DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-02-17 06:01:00.750 [1437] info  asset_mgmt.cpp::collectData Collecting asset information
2026-02-17 06:01:00.750 [1437] info  asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-02-17 06:01:00.750 [1437] info  asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-17 06:01:00.750 [1437] info  asset_mgmt.cpp::collectMemory Collecting memory information
2026-02-17 06:01:00.752 [1437] info  asset_mgmt.cpp::collectDrives Collecting drive information
2026-02-17 06:01:09.568 [1437] info  asset_mgmt.cpp::collectStartups Collecting startups information
2026-02-17 06:01:10.582 [1437] info  asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-02-17 06:01:19.063 [1437] info  client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 12150366208, \"freespace_total\": 12150366208, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 46319579136, \"freespace_total\": 46319579136, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 690773610496, \"freespace_total\": 690773610496, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 34618728448, \"free_virtual\": 8528326656, \"total_physical\": 65940361216, \"total_virtual\": 8589930496}, \"nics\":
2026-02-17 06:01:19.117 [1437] info  schedule_store.cpp::save Saved nebula schedules
2026-02-17 06:10:34.823 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-17 06:10:34.941 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-17 07:27:58.943 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-17 07:27:59.034 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-17 08:57:05.037 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-17 08:57:05.125 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-17 10:42:23.128 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-17 10:42:23.216 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-17 12:23:11.216 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-17 12:23:11.321 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-17 14:06:41.321 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-17 14:06:41.409 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-17 15:35:47.411 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-17 15:35:47.519 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-17 16:49:36.532 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-17 16:49:36.635 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-17 18:43:00.902 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-17 18:43:01.020 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-17 20:07:37.021 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-17 20:07:37.121 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-17 21:45:43.122 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-17 21:45:43.214 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-17 23:12:07.219 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-17 23:12:07.310 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-18 00:14:13.312 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-18 00:14:13.400 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-18 01:01:59.415 [1437] info  on_nebula.cpp::handle Performing threat scan
2026-02-18 01:53:06.844 [1437] info  on_nebula.cpp::handle Scan complete, duration: 3067
2026-02-18 01:53:06.846 [1437] info  schedule_store.cpp::save Saved nebula schedules
2026-02-18 01:53:06.847 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-18 01:53:07.003 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-18 02:53:25.005 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-18 02:53:25.099 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-18 03:09:46.150 [1435] info  sirius.cpp::downloadUpdates checking for new updates
2026-02-18 03:09:47.433 [1435] info  sirius.cpp::downloadUpdates updating package: mblinux.db.rules
2026-02-18 03:09:47.539 [1435] info  sirius.cpp::backupEntry Backing up package: mblinux.db.rules
2026-02-18 03:09:47.568 [1435] info  sirius.cpp::download updated mblinux.db.rules to version 2.0.202602171401

2026-02-18 03:09:47.568 [1435] info  sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-02-18 03:09:47.830 [1435] info  sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-02-18 03:09:47.888 [1435] info  sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.107401

2026-02-18 03:09:49.146 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202512051355"}], "policy_etag": "1559cdcb1fb942ffd10d9582e2feffca:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:74", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-18 03:09:50.122 [1435] info  sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.107401
2026-02-18 03:09:50.123 [1435] info  sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.107401
2026-02-18 03:09:50.124 [1435] info  sirius.cpp::installDownloaded installed mblinux.db.rules 2.0.202602171401
2026-02-18 03:09:50.215 [1435] info  IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-02-18 03:09:50.370 [1435] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-02-18 03:09:50.372 [1435] info  command_history.cpp::Cleanup Performing command history cleanup
2026-02-18 03:09:53.160 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "1559cdcb1fb942ffd10d9582e2feffca:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:74", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-18 03:09:56.175 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "1559cdcb1fb942ffd10d9582e2feffca:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:74", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-18 04:50:25.101 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-18 04:50:25.217 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-18 05:55:04.742 [1437] info  client.cpp::sync Command received : event.policy.refresh
2026-02-18 05:55:04.882 [1437] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-18 05:55:04.882 [1437] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-18 05:55:04.882 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-18 05:55:06.310 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "147ce48161b0d3c815b2ad64a2062b8a:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-18 05:55:06.310 [1437] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-18 05:55:06.310 [1437] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-18 05:55:06.427 [1437] info  client.cpp::syncExclusions Updated exclusions: nebula-1771412106
2026-02-18 05:55:06.427 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1771412106
2026-02-18 05:55:06.427 [1437] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-18 05:55:06.428 [1437] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-18 05:55:06.428 [1437] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-18 06:29:25.218 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-18 06:29:25.331 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-18 07:34:14.345 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-18 07:34:14.454 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-18 09:15:56.456 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-18 09:15:56.562 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-18 10:36:56.563 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-18 10:36:56.650 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-18 12:26:45.662 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-18 12:26:45.748 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-18 13:38:53.886 [1437] info  client.cpp::registerRefresh nebula client refresh success
2026-02-18 13:38:53.886 [1437] info  plugin_manager.cpp::updateAuthToken sending updated auth token to epa.linux.plugin.edr
2026-02-18 13:38:53.909 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-18 13:38:54.023 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-18 15:16:06.024 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-18 15:16:06.113 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-18 16:20:54.340 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-18 16:20:54.429 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-18 17:48:12.430 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-18 17:48:12.540 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-18 19:39:48.744 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-18 19:39:48.833 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-18 20:41:46.120 [1437] info  client.cpp::callSync []
2026-02-18 20:41:46.236 [1437] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-18 20:41:46.236 [1437] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-18 20:41:47.246 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "6574b9edbf1e96c249c497b912156a7c:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-18 20:41:47.401 [1437] info  client.cpp::syncExclusions Updated exclusions: aab13d7a15ec773b08da871927e21e2a
2026-02-18 20:41:47.401 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-18 20:41:47.401 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: aab13d7a15ec773b08da871927e21e2a
2026-02-18 20:41:47.401 [1437] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-18 20:41:47.401 [1437] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-18 20:41:47.402 [1437] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-18 20:41:47.403 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-18 20:41:47.497 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-18 22:41:29.502 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-18 22:41:29.618 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-19 00:25:53.630 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-19 00:25:53.751 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-19 01:50:29.752 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-19 01:50:29.840 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-19 03:09:54.812 [1435] info  sirius.cpp::downloadUpdates checking for new updates
2026-02-19 03:09:55.006 [1435] info  sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-02-19 03:09:55.006 [1435] info  sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-02-19 03:09:55.323 [1435] info  sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-02-19 03:09:55.400 [1435] info  sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.107419

2026-02-19 03:09:56.250 [1435] info  sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.107419
2026-02-19 03:09:56.250 [1435] info  sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.107419
2026-02-19 03:09:56.368 [1435] info  IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-02-19 03:09:56.510 [1435] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-02-19 03:09:56.514 [1435] info  command_history.cpp::Cleanup Performing command history cleanup
2026-02-19 03:09:57.894 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "6574b9edbf1e96c249c497b912156a7c:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-19 03:10:17.974 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "6574b9edbf1e96c249c497b912156a7c:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-19 03:31:17.841 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-19 03:31:17.946 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-19 05:01:17.957 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-19 05:01:18.079 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-19 06:00:58.145 [1437] info  DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-02-19 06:00:58.146 [1437] info  asset_mgmt.cpp::collectData Collecting asset information
2026-02-19 06:00:58.146 [1437] info  asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-02-19 06:00:58.146 [1437] info  asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-19 06:00:58.146 [1437] info  asset_mgmt.cpp::collectMemory Collecting memory information
2026-02-19 06:00:58.147 [1437] info  asset_mgmt.cpp::collectDrives Collecting drive information
2026-02-19 06:01:08.745 [1437] info  asset_mgmt.cpp::collectStartups Collecting startups information
2026-02-19 06:01:09.758 [1437] info  asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-02-19 06:01:17.161 [1437] info  client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 379810344960, \"freespace_total\": 379810344960, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 85827104768, \"freespace_total\": 85827104768, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 726449520640, \"freespace_total\": 726449520640, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 1303830528, \"free_virtual\": 8506830848, \"total_physical\": 65940361216, \"total_virtual\": 8589930496}, \"nics\"
2026-02-19 06:01:17.193 [1437] info  schedule_store.cpp::save Saved nebula schedules
2026-02-19 06:19:36.290 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-19 06:19:36.378 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-19 08:05:48.380 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-19 08:05:48.470 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-19 09:50:13.482 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-19 09:50:13.577 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-19 11:24:43.578 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-19 11:24:43.689 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-19 13:16:19.691 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-19 13:16:19.780 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-19 14:04:20.469 [1437] info  client.cpp::sync Command received : event.policy.refresh
2026-02-19 14:04:20.602 [1437] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-19 14:04:20.602 [1437] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-19 14:04:20.603 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-19 14:04:21.617 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "22bc453fea45126d7f0d0bc339083429:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-19 14:04:21.618 [1437] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-19 14:04:21.619 [1437] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-19 14:04:21.753 [1437] info  client.cpp::syncExclusions Updated exclusions: nebula-1771527861
2026-02-19 14:04:21.753 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1771527861
2026-02-19 14:04:21.754 [1437] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-19 14:04:21.756 [1437] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-19 14:04:21.756 [1437] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-19 14:51:44.792 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-19 14:51:44.880 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-19 16:27:08.882 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-19 16:27:08.969 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-19 18:19:38.971 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-19 18:19:39.074 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-19 20:00:27.076 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-19 20:00:27.166 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-19 21:48:27.168 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-19 21:48:27.280 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-19 22:57:45.285 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-19 22:57:45.372 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-19 23:32:39.866 [1437] info  client.cpp::sync Command received : event.policy.refresh
2026-02-19 23:32:39.975 [1437] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-19 23:32:39.975 [1437] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-19 23:32:39.975 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-19 23:32:40.987 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "fecad00e37a0e545a79ec7df61a35ef6:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-19 23:32:40.987 [1437] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-19 23:32:40.987 [1437] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-19 23:32:41.128 [1437] info  client.cpp::syncExclusions Updated exclusions: nebula-1771561960
2026-02-19 23:32:41.128 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1771561960
2026-02-19 23:32:41.128 [1437] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-19 23:32:41.129 [1437] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-19 23:32:41.129 [1437] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-20 00:08:51.371 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-20 00:08:51.459 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-20 01:27:09.460 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-20 01:27:09.571 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-20 02:54:27.574 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-20 02:54:27.684 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-20 03:10:01.451 [1435] info  sirius.cpp::downloadUpdates checking for new updates
2026-02-20 03:10:01.681 [1435] info  sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-02-20 03:10:01.681 [1435] info  sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-02-20 03:10:01.968 [1435] info  sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-02-20 03:10:02.047 [1435] info  sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.107441

2026-02-20 03:10:02.925 [1435] info  sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.107441
2026-02-20 03:10:02.925 [1435] info  sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.107441
2026-02-20 03:10:03.022 [1435] info  IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-02-20 03:10:03.176 [1435] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-02-20 03:10:03.181 [1435] info  command_history.cpp::Cleanup Performing command history cleanup
2026-02-20 03:10:06.776 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "fecad00e37a0e545a79ec7df61a35ef6:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-20 03:10:14.815 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "fecad00e37a0e545a79ec7df61a35ef6:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-20 04:28:03.686 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-20 04:28:03.774 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-20 06:26:51.776 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-20 06:26:51.866 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-20 08:14:51.867 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-20 08:14:51.960 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-20 09:31:21.961 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-20 09:31:22.049 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-20 11:25:40.050 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-20 11:25:40.173 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-20 13:16:22.174 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-20 13:16:22.264 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-20 13:47:10.277 [1437] info  client.cpp::sync Command received : event.policy.refresh
2026-02-20 13:47:10.434 [1437] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-20 13:47:10.435 [1437] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-20 13:47:10.435 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-20 13:47:11.677 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "eff94f85153c23a3f4b2bf3cb00d53c6:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-20 13:47:11.678 [1437] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-20 13:47:11.678 [1437] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-20 13:47:11.809 [1437] info  client.cpp::syncExclusions Updated exclusions: nebula-1771613231
2026-02-20 13:47:11.809 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1771613231
2026-02-20 13:47:11.810 [1437] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-20 13:47:11.813 [1437] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-20 13:47:11.813 [1437] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-20 14:30:10.266 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-20 14:30:10.380 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-20 16:08:17.395 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-20 16:08:17.496 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-20 16:22:24.740 [1437] info  client.cpp::sync Command received : event.policy.refresh
2026-02-20 16:22:24.879 [1437] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-20 16:22:24.879 [1437] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-20 16:22:24.879 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-20 16:22:26.107 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "ad92414045f26b1d16d174ff9cfd7574:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-20 16:22:26.107 [1437] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-20 16:22:26.108 [1437] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-20 16:22:26.249 [1437] info  client.cpp::syncExclusions Updated exclusions: nebula-1771622546
2026-02-20 16:22:26.249 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1771622546
2026-02-20 16:22:26.249 [1437] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-20 16:22:26.250 [1437] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-20 16:22:26.250 [1437] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-20 17:18:29.702 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-20 17:18:29.790 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-20 18:24:11.992 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-20 18:24:12.082 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-20 20:05:00.083 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-20 20:05:00.170 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-20 21:56:35.294 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-20 21:56:35.381 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-20 23:11:18.257 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-20 23:11:18.370 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-21 00:38:36.373 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-21 00:38:36.461 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-21 01:01:58.657 [1437] info  on_nebula.cpp::handle Performing threat scan
2026-02-21 01:10:09.947 [1437] info  on_nebula.cpp::handle Scan complete, duration: 491
2026-02-21 01:10:09.949 [1437] info  schedule_store.cpp::save Saved nebula schedules
2026-02-21 01:10:09.950 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-21 01:10:10.072 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-21 02:35:41.085 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-21 02:35:41.182 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-21 03:10:07.307 [1435] info  sirius.cpp::downloadUpdates checking for new updates
2026-02-21 03:10:07.492 [1435] info  sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-02-21 03:10:07.492 [1435] info  sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-02-21 03:10:07.752 [1435] info  sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-02-21 03:10:07.849 [1435] info  sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.107479

2026-02-21 03:10:08.667 [1435] info  sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.107479
2026-02-21 03:10:08.667 [1435] info  sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.107479
2026-02-21 03:10:08.794 [1435] info  IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-02-21 03:10:08.950 [1435] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-02-21 03:10:08.952 [1435] info  command_history.cpp::Cleanup Performing command history cleanup
2026-02-21 03:38:41.183 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-21 03:38:41.295 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-21 04:40:47.296 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-21 04:40:47.386 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-21 06:34:11.388 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-21 06:34:11.524 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-21 07:40:47.526 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-21 07:40:47.638 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-21 09:16:11.640 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-21 09:16:11.750 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-21 10:16:29.753 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-21 10:16:29.846 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-21 11:37:29.845 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-21 11:37:29.937 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-21 13:13:47.939 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-21 13:13:48.049 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-21 14:59:06.050 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-21 14:59:06.146 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-21 15:18:15.134 [1437] info  client.cpp::sync Command received : event.policy.refresh
2026-02-21 15:18:15.269 [1437] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-21 15:18:15.270 [1437] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-21 15:18:15.270 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-21 15:18:16.287 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "8759377185b7da8246d41cd10548e19b:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-21 15:18:16.289 [1437] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-21 15:18:16.289 [1437] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-21 15:18:16.450 [1437] info  client.cpp::syncExclusions Updated exclusions: nebula-1771705096
2026-02-21 15:18:16.450 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1771705096
2026-02-21 15:18:16.450 [1437] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-21 15:18:16.452 [1437] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-21 15:18:16.452 [1437] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-21 16:58:48.147 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-21 16:58:48.235 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-21 18:04:30.236 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-21 18:04:30.348 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-21 19:56:06.349 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-21 19:56:06.448 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-21 21:34:39.353 [1437] info  client.cpp::sync Command received : event.policy.refresh
2026-02-21 21:34:39.510 [1437] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-21 21:34:39.510 [1437] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-21 21:34:39.511 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-21 21:34:39.522 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "5aed6d3a596d02c78f70684e2f3b817f:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-21 21:34:39.524 [1437] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-21 21:34:39.524 [1437] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-21 21:34:39.657 [1437] info  client.cpp::syncExclusions Updated exclusions: nebula-1771727679
2026-02-21 21:34:39.657 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1771727679
2026-02-21 21:34:39.657 [1437] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-21 21:34:39.658 [1437] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-21 21:34:39.658 [1437] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-21 21:42:18.450 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-21 21:42:18.539 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-21 22:30:45.578 [1437] info  client.cpp::sync Command received : event.policy.refresh
2026-02-21 22:30:45.690 [1437] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-21 22:30:45.690 [1437] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-21 22:30:45.690 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-21 22:30:46.701 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "c6f200998d7456fd43d7f29bc31c5a86:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-21 22:30:46.703 [1437] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-21 22:30:46.703 [1437] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-21 22:30:46.813 [1437] info  client.cpp::syncExclusions Updated exclusions: nebula-1771731046
2026-02-21 22:30:46.813 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1771731046
2026-02-21 22:30:46.813 [1437] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-21 22:30:46.815 [1437] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-21 22:30:46.815 [1437] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-21 22:48:01.558 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-21 22:48:01.657 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-21 23:48:40.740 [1437] info  client.cpp::sync Command received : event.policy.refresh
2026-02-21 23:48:40.865 [1437] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-21 23:48:40.865 [1437] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-21 23:48:40.865 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-21 23:48:41.877 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "454efc141399720be1e664b866c9ab46:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-21 23:48:41.879 [1437] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-21 23:48:41.879 [1437] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-21 23:48:42.034 [1437] info  client.cpp::syncExclusions Updated exclusions: nebula-1771735721
2026-02-21 23:48:42.034 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1771735721
2026-02-21 23:48:42.034 [1437] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-21 23:48:42.036 [1437] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-21 23:48:42.036 [1437] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-22 00:35:07.667 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-22 00:35:07.765 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-22 01:47:08.779 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-22 01:47:08.868 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-22 02:52:50.869 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-22 02:52:50.958 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-22 03:10:12.939 [1435] info  sirius.cpp::downloadUpdates checking for new updates
2026-02-22 03:10:13.140 [1435] info  sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-02-22 03:10:13.140 [1435] info  sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-02-22 03:10:13.422 [1435] info  sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-02-22 03:10:13.499 [1435] info  sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.107513

2026-02-22 03:10:14.419 [1435] info  sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.107513
2026-02-22 03:10:14.419 [1435] info  sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.107513
2026-02-22 03:10:14.542 [1435] info  IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-02-22 03:10:14.689 [1435] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-02-22 03:10:14.691 [1435] info  command_history.cpp::Cleanup Performing command history cleanup
2026-02-22 03:10:17.028 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "454efc141399720be1e664b866c9ab46:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-22 03:10:49.160 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "454efc141399720be1e664b866c9ab46:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-22 04:21:02.959 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-22 04:21:03.070 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-22 05:33:03.300 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-22 05:33:03.462 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-22 07:07:33.699 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-22 07:07:33.786 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-22 08:37:33.788 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-22 08:37:33.876 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-22 09:54:57.878 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-22 09:54:58.123 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-22 10:46:34.741 [1437] info  client.cpp::sync Command received : event.policy.refresh
2026-02-22 10:46:34.886 [1437] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-22 10:46:34.887 [1437] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-22 10:46:34.887 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-22 10:46:35.899 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "ffff1ab9723b28d5d1e2ffd2e491f768:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-22 10:46:35.901 [1437] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-22 10:46:35.902 [1437] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-22 10:46:36.054 [1437] info  client.cpp::syncExclusions Updated exclusions: nebula-1771775195
2026-02-22 10:46:36.054 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1771775195
2026-02-22 10:46:36.054 [1437] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-22 10:46:36.056 [1437] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-22 10:46:36.056 [1437] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-22 11:20:28.124 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-22 11:20:28.232 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-22 12:22:35.248 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-22 12:22:35.358 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-22 13:51:41.360 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-22 13:51:41.448 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-22 14:54:00.044 [1437] info  client.cpp::sync Command received : event.policy.refresh
2026-02-22 14:54:00.185 [1437] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-22 14:54:00.185 [1437] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-22 14:54:00.185 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-22 14:54:01.197 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "e791765e1a898b35db91c56b285d4a94:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-22 14:54:01.197 [1437] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-22 14:54:01.197 [1437] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-22 14:54:01.340 [1437] info  client.cpp::syncExclusions Updated exclusions: nebula-1771790041
2026-02-22 14:54:01.340 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1771790041
2026-02-22 14:54:01.340 [1437] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-22 14:54:01.341 [1437] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-22 14:54:01.341 [1437] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-22 15:51:23.680 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-22 15:51:23.795 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-22 17:33:05.797 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-22 17:33:05.934 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-22 19:20:11.936 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-22 19:20:12.043 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-22 20:52:00.045 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-22 20:52:00.165 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-22 22:38:12.169 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-22 22:38:12.261 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-22 23:41:12.262 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-22 23:41:12.376 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-23 01:01:58.525 [1437] info  on_nebula.cpp::handle Performing threat scan
2026-02-23 01:11:11.920 [1437] info  on_nebula.cpp::handle Scan complete, duration: 553
2026-02-23 01:11:11.921 [1437] info  schedule_store.cpp::save Saved nebula schedules
2026-02-23 01:11:11.923 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-23 01:11:12.044 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-23 02:32:12.045 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-23 02:32:12.138 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-23 03:10:19.390 [1435] info  sirius.cpp::downloadUpdates checking for new updates
2026-02-23 03:10:19.595 [1435] info  sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-02-23 03:10:19.595 [1435] info  sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-02-23 03:10:19.860 [1435] info  sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-02-23 03:10:19.955 [1435] info  sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.107541

2026-02-23 03:10:20.767 [1435] info  sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.107541
2026-02-23 03:10:20.767 [1435] info  sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.107541
2026-02-23 03:10:20.880 [1435] info  IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-02-23 03:10:21.046 [1435] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-02-23 03:10:21.047 [1435] info  command_history.cpp::Cleanup Performing command history cleanup
2026-02-23 04:09:25.153 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-23 04:09:25.266 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-23 05:29:20.608 [1437] info  client.cpp::sync Command received : event.policy.refresh
2026-02-23 05:29:20.724 [1437] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-23 05:29:20.724 [1437] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-23 05:29:20.724 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-23 05:29:21.735 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "f48cd5841e5ffb361efffa25c6806356:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-23 05:29:21.736 [1437] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-23 05:29:21.736 [1437] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-23 05:29:21.902 [1437] info  client.cpp::syncExclusions Updated exclusions: nebula-1771842561
2026-02-23 05:29:21.902 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1771842561
2026-02-23 05:29:21.902 [1437] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-23 05:29:21.903 [1437] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-23 05:29:21.903 [1437] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-23 05:42:07.468 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-23 05:42:07.573 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-23 06:00:58.760 [1437] info  DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-02-23 06:00:58.760 [1437] info  asset_mgmt.cpp::collectData Collecting asset information
2026-02-23 06:00:58.760 [1437] info  asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-02-23 06:00:58.760 [1437] info  asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-23 06:00:58.761 [1437] info  asset_mgmt.cpp::collectMemory Collecting memory information
2026-02-23 06:00:58.761 [1437] info  asset_mgmt.cpp::collectDrives Collecting drive information
2026-02-23 06:01:08.884 [1437] info  asset_mgmt.cpp::collectStartups Collecting startups information
2026-02-23 06:01:08.894 [1437] info  asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-02-23 06:01:17.251 [1437] info  client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 373591801856, \"freespace_total\": 373591801856, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 745340215296, \"freespace_total\": 745340215296, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 9978855424, \"free_virtual\": 8241016832, \"total_physical\": 65940361216, \"total_virtual\": 8589930496}, \"nics\"
2026-02-23 06:01:17.286 [1437] info  schedule_store.cpp::save Saved nebula schedules
2026-02-23 06:01:17.287 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-23 06:01:17.397 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-23 07:38:29.400 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-23 07:38:29.488 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-23 08:26:36.587 [1437] info  client.cpp::sync Command received : event.policy.refresh
2026-02-23 08:26:36.696 [1437] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-23 08:26:36.696 [1437] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-23 08:26:36.696 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-23 08:26:37.711 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "9c6fdb28a99e7cf8a08652a7ca25f1de:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-23 08:26:37.711 [1437] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-23 08:26:37.711 [1437] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-23 08:26:37.843 [1437] info  client.cpp::syncExclusions Updated exclusions: nebula-1771853197
2026-02-23 08:26:37.843 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1771853197
2026-02-23 08:26:37.843 [1437] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-23 08:26:37.843 [1437] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-23 08:26:37.843 [1437] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-23 08:48:41.490 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-23 08:48:41.582 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-23 10:06:59.583 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-23 10:06:59.697 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-23 11:31:35.699 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-23 11:31:35.787 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-23 12:43:35.788 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-23 12:43:35.876 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-23 14:22:35.878 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-23 14:22:35.966 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-23 15:32:47.968 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-23 15:32:48.070 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-23 17:05:30.072 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-23 17:05:30.180 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-23 18:17:30.182 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-23 18:17:30.278 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-23 19:28:36.279 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-23 19:28:36.396 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-23 21:22:54.397 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-23 21:22:54.488 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-23 22:28:36.490 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-23 22:28:36.578 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-24 00:15:42.580 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-24 00:15:42.667 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-24 01:02:00.754 [1437] info  on_nebula.cpp::handle Performing threat scan
2026-02-24 01:12:01.185 [1437] info  on_nebula.cpp::handle Scan complete, duration: 601
2026-02-24 01:12:01.187 [1437] info  schedule_store.cpp::save Saved nebula schedules
2026-02-24 01:12:01.188 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-24 01:12:01.276 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-24 02:27:37.277 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-24 02:27:37.369 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-24 03:10:25.808 [1435] info  sirius.cpp::downloadUpdates checking for new updates
2026-02-24 03:10:25.985 [1435] info  sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-02-24 03:10:25.985 [1435] info  sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-02-24 03:10:26.256 [1435] info  sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-02-24 03:10:26.333 [1435] info  sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.107579

2026-02-24 03:10:27.584 [1435] info  sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.107579
2026-02-24 03:10:27.584 [1435] info  sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.107579
2026-02-24 03:10:27.686 [1435] info  IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-02-24 03:10:28.050 [1435] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-02-24 03:10:28.050 [1435] info  command_history.cpp::Cleanup Performing command history cleanup
2026-02-24 03:10:30.696 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "9c6fdb28a99e7cf8a08652a7ca25f1de:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-24 03:10:46.752 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "9c6fdb28a99e7cf8a08652a7ca25f1de:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-24 03:45:55.371 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-24 03:45:55.462 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-24 05:00:37.463 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-24 05:00:37.550 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-24 06:00:59.567 [1437] info  DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-02-24 06:00:59.567 [1437] info  asset_mgmt.cpp::collectData Collecting asset information
2026-02-24 06:00:59.569 [1437] info  asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-02-24 06:00:59.569 [1437] info  asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-24 06:00:59.569 [1437] info  asset_mgmt.cpp::collectMemory Collecting memory information
2026-02-24 06:00:59.570 [1437] info  asset_mgmt.cpp::collectDrives Collecting drive information
2026-02-24 06:01:10.720 [1437] info  asset_mgmt.cpp::collectStartups Collecting startups information
2026-02-24 06:01:10.730 [1437] info  asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-02-24 06:01:18.086 [1437] info  client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 372741353472, \"freespace_total\": 372741353472, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 753722859520, \"freespace_total\": 753722859520, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 6511239168, \"free_virtual\": 8236298240, \"total_physical\": 65940361216, \"total_virtual\": 8589930496}, \"nics\"
2026-02-24 06:01:18.126 [1437] info  schedule_store.cpp::save Saved nebula schedules
2026-02-24 06:01:50.240 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-24 06:01:50.328 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-24 07:55:14.329 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-24 07:55:14.417 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-24 08:23:06.907 [1437] info  client.cpp::sync Command received : event.policy.refresh
2026-02-24 08:23:07.032 [1437] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-24 08:23:07.032 [1437] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-24 08:23:07.032 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-24 08:23:08.045 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "414fd6b8a7116fb7b6733afab8abf3da:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-24 08:23:08.045 [1437] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-24 08:23:08.045 [1437] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-24 08:23:08.218 [1437] info  client.cpp::syncExclusions Updated exclusions: nebula-1771939388
2026-02-24 08:23:08.218 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1771939388
2026-02-24 08:23:08.218 [1437] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-24 08:23:08.220 [1437] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-24 08:23:08.220 [1437] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-24 08:43:29.292 [1437] info  client.cpp::sync Command received : event.policy.refresh
2026-02-24 08:43:29.398 [1437] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-24 08:43:29.398 [1437] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-24 08:43:29.398 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-24 08:43:30.409 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "17027e68029080f8dd127b6b80951672:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-24 08:43:30.409 [1437] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-24 08:43:30.409 [1437] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-24 08:43:30.552 [1437] info  client.cpp::syncExclusions Updated exclusions: nebula-1771940610
2026-02-24 08:43:30.552 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1771940610
2026-02-24 08:43:30.552 [1437] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-24 08:43:30.553 [1437] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-24 08:43:30.553 [1437] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-24 09:27:02.418 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-24 09:27:02.505 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-24 11:20:26.506 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-24 11:20:26.595 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-24 13:19:14.800 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-24 13:19:14.900 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-24 13:40:03.666 [1437] info  client.cpp::sync Command received : event.policy.refresh
2026-02-24 13:40:03.772 [1437] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-24 13:40:03.772 [1437] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-24 13:40:03.772 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-24 13:40:04.986 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "a108a0c86a85eb5741112a366cd64784:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-24 13:40:04.987 [1437] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-24 13:40:04.987 [1437] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-24 13:40:05.144 [1437] info  client.cpp::syncExclusions Updated exclusions: nebula-1771958404
2026-02-24 13:40:05.144 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1771958404
2026-02-24 13:40:05.144 [1437] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-24 13:40:05.144 [1437] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-24 13:40:05.145 [1437] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-24 14:24:02.902 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-24 14:24:02.991 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-24 15:29:44.993 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-24 15:29:45.104 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-24 17:10:33.105 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-24 17:10:33.193 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-24 18:57:39.195 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-24 18:57:39.283 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-24 20:36:39.285 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-24 20:36:39.372 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-24 22:21:57.374 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-24 22:21:57.469 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-24 23:24:57.471 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-24 23:24:57.558 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-25 01:01:59.713 [1437] info  on_nebula.cpp::handle Performing threat scan
2026-02-25 01:10:11.843 [1437] info  on_nebula.cpp::handle Scan complete, duration: 492
2026-02-25 01:10:11.845 [1437] info  schedule_store.cpp::save Saved nebula schedules
2026-02-25 01:10:11.846 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-25 01:10:11.951 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-25 02:33:53.952 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-25 02:33:54.065 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-25 03:10:32.930 [1435] info  sirius.cpp::downloadUpdates checking for new updates
2026-02-25 03:10:33.107 [1435] info  sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-02-25 03:10:33.107 [1435] info  sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-02-25 03:10:33.346 [1435] info  sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-02-25 03:10:33.423 [1435] info  sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.107625

2026-02-25 03:10:34.260 [1435] info  sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.107625
2026-02-25 03:10:34.261 [1435] info  sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.107625
2026-02-25 03:10:34.369 [1435] info  IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-02-25 03:10:34.508 [1435] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-02-25 03:10:34.509 [1435] info  command_history.cpp::Cleanup Performing command history cleanup
2026-02-25 03:10:35.216 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "a108a0c86a85eb5741112a366cd64784:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-25 03:10:39.230 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "a108a0c86a85eb5741112a366cd64784:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-25 03:38:42.067 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-25 03:38:42.154 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-25 04:31:13.874 [1437] info  client.cpp::sync Command received : event.policy.refresh
2026-02-25 04:31:13.988 [1437] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-25 04:31:13.988 [1437] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-25 04:31:13.988 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-25 04:31:15.000 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "af1d30ab79f10df8a73bcf7e65d1a1ba:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-25 04:31:15.000 [1437] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-25 04:31:15.000 [1437] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-25 04:31:15.149 [1437] info  client.cpp::syncExclusions Updated exclusions: nebula-1772011874
2026-02-25 04:31:15.149 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1772011874
2026-02-25 04:31:15.149 [1437] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-25 04:31:15.150 [1437] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-25 04:31:15.150 [1437] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-25 05:17:42.156 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-25 05:17:42.269 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-25 06:00:58.285 [1437] info  DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-02-25 06:00:58.285 [1437] info  asset_mgmt.cpp::collectData Collecting asset information
2026-02-25 06:00:58.285 [1437] info  asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-02-25 06:00:58.285 [1437] info  asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-25 06:00:58.286 [1437] info  asset_mgmt.cpp::collectMemory Collecting memory information
2026-02-25 06:00:58.286 [1437] info  asset_mgmt.cpp::collectDrives Collecting drive information
2026-02-25 06:01:10.417 [1437] info  asset_mgmt.cpp::collectStartups Collecting startups information
2026-02-25 06:01:11.430 [1437] info  asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-02-25 06:01:19.790 [1437] info  client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 371020939264, \"freespace_total\": 371020939264, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 752809119744, \"freespace_total\": 752809119744, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 7443914752, \"free_virtual\": 8191471616, \"total_physical\": 65940361216, \"total_virtual\": 8589930496}, \"nics\"
2026-02-25 06:01:19.819 [1437] info  schedule_store.cpp::save Saved nebula schedules
2026-02-25 06:18:54.270 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-25 06:18:54.357 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-25 07:02:09.822 [1437] info  client.cpp::sync Command received : event.policy.refresh
2026-02-25 07:02:09.931 [1437] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-25 07:02:09.931 [1437] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-25 07:02:09.931 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-25 07:02:10.942 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "9fee4f9a513dd295f677b9edab3f197e:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-25 07:02:10.943 [1437] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-25 07:02:10.943 [1437] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-25 07:02:11.088 [1437] info  client.cpp::syncExclusions Updated exclusions: nebula-1772020930
2026-02-25 07:02:11.088 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1772020930
2026-02-25 07:02:11.088 [1437] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-25 07:02:11.089 [1437] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-25 07:02:11.089 [1437] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-25 07:57:55.375 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-25 07:57:55.464 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-25 09:18:01.466 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-25 09:18:01.582 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-25 10:56:08.599 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-25 10:56:08.687 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-25 12:37:51.702 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-25 12:37:51.792 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-25 14:24:58.805 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-25 14:24:58.918 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-25 16:01:16.920 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-25 16:01:17.006 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-25 17:16:53.203 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-25 17:16:53.290 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-25 18:18:59.293 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-25 18:18:59.381 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-25 20:19:35.382 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-25 20:19:35.470 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-25 21:27:06.488 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-25 21:27:06.597 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-25 22:41:48.601 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-25 22:41:48.723 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-26 00:26:13.735 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-26 00:26:13.824 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-26 01:01:59.963 [1437] info  on_nebula.cpp::handle Performing threat scan
2026-02-26 01:10:25.800 [1437] info  on_nebula.cpp::handle Scan complete, duration: 506
2026-02-26 01:10:25.801 [1437] info  schedule_store.cpp::save Saved nebula schedules
2026-02-26 01:10:25.802 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-26 01:10:25.899 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-26 02:16:07.900 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-26 02:16:07.998 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-26 03:10:39.040 [1435] info  sirius.cpp::downloadUpdates checking for new updates
2026-02-26 03:10:39.260 [1435] info  sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-02-26 03:10:39.260 [1435] info  sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-02-26 03:10:39.523 [1435] info  sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-02-26 03:10:39.595 [1435] info  sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.107661

2026-02-26 03:10:40.398 [1435] info  sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.107661
2026-02-26 03:10:40.398 [1435] info  sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.107661
2026-02-26 03:10:40.503 [1435] info  IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-02-26 03:10:40.638 [1435] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-02-26 03:10:40.639 [1435] info  command_history.cpp::Cleanup Performing command history cleanup
2026-02-26 03:22:43.998 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-26 03:22:44.085 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-26 04:51:50.086 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-26 04:51:50.197 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-26 06:00:59.383 [1437] info  DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-02-26 06:00:59.383 [1437] info  asset_mgmt.cpp::collectData Collecting asset information
2026-02-26 06:00:59.383 [1437] info  asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-02-26 06:00:59.383 [1437] info  asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-26 06:00:59.383 [1437] info  asset_mgmt.cpp::collectMemory Collecting memory information
2026-02-26 06:00:59.383 [1437] info  asset_mgmt.cpp::collectDrives Collecting drive information
2026-02-26 06:01:11.511 [1437] info  asset_mgmt.cpp::collectStartups Collecting startups information
2026-02-26 06:01:12.523 [1437] info  asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-02-26 06:01:20.895 [1437] info  client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 370185117696, \"freespace_total\": 370185117696, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 751789027328, \"freespace_total\": 751789027328, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 7248379904, \"free_virtual\": 8200687616, \"total_physical\": 65940361216, \"total_virtual\": 8589930496}, \"nics\"
2026-02-26 06:01:20.928 [1437] info  schedule_store.cpp::save Saved nebula schedules
2026-02-26 06:01:20.929 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-26 06:01:21.057 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-26 07:30:27.058 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-26 07:30:27.147 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-26 09:25:40.164 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-26 09:25:40.278 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-26 10:43:58.279 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-26 10:43:58.368 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-26 12:11:16.369 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-26 12:11:16.457 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-26 13:37:40.458 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-26 13:37:40.547 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-26 13:59:07.203 [1437] info  client.cpp::sync Command received : event.policy.refresh
2026-02-26 13:59:07.360 [1437] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-26 13:59:07.360 [1437] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-26 13:59:07.360 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-26 13:59:08.376 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "a25f7ae09b47715daee2c811a103e5d0:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-26 13:59:08.376 [1437] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-26 13:59:08.376 [1437] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-26 13:59:08.494 [1437] info  client.cpp::syncExclusions Updated exclusions: nebula-1772132348
2026-02-26 13:59:08.494 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1772132348
2026-02-26 13:59:08.494 [1437] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-26 13:59:08.494 [1437] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-26 13:59:08.495 [1437] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-26 15:18:28.565 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-26 15:18:28.655 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-26 16:51:10.656 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-26 16:51:10.743 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-26 17:53:16.745 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-26 17:53:16.857 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-26 19:01:40.859 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-26 19:01:40.949 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-26 20:09:10.950 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-26 20:09:11.065 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-26 20:29:17.340 [1437] info  client.cpp::sync Command received : event.policy.refresh
2026-02-26 20:29:17.487 [1437] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-26 20:29:17.487 [1437] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-26 20:29:17.487 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-26 20:29:18.549 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "f76662212c2e015592f49eef1d33f756:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-26 20:29:18.549 [1437] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-26 20:29:18.549 [1437] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-26 20:29:18.664 [1437] info  client.cpp::syncExclusions Updated exclusions: nebula-1772155758
2026-02-26 20:29:18.664 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1772155758
2026-02-26 20:29:18.664 [1437] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-26 20:29:18.665 [1437] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-26 20:29:18.665 [1437] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-26 21:33:47.067 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-26 21:33:48.026 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-26 22:51:12.028 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-26 22:51:12.118 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-27 00:24:49.132 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-27 00:24:49.219 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-27 01:01:59.284 [1437] info  on_nebula.cpp::handle Performing threat scan
2026-02-27 01:09:46.205 [1437] info  on_nebula.cpp::handle Scan complete, duration: 467
2026-02-27 01:09:46.207 [1437] info  schedule_store.cpp::save Saved nebula schedules
2026-02-27 01:09:46.208 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-27 01:09:46.343 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-27 03:01:22.343 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-27 03:01:22.432 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-27 03:10:45.041 [1435] info  sirius.cpp::downloadUpdates checking for new updates
2026-02-27 03:10:45.201 [1435] info  sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-02-27 03:10:45.201 [1435] info  sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-02-27 03:10:45.894 [1435] info  sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-02-27 03:10:45.988 [1435] info  sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.107699

2026-02-27 03:10:46.802 [1435] info  sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.107699
2026-02-27 03:10:46.803 [1435] info  sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.107699
2026-02-27 03:10:46.894 [1435] info  IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-02-27 03:10:47.050 [1435] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-02-27 03:10:47.051 [1435] info  command_history.cpp::Cleanup Performing command history cleanup
2026-02-27 05:01:04.431 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-27 05:01:04.522 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-27 06:10:22.524 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-27 06:10:22.636 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-27 07:52:58.638 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-27 07:52:58.727 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-27 08:57:46.728 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-27 08:57:46.815 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-27 10:26:52.816 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-27 10:26:52.903 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-27 11:55:58.905 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-27 11:55:58.995 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-27 13:36:46.997 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-27 13:36:47.084 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-27 14:45:11.085 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-27 14:45:11.173 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-27 16:15:11.175 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-27 16:15:11.265 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-27 17:24:58.949 [1437] info  client.cpp::sync Command received : event.policy.refresh
2026-02-27 17:24:59.100 [1437] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-27 17:24:59.100 [1437] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-27 17:24:59.100 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-27 17:25:00.316 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "96c01bd157dc42d40a92c7952d83feba:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-27 17:25:00.317 [1437] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-27 17:25:00.317 [1437] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-27 17:25:00.446 [1437] info  client.cpp::syncExclusions Updated exclusions: nebula-1772231100
2026-02-27 17:25:00.446 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1772231100
2026-02-27 17:25:00.446 [1437] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-27 17:25:00.446 [1437] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-27 17:25:00.446 [1437] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-27 17:56:54.278 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-27 17:56:54.367 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-27 19:17:54.369 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-27 19:17:54.459 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-27 20:44:18.460 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-27 20:44:18.549 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-27 22:10:42.554 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-27 22:10:42.641 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-27 23:47:38.786 [1437] info  client.cpp::sync Command received : event.policy.refresh
2026-02-27 23:47:38.924 [1437] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-27 23:47:38.924 [1437] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-27 23:47:38.924 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-27 23:47:39.935 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "cdf1adff2359b96dea5285a19d9d16db:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-27 23:47:39.935 [1437] info  client.cpp::sync Command received : event.exclusion.refresh
2026-02-27 23:47:39.935 [1437] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-02-27 23:47:40.067 [1437] info  client.cpp::syncExclusions Updated exclusions: nebula-1772254059
2026-02-27 23:47:40.067 [1437] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1772254059
2026-02-27 23:47:40.067 [1437] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-27 23:47:40.068 [1437] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-27 23:47:40.068 [1437] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-27 23:55:06.642 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-27 23:55:06.729 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-28 01:01:58.786 [1437] info  on_nebula.cpp::handle Performing threat scan
2026-02-28 01:09:05.369 [1437] info  on_nebula.cpp::handle Scan complete, duration: 427
2026-02-28 01:09:05.370 [1437] info  schedule_store.cpp::save Saved nebula schedules
2026-02-28 01:09:05.371 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-28 01:09:05.484 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-28 02:16:35.485 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-28 02:16:35.577 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-28 03:10:51.746 [1435] info  sirius.cpp::downloadUpdates checking for new updates
2026-02-28 03:10:51.904 [1435] info  sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-02-28 03:10:51.904 [1435] info  sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-02-28 03:10:52.177 [1435] info  sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-02-28 03:10:52.250 [1435] info  sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.107729

2026-02-28 03:10:53.082 [1435] info  sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.107729
2026-02-28 03:10:53.082 [1435] info  sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.107729
2026-02-28 03:10:53.183 [1435] info  IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-02-28 03:10:53.312 [1435] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-02-28 03:10:53.313 [1435] info  command_history.cpp::Cleanup Performing command history cleanup
2026-02-28 03:10:55.648 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "cdf1adff2359b96dea5285a19d9d16db:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-28 03:11:03.676 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "cdf1adff2359b96dea5285a19d9d16db:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-28 03:33:05.579 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-28 03:33:05.668 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-28 05:11:11.671 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-28 05:11:11.760 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-28 06:11:29.761 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-28 06:11:29.855 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-28 08:04:53.857 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-28 08:04:53.945 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-28 09:27:41.947 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-28 09:27:42.037 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-28 11:02:13.050 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-28 11:02:13.140 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-28 12:02:32.153 [1437] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-28 12:02:32.242 [1437] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-28 13:00:45.480 [1434] info  telemetry_controller.cpp::processTelemetryData processing exiting
2026-02-28 13:00:48.405 [1437] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "cdf1adff2359b96dea5285a19d9d16db:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "stopped"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-28 13:00:48.961 [1438] info  communicator.cpp::processor processing exited
2026-02-28 13:01:02.964 [1063] warn  plugin_manager.cpp::finalize NotFound at /src/nebula/plugin_manager.cpp:510 ()
2026-02-28 13:01:03.965 [1063] info  mbdaemon.cpp::main Exiting Main - 0
2026-02-28 13:26:07.771 [1007] info  mbdaemon.cpp::main **************   mbdaemon has started - version 1.1.88  **************
2026-02-28 13:26:07.798 [1007] info  mbdaemon.cpp::main logLevel is info
2026-02-28 13:26:07.798 [1007] info  mbdaemon.cpp::main syslogLevel is warn
2026-02-28 13:26:07.798 [1007] info  sirius.cpp::initialize Setting Sirius Uri: https://sirius.threatdown.com
2026-02-28 13:26:07.798 [1007] info  sirius.cpp::initialize Setting Sirius channel: release
2026-02-28 13:26:07.996 [1007] info  sirius.cpp::verifyYaraDbIntegrity Checking yara db for validity
2026-02-28 13:26:08.045 [1007] info  telemetry_controller.cpp::initialize LibraryError at /src/common/telemetry_controller.cpp:29 ()
2026-02-28 13:26:08.431 [1007] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-02-28 13:26:08.431 [1422] info  telemetry_controller.cpp::processTelemetryData processing starting
2026-02-28 13:26:08.431 [1426] info  communicator.cpp::processor processing starting
2026-02-28 13:26:11.460 [1425] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-28 13:26:11.460 [1425] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-28 13:26:11.465 [1425] info  plugin_manager.cpp::ensureInstalled downloading and installing plugin epa.linux.plugin.edr
2026-02-28 13:26:11.465 [1425] info  sirius.cpp::downloadUpdates checking for new updates
2026-02-28 13:26:11.580 [1425] info  plugin_manager.cpp::ensureInstalled failed to update epa.linux.plugin.edr, using old version
2026-02-28 13:26:11.580 [1425] info  plugin_manager.cpp::ensureInstalled NetworkError at /src/nebula/plugin_manager.cpp:132 ()
2026-02-28 13:26:11.584 [1425] info  schedule_store.cpp::load Loaded nebula schedules
2026-02-28 13:26:11.587 [1425] error client.cpp::sync NetworkError at /src/nebula/client.cpp:703 ()
2026-02-28 13:26:11.588 [1425] info  client.cpp::requestJob User job requested: mblinux_postinit_quarantine_list - command.threat.quarantine.list
2026-02-28 13:26:12.439 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-02-28 13:26:12.528 [1423] info  on_timer.cpp::onTimerThread NetworkError at /src/mbdaemon/on_timer.cpp:111 ()
2026-02-28 13:26:15.592 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "cdf1adff2359b96dea5285a19d9d16db:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-28 13:26:21.823 [1425] error client.cpp::sync NetworkError at /src/nebula/client.cpp:703 ()
2026-02-28 13:26:31.832 [1425] error client.cpp::sync NetworkError at /src/nebula/client.cpp:703 ()
2026-02-28 13:26:41.842 [1425] error client.cpp::sync NetworkError at /src/nebula/client.cpp:703 ()
2026-02-28 13:27:05.206 [1425] error client.cpp::sync NetworkError at /src/nebula/client.cpp:703 ()
2026-02-28 13:27:15.216 [1425] error client.cpp::sync NetworkError at /src/nebula/client.cpp:703 ()
2026-02-28 13:27:29.039 [1425] error client.cpp::sync NetworkError at /src/nebula/client.cpp:703 ()
2026-02-28 13:27:39.051 [1425] error client.cpp::sync NetworkError at /src/nebula/client.cpp:703 ()
2026-02-28 13:27:49.061 [1425] error client.cpp::sync NetworkError at /src/nebula/client.cpp:703 ()
2026-02-28 13:27:59.071 [1425] error client.cpp::sync NetworkError at /src/nebula/client.cpp:703 ()
2026-02-28 13:28:09.298 [1425] info  client.cpp::callSync []
2026-02-28 13:28:09.406 [1425] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-02-28 13:28:09.406 [1425] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-02-28 13:28:10.408 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "bba800261ce1d464ca9cc04bafc2bb58:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-02-28 13:28:10.550 [1425] info  client.cpp::syncExclusions Updated exclusions: fcaf16a428ae48557f55a639b04d9fa6
2026-02-28 13:28:10.550 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-02-28 13:28:10.550 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: fcaf16a428ae48557f55a639b04d9fa6
2026-02-28 13:28:10.550 [1425] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-02-28 13:28:10.551 [1425] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-02-28 13:28:10.551 [1425] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-02-28 13:28:10.552 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-28 13:28:10.640 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-28 14:42:52.640 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-28 14:42:52.749 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-28 16:23:40.750 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-28 16:23:40.842 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-28 17:41:58.844 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-28 17:41:58.931 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-28 19:13:46.932 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-28 19:13:47.019 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-28 20:19:29.020 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-28 20:19:29.143 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-28 22:01:11.152 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-28 22:01:11.260 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-02-28 23:56:23.254 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-02-28 23:56:23.345 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-01 01:01:59.463 [1425] info  on_nebula.cpp::handle Performing threat scan
2026-03-01 01:12:09.544 [1425] info  on_nebula.cpp::handle Scan complete, duration: 610
2026-03-01 01:12:09.556 [1425] info  schedule_store.cpp::save Saved nebula schedules
2026-03-01 01:12:09.557 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-01 01:12:09.644 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-01 03:10:58.650 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-01 03:10:58.741 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-01 05:07:04.742 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-01 05:07:04.830 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-01 06:00:58.927 [1425] info  DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-03-01 06:00:58.927 [1425] info  asset_mgmt.cpp::collectData Collecting asset information
2026-03-01 06:00:58.927 [1425] info  asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-03-01 06:00:58.927 [1425] info  asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-01 06:00:58.927 [1425] info  asset_mgmt.cpp::collectMemory Collecting memory information
2026-03-01 06:00:58.927 [1425] info  asset_mgmt.cpp::collectDrives Collecting drive information
2026-03-01 06:01:10.976 [1425] info  asset_mgmt.cpp::collectStartups Collecting startups information
2026-03-01 06:01:11.982 [1425] info  asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-03-01 06:01:20.544 [1425] info  client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 364574076928, \"freespace_total\": 364574076928, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 748964569088, \"freespace_total\": 748964569088, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 7729360896, \"free_virtual\": 8589930496, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2026-03-01 06:01:20.578 [1425] info  schedule_store.cpp::save Saved nebula schedules
2026-03-01 06:01:20.580 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-01 06:01:20.723 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-01 07:34:02.724 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-01 07:34:02.810 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-01 09:29:14.812 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-01 09:29:14.899 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-01 11:17:14.900 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-01 11:17:15.013 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-01 12:49:57.121 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-01 12:49:57.235 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-01 13:26:17.097 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-03-01 13:26:17.272 [1423] info  sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-03-01 13:26:17.272 [1423] info  sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-03-01 13:26:17.540 [1423] info  sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-03-01 13:26:17.615 [1423] info  sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.107738

2026-03-01 13:26:18.626 [1423] info  sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.107738
2026-03-01 13:26:18.626 [1423] info  sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.107738
2026-03-01 13:26:18.749 [1423] info  IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-03-01 13:26:18.949 [1423] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-03-01 13:26:18.951 [1423] info  command_history.cpp::Cleanup Performing command history cleanup
2026-03-01 13:26:20.300 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "bba800261ce1d464ca9cc04bafc2bb58:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-01 13:26:24.310 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "bba800261ce1d464ca9cc04bafc2bb58:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-01 13:54:45.236 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-01 13:54:45.355 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-01 15:09:28.363 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-01 15:09:28.452 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-01 17:06:28.454 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-01 17:06:28.544 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-01 18:11:16.545 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-01 18:11:16.632 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-01 19:19:40.770 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-01 19:19:40.858 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-01 21:05:53.866 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-01 21:05:53.952 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-01 22:52:05.954 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-01 22:52:06.042 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-02 00:16:43.050 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-02 00:16:43.137 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-02 01:01:59.174 [1425] info  on_nebula.cpp::handle Performing threat scan
2026-03-02 01:20:50.781 [1425] info  on_nebula.cpp::handle Scan complete, duration: 1131
2026-03-02 01:20:50.796 [1425] info  schedule_store.cpp::save Saved nebula schedules
2026-03-02 01:20:50.797 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-02 01:20:50.920 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-02 03:16:56.921 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-02 03:16:57.010 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-02 04:38:58.643 [1425] info  client.cpp::sync Command received : event.policy.refresh
2026-03-02 04:38:58.781 [1425] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-02 04:38:58.781 [1425] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-02 04:38:58.781 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-02 04:38:59.788 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "3da17cd64848c35f3cea89fe09afdb86:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-02 04:38:59.794 [1425] info  client.cpp::sync Command received : event.exclusion.refresh
2026-03-02 04:38:59.794 [1425] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-02 04:38:59.950 [1425] info  client.cpp::syncExclusions Updated exclusions: nebula-1772444339
2026-03-02 04:38:59.950 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1772444339
2026-03-02 04:38:59.950 [1425] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-02 04:38:59.951 [1425] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-02 04:38:59.951 [1425] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-02 04:53:15.011 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-02 04:53:15.101 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-02 06:14:15.102 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-02 06:14:15.189 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-02 07:32:33.190 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-02 07:32:33.280 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-02 09:15:09.281 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-02 09:15:09.370 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-02 10:26:15.371 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-02 10:26:15.459 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-02 11:29:15.460 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-02 11:29:15.547 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-02 13:17:15.549 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-02 13:17:15.638 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-02 13:26:23.613 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-03-02 13:26:27.662 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "3da17cd64848c35f3cea89fe09afdb86:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-02 13:26:30.291 [1423] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-03-02 13:26:30.293 [1423] info  update.cpp::launchAgentUpdate No agent updates available
2026-03-02 13:26:30.293 [1423] info  on_timer.cpp::update No agent updates available
2026-03-02 13:26:30.293 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-03-02 13:26:30.471 [1423] info  sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-03-02 13:26:30.471 [1423] info  sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-03-02 13:26:30.741 [1423] info  sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-03-02 13:26:30.815 [1423] info  sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.107762

2026-03-02 13:26:31.630 [1423] info  sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.107762
2026-03-02 13:26:31.630 [1423] info  sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.107762
2026-03-02 13:26:31.838 [1423] info  IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-03-02 13:26:31.965 [1423] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-03-02 13:26:31.965 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-03-02 13:26:32.109 [1423] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-03-02 13:26:32.110 [1423] info  command_history.cpp::Cleanup Performing command history cleanup
2026-03-02 13:26:35.968 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "3da17cd64848c35f3cea89fe09afdb86:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-02 15:12:28.649 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-02 15:12:28.759 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-02 16:56:52.761 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-02 16:56:52.848 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-02 17:51:36.968 [1425] info  client.cpp::sync Command received : event.machine.sync
2026-03-02 17:51:39.773 [1425] error client.cpp::sync ParseError at /src/nebula/client.cpp:703 ()
2026-03-02 18:20:34.849 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-02 18:20:55.991 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-02 20:17:01.992 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-02 20:17:02.102 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-02 21:40:44.103 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-02 21:40:44.192 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-02 22:59:02.193 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-02 22:59:02.280 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-02 23:59:20.281 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-02 23:59:20.371 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-03 01:01:58.451 [1425] info  on_nebula.cpp::handle Performing threat scan
2026-03-03 01:12:57.589 [1425] info  on_nebula.cpp::handle Scan complete, duration: 659
2026-03-03 01:12:57.591 [1425] info  schedule_store.cpp::save Saved nebula schedules
2026-03-03 01:12:57.593 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-03 01:12:57.733 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-03 02:59:10.742 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-03 02:59:10.835 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-03 04:40:53.102 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-03 04:40:53.224 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-03 06:00:58.375 [1425] info  DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-03-03 06:00:58.375 [1425] info  asset_mgmt.cpp::collectData Collecting asset information
2026-03-03 06:00:58.376 [1425] info  asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-03-03 06:00:58.376 [1425] info  asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-03 06:00:58.376 [1425] info  asset_mgmt.cpp::collectMemory Collecting memory information
2026-03-03 06:00:58.376 [1425] info  asset_mgmt.cpp::collectDrives Collecting drive information
2026-03-03 06:01:10.462 [1425] info  asset_mgmt.cpp::collectStartups Collecting startups information
2026-03-03 06:01:11.472 [1425] info  asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-03-03 06:01:19.817 [1425] info  client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 365577637888, \"freespace_total\": 365577637888, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 747252924416, \"freespace_total\": 747252924416, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 8693649408, \"free_virtual\": 8573669376, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2026-03-03 06:01:19.863 [1425] info  schedule_store.cpp::save Saved nebula schedules
2026-03-03 06:01:19.865 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-03 06:01:19.972 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-03 07:39:25.974 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-03 07:39:26.063 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-03 09:11:47.337 [1425] info  client.cpp::sync Command received : event.policy.refresh
2026-03-03 09:11:47.479 [1425] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-03 09:11:47.479 [1425] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-03 09:11:47.480 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-03 09:11:48.493 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "6fe8b6193b6490b38e2f9550a2955fff:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-03 09:11:48.494 [1425] info  client.cpp::sync Command received : event.exclusion.refresh
2026-03-03 09:11:48.494 [1425] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-03 09:11:48.648 [1425] info  client.cpp::syncExclusions Updated exclusions: nebula-1772547108
2026-03-03 09:11:48.648 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1772547108
2026-03-03 09:11:48.649 [1425] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-03 09:11:48.651 [1425] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-03 09:11:48.651 [1425] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-03 09:32:50.064 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-03 09:32:50.152 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-03 11:13:38.154 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-03 11:13:38.241 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-03 11:21:50.598 [1425] info  client.cpp::sync Command received : event.machine.sync
2026-03-03 11:21:50.687 [1425] error client.cpp::sync ParseError at /src/nebula/client.cpp:703 ()
2026-03-03 12:56:14.242 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-03 12:56:14.330 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-03 13:24:23.473 [1425] info  client.cpp::sync Command received : event.policy.refresh
2026-03-03 13:24:23.587 [1425] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-03 13:24:23.587 [1425] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-03 13:24:23.587 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-03 13:24:23.679 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "a38b60e5aebc5b0720324bc13294f556:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-03 13:24:23.680 [1425] info  client.cpp::sync Command received : event.exclusion.refresh
2026-03-03 13:24:23.680 [1425] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-03 13:24:29.474 [1425] info  client.cpp::syncExclusions Updated exclusions: nebula-1772562263
2026-03-03 13:24:29.474 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1772562263
2026-03-03 13:24:29.474 [1425] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-03 13:24:29.475 [1425] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-03 13:24:29.475 [1425] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-03 13:26:37.350 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-03-03 13:26:39.603 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "a38b60e5aebc5b0720324bc13294f556:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-03 13:26:41.820 [1423] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-03-03 13:26:41.823 [1423] info  update.cpp::launchAgentUpdate No agent updates available
2026-03-03 13:26:41.823 [1423] info  on_timer.cpp::update No agent updates available
2026-03-03 13:26:41.823 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-03-03 13:26:41.972 [1423] info  sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-03-03 13:26:41.972 [1423] info  sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-03-03 13:26:42.239 [1423] info  sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-03-03 13:26:42.350 [1423] info  sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.107796

2026-03-03 13:26:43.439 [1423] info  sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.107796
2026-03-03 13:26:43.439 [1423] info  sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.107796
2026-03-03 13:26:43.853 [1423] info  IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-03-03 13:26:43.977 [1423] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-03-03 13:26:43.977 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-03-03 13:26:44.123 [1423] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-03-03 13:26:44.126 [1423] info  command_history.cpp::Cleanup Performing command history cleanup
2026-03-03 13:26:47.626 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "a38b60e5aebc5b0720324bc13294f556:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-03 13:38:55.515 [1425] info  client.cpp::registerRefresh nebula client refresh success
2026-03-03 13:38:55.515 [1425] info  plugin_manager.cpp::updateAuthToken sending updated auth token to epa.linux.plugin.edr
2026-03-03 13:38:55.538 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-03 13:38:55.625 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-03 15:06:13.626 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-03 15:06:13.739 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-03 16:25:25.740 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-03 16:25:25.829 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-03 18:26:01.830 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-03 18:26:01.917 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-03 20:14:01.919 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-03 20:14:02.008 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-03 21:50:19.341 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-03 21:50:32.240 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-03 23:07:17.931 [1425] info  client.cpp::sync Command received : event.policy.refresh
2026-03-03 23:07:18.310 [1425] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-03 23:07:18.310 [1425] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-03 23:07:18.310 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-03 23:07:19.319 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "37efb045b41d97b1d6535cb641196f84:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-03 23:07:19.320 [1425] info  client.cpp::sync Command received : event.exclusion.refresh
2026-03-03 23:07:19.320 [1425] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-03 23:07:19.597 [1425] info  client.cpp::syncExclusions Updated exclusions: nebula-1772597239
2026-03-03 23:07:19.597 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1772597239
2026-03-03 23:07:19.597 [1425] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-03 23:07:19.598 [1425] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-03 23:07:19.608 [1425] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-03 23:09:44.911 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-03 23:09:45.001 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-04 00:37:57.002 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-04 00:37:57.089 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-04 01:48:09.090 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-04 01:48:09.180 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-04 03:03:45.181 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-04 03:03:45.277 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-04 04:13:57.279 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-04 04:13:57.367 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-04 06:01:57.925 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-04 06:02:16.639 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-04 07:02:34.640 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-04 07:02:34.728 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-04 07:51:27.209 [1425] info  client.cpp::sync Command received : event.policy.refresh
2026-03-04 07:51:27.541 [1425] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-04 07:51:27.541 [1425] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-04 07:51:27.541 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-04 07:51:28.550 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "9dfa52ef0e476a5f07584996718c7c02:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-04 07:51:28.550 [1425] info  client.cpp::sync Command received : event.exclusion.refresh
2026-03-04 07:51:28.550 [1425] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-04 07:51:28.823 [1425] info  client.cpp::syncExclusions Updated exclusions: nebula-1772628688
2026-03-04 07:51:28.823 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1772628688
2026-03-04 07:51:28.823 [1425] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-04 07:51:28.824 [1425] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-04 07:51:28.832 [1425] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-04 08:28:04.729 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-04 08:28:35.852 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-04 08:53:45.189 [1425] info  client.cpp::callSync []
2026-03-04 08:53:46.305 [1425] info  client.cpp::syncExclusions Updated exclusions: 26021b627b166aca974fc6f46b0f49f2
2026-03-04 08:53:46.305 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: 26021b627b166aca974fc6f46b0f49f2
2026-03-04 08:53:46.305 [1425] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-04 08:53:46.306 [1425] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-04 08:53:46.306 [1425] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-04 08:53:46.307 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-04 08:53:46.394 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-04 10:03:05.404 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-04 10:03:05.493 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-04 11:12:23.494 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-04 11:12:23.581 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-04 12:14:29.583 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-04 12:14:29.700 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-04 13:26:48.460 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-03-04 13:26:53.771 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "9dfa52ef0e476a5f07584996718c7c02:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-04 13:26:53.963 [1423] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-03-04 13:26:53.964 [1423] info  update.cpp::launchAgentUpdate No agent updates available
2026-03-04 13:26:53.964 [1423] info  on_timer.cpp::update No agent updates available
2026-03-04 13:26:53.964 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-03-04 13:26:54.131 [1423] info  sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-03-04 13:26:54.131 [1423] info  sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-03-04 13:26:54.619 [1423] info  sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-03-04 13:26:54.726 [1423] info  sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.107820

2026-03-04 13:26:55.635 [1423] info  sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.107820
2026-03-04 13:26:55.790 [1423] info  sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.107820
2026-03-04 13:26:55.866 [1423] info  IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-03-04 13:26:56.379 [1423] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-03-04 13:26:56.379 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-03-04 13:26:56.523 [1423] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-03-04 13:26:56.524 [1423] info  command_history.cpp::Cleanup Performing command history cleanup
2026-03-04 13:26:57.785 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "9dfa52ef0e476a5f07584996718c7c02:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-04 13:53:29.701 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-04 13:53:29.789 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-04 15:45:59.790 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-04 15:45:59.876 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-04 17:03:23.877 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-04 17:03:23.964 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-04 18:36:59.965 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-04 18:37:00.051 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-04 20:06:07.064 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-04 20:06:07.151 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-04 21:32:31.152 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-04 21:32:31.243 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-04 22:51:56.522 [1425] info  client.cpp::sync Command received : event.policy.refresh
2026-03-04 22:52:04.420 [1425] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-04 22:52:04.420 [1425] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-04 22:52:04.420 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-04 22:52:05.429 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "f73403047341bd4b2ec24d5f3508036a:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-04 22:52:05.429 [1425] info  client.cpp::sync Command received : event.exclusion.refresh
2026-03-04 22:52:05.429 [1425] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-04 22:52:05.588 [1425] info  client.cpp::syncExclusions Updated exclusions: nebula-1772682725
2026-03-04 22:52:05.588 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1772682725
2026-03-04 22:52:05.588 [1425] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-04 22:52:05.588 [1425] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-04 22:52:05.596 [1425] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-04 23:14:13.243 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-04 23:14:13.334 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-05 01:01:59.469 [1425] info  on_nebula.cpp::handle Performing threat scan
2026-03-05 01:16:35.635 [1425] info  on_nebula.cpp::handle Scan complete, duration: 876
2026-03-05 01:16:35.648 [1425] info  schedule_store.cpp::save Saved nebula schedules
2026-03-05 01:16:35.649 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-05 01:16:35.769 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-05 02:32:12.780 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-05 02:32:12.869 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-05 04:17:30.871 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-05 04:17:30.958 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-05 06:00:59.131 [1425] info  DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-03-05 06:00:59.132 [1425] info  asset_mgmt.cpp::collectData Collecting asset information
2026-03-05 06:00:59.132 [1425] info  asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-03-05 06:00:59.132 [1425] info  asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-05 06:00:59.133 [1425] info  asset_mgmt.cpp::collectMemory Collecting memory information
2026-03-05 06:00:59.138 [1425] info  asset_mgmt.cpp::collectDrives Collecting drive information
2026-03-05 06:01:10.249 [1425] info  asset_mgmt.cpp::collectStartups Collecting startups information
2026-03-05 06:01:11.261 [1425] info  asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-03-05 06:01:19.621 [1425] info  client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 363346280448, \"freespace_total\": 363346280448, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 739901964288, \"freespace_total\": 739901964288, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 8322682880, \"free_virtual\": 8552181760, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2026-03-05 06:01:19.678 [1425] info  schedule_store.cpp::save Saved nebula schedules
2026-03-05 06:01:19.684 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-05 06:01:19.773 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-05 07:34:55.775 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-05 07:34:56.313 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-05 08:37:05.224 [1425] info  client.cpp::sync Command received : event.policy.refresh
2026-03-05 08:37:05.377 [1425] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-05 08:37:05.377 [1425] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-05 08:37:05.378 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-05 08:37:06.388 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "4de1db9d88c4f67209639c6425e80c53:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-05 08:37:06.389 [1425] info  client.cpp::sync Command received : event.exclusion.refresh
2026-03-05 08:37:06.389 [1425] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-05 08:37:06.533 [1425] info  client.cpp::syncExclusions Updated exclusions: nebula-1772717826
2026-03-05 08:37:06.533 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1772717826
2026-03-05 08:37:06.533 [1425] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-05 08:37:06.535 [1425] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-05 08:37:06.535 [1425] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-05 08:46:57.324 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-05 08:46:57.411 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-05 09:06:09.374 [1425] info  client.cpp::sync Command received : event.policy.refresh
2026-03-05 09:06:09.537 [1425] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-05 09:06:09.537 [1425] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-05 09:06:09.537 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-05 09:06:10.697 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "c56886f9e7d3de6d141f072c806f35bf:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-05 09:06:10.697 [1425] info  client.cpp::sync Command received : event.exclusion.refresh
2026-03-05 09:06:10.697 [1425] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-05 09:06:10.810 [1425] info  client.cpp::syncExclusions Updated exclusions: nebula-1772719570
2026-03-05 09:06:10.810 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1772719570
2026-03-05 09:06:10.810 [1425] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-05 09:06:10.811 [1425] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-05 09:06:10.811 [1425] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-05 09:11:41.721 [1425] info  client.cpp::sync Command received : event.policy.refresh
2026-03-05 09:11:41.864 [1425] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-05 09:11:41.864 [1425] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-05 09:11:41.864 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-05 09:11:43.139 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "d0dad7737293e4911039da03c95564dd:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-05 09:11:43.139 [1425] info  client.cpp::sync Command received : event.exclusion.refresh
2026-03-05 09:11:43.139 [1425] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-05 09:11:43.279 [1425] info  client.cpp::syncExclusions Updated exclusions: nebula-1772719903
2026-03-05 09:11:43.279 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1772719903
2026-03-05 09:11:43.279 [1425] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-05 09:11:43.280 [1425] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-05 09:11:43.280 [1425] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-05 10:40:22.422 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-05 10:40:22.511 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-05 11:46:03.684 [1425] info  client.cpp::sync Command received : event.policy.refresh
2026-03-05 11:46:03.850 [1425] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-05 11:46:03.851 [1425] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-05 11:46:03.851 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-05 11:46:04.861 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "643db69c3d5308d4386e7fbcc650bbb3:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-05 11:46:04.861 [1425] info  client.cpp::sync Command received : event.exclusion.refresh
2026-03-05 11:46:04.861 [1425] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-05 11:46:04.993 [1425] info  client.cpp::syncExclusions Updated exclusions: nebula-1772729164
2026-03-05 11:46:04.993 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1772729164
2026-03-05 11:46:04.993 [1425] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-05 11:46:04.994 [1425] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-05 11:46:04.994 [1425] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-05 11:58:40.513 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-05 11:58:40.623 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-05 13:16:58.635 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-05 13:16:58.722 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-05 13:27:00.985 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-03-05 13:27:04.753 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "643db69c3d5308d4386e7fbcc650bbb3:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-05 13:27:06.378 [1423] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-03-05 13:27:06.379 [1423] info  update.cpp::launchAgentUpdate No agent updates available
2026-03-05 13:27:06.379 [1423] info  on_timer.cpp::update No agent updates available
2026-03-05 13:27:06.379 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-03-05 13:27:06.523 [1423] info  sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-03-05 13:27:06.523 [1423] info  sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-03-05 13:27:06.972 [1423] info  sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-03-05 13:27:07.196 [1423] info  sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.107852

2026-03-05 13:27:08.137 [1423] info  sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.107852
2026-03-05 13:27:08.137 [1423] info  sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.107852
2026-03-05 13:27:08.307 [1423] info  IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-03-05 13:27:08.435 [1423] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-03-05 13:27:08.435 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-03-05 13:27:08.579 [1423] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-03-05 13:27:08.582 [1423] info  command_history.cpp::Cleanup Performing command history cleanup
2026-03-05 13:27:12.780 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "643db69c3d5308d4386e7fbcc650bbb3:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-05 15:08:34.723 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-05 15:08:34.812 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-05 16:16:04.813 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-05 16:16:04.900 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-05 17:46:04.901 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-05 17:46:04.988 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-05 19:38:34.989 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-05 19:38:35.079 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-05 21:30:11.080 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-05 21:30:11.191 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-05 22:58:23.193 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-05 22:58:23.279 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-06 00:37:23.280 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-06 00:37:23.367 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-06 02:04:42.380 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-06 02:04:42.495 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-06 03:56:18.497 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-06 03:56:18.585 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-06 05:01:06.586 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-06 05:01:06.871 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-06 06:00:58.968 [1425] info  DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-03-06 06:00:58.968 [1425] info  asset_mgmt.cpp::collectData Collecting asset information
2026-03-06 06:00:58.969 [1425] info  asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-03-06 06:00:58.969 [1425] info  asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-06 06:00:58.970 [1425] info  asset_mgmt.cpp::collectMemory Collecting memory information
2026-03-06 06:00:58.970 [1425] info  asset_mgmt.cpp::collectDrives Collecting drive information
2026-03-06 06:01:10.095 [1425] info  asset_mgmt.cpp::collectStartups Collecting startups information
2026-03-06 06:01:11.109 [1425] info  asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-03-06 06:01:19.549 [1425] info  client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 362189320192, \"freespace_total\": 362189320192, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 736677249024, \"freespace_total\": 736677249024, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 4898426880, \"free_virtual\": 8518356992, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2026-03-06 06:01:19.630 [1425] info  schedule_store.cpp::save Saved nebula schedules
2026-03-06 06:34:42.872 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-06 06:34:42.980 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-06 08:21:48.981 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-06 08:21:49.088 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-06 09:17:12.195 [1425] info  client.cpp::sync Command received : event.policy.refresh
2026-03-06 09:17:12.336 [1425] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-06 09:17:12.336 [1425] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-06 09:17:12.336 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-06 09:17:13.348 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "6fed22a9ce481a9c80c7300a97124ee0:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-06 09:17:13.349 [1425] info  client.cpp::sync Command received : event.exclusion.refresh
2026-03-06 09:17:13.349 [1425] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-06 09:17:13.510 [1425] info  client.cpp::syncExclusions Updated exclusions: nebula-1772806633
2026-03-06 09:17:13.510 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1772806633
2026-03-06 09:17:13.510 [1425] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-06 09:17:13.513 [1425] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-06 09:17:13.513 [1425] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-06 10:06:13.089 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-06 10:06:13.198 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-06 12:05:55.200 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-06 12:05:55.287 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-06 12:27:41.812 [1425] info  client.cpp::sync Command received : event.policy.refresh
2026-03-06 12:27:41.986 [1425] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-06 12:27:41.986 [1425] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-06 12:27:41.986 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-06 12:27:43.587 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "5c798a0fae58096ec92ebbcb9965b5b2:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-06 12:27:43.588 [1425] info  client.cpp::sync Command received : event.exclusion.refresh
2026-03-06 12:27:43.588 [1425] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-06 12:27:43.695 [1425] info  client.cpp::syncExclusions Updated exclusions: nebula-1772818063
2026-03-06 12:27:43.695 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1772818063
2026-03-06 12:27:43.695 [1425] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-06 12:27:43.696 [1425] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-06 12:27:43.696 [1425] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-06 13:24:13.288 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-06 13:24:13.389 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-06 13:27:13.398 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-03-06 13:27:15.644 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "5c798a0fae58096ec92ebbcb9965b5b2:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-06 13:27:18.745 [1423] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-03-06 13:27:18.745 [1423] info  update.cpp::launchAgentUpdate No agent updates available
2026-03-06 13:27:18.759 [1423] info  on_timer.cpp::update No agent updates available
2026-03-06 13:27:18.759 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-03-06 13:27:18.904 [1423] info  sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-03-06 13:27:18.904 [1423] info  sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-03-06 13:27:19.178 [1423] info  sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-03-06 13:27:19.282 [1423] info  sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.107868

2026-03-06 13:27:19.657 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "5c798a0fae58096ec92ebbcb9965b5b2:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-06 13:27:20.252 [1423] info  sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.107868
2026-03-06 13:27:20.252 [1423] info  sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.107868
2026-03-06 13:27:20.531 [1423] info  IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-03-06 13:27:20.684 [1423] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-03-06 13:27:20.685 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-03-06 13:27:20.856 [1423] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-03-06 13:27:21.001 [1423] info  command_history.cpp::Cleanup Performing command history cleanup
2026-03-06 14:41:37.390 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-06 14:41:47.742 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-06 15:50:11.744 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-06 15:50:11.833 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-06 17:28:17.835 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-06 17:28:17.946 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-06 19:01:53.947 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-06 19:01:54.033 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-06 21:00:42.034 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-06 21:00:42.125 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-06 21:08:23.221 [1425] info  client.cpp::sync Command received : event.policy.refresh
2026-03-06 21:08:23.335 [1425] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-06 21:08:23.335 [1425] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-06 21:08:23.335 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-06 21:08:24.345 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "46dd53a92433c05f49880ead35ae3d76:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-06 21:08:24.345 [1425] info  client.cpp::sync Command received : event.exclusion.refresh
2026-03-06 21:08:24.345 [1425] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-06 21:08:24.489 [1425] info  client.cpp::syncExclusions Updated exclusions: nebula-1772849304
2026-03-06 21:08:24.489 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1772849304
2026-03-06 21:08:24.489 [1425] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-06 21:08:24.489 [1425] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-06 21:08:24.489 [1425] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-06 22:46:54.126 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-06 22:46:54.214 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-07 00:18:42.216 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-07 00:18:42.305 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-07 01:01:58.316 [1425] info  on_nebula.cpp::handle Performing threat scan
2026-03-07 01:11:15.331 [1425] info  on_nebula.cpp::handle Scan complete, duration: 557
2026-03-07 01:11:15.335 [1425] info  schedule_store.cpp::save Saved nebula schedules
2026-03-07 01:11:15.336 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-07 01:11:15.460 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-07 02:28:39.655 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-07 02:28:39.747 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-07 03:11:16.163 [1425] info  client.cpp::sync Command received : event.policy.refresh
2026-03-07 03:11:16.273 [1425] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-07 03:11:16.273 [1425] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-07 03:11:16.273 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-07 03:11:17.285 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "1e1a9e10054fb41c24420cf5cccf29d6:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-07 03:11:17.285 [1425] info  client.cpp::sync Command received : event.exclusion.refresh
2026-03-07 03:11:17.285 [1425] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-07 03:11:17.427 [1425] info  client.cpp::syncExclusions Updated exclusions: nebula-1772871077
2026-03-07 03:11:17.427 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1772871077
2026-03-07 03:11:17.427 [1425] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-07 03:11:17.428 [1425] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-07 03:11:17.428 [1425] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-07 04:25:39.748 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-07 04:25:39.836 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-07 05:43:57.838 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-07 05:43:57.956 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-07 06:00:58.123 [1425] info  DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-03-07 06:00:58.123 [1425] info  asset_mgmt.cpp::collectData Collecting asset information
2026-03-07 06:00:58.123 [1425] info  asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-03-07 06:00:58.123 [1425] info  asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-07 06:00:58.124 [1425] info  asset_mgmt.cpp::collectMemory Collecting memory information
2026-03-07 06:00:58.124 [1425] info  asset_mgmt.cpp::collectDrives Collecting drive information
2026-03-07 06:01:08.253 [1425] info  asset_mgmt.cpp::collectStartups Collecting startups information
2026-03-07 06:01:09.264 [1425] info  asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-03-07 06:01:18.145 [1425] info  client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 359105085440, \"freespace_total\": 359105085440, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 737291735040, \"freespace_total\": 737291735040, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 9398276096, \"free_virtual\": 8376545280, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2026-03-07 06:01:18.201 [1425] info  schedule_store.cpp::save Saved nebula schedules
2026-03-07 06:01:18.202 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-07 06:01:18.327 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-07 07:22:18.328 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-07 07:22:18.415 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-07 09:13:00.417 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-07 09:13:00.503 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-07 10:44:48.505 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-07 10:44:48.594 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-07 12:18:25.607 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-07 12:18:25.694 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-07 13:27:25.942 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-03-07 13:27:32.314 [1423] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-03-07 13:27:32.315 [1423] info  update.cpp::launchAgentUpdate No agent updates available
2026-03-07 13:27:32.315 [1423] info  on_timer.cpp::update No agent updates available
2026-03-07 13:27:32.315 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-03-07 13:27:32.460 [1423] info  sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-03-07 13:27:32.460 [1423] info  sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-03-07 13:27:32.713 [1423] info  sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-03-07 13:27:32.790 [1423] info  sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.107894

2026-03-07 13:27:33.807 [1423] info  sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.107894
2026-03-07 13:27:33.808 [1423] info  sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.107894
2026-03-07 13:27:34.071 [1423] info  IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-03-07 13:27:34.201 [1423] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-03-07 13:27:34.201 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-03-07 13:27:34.376 [1423] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-03-07 13:27:34.379 [1423] info  command_history.cpp::Cleanup Performing command history cleanup
2026-03-07 13:39:26.706 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-07 13:39:34.829 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-07 15:32:04.830 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-07 15:32:04.917 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-07 17:04:46.918 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-07 17:04:47.006 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-07 18:45:35.008 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-07 18:45:35.097 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-07 20:28:11.099 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-07 20:28:11.188 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-07 22:06:16.294 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-07 22:06:16.380 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-07 23:42:35.283 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-07 23:42:35.371 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-08 01:02:00.424 [1425] info  on_nebula.cpp::handle Performing threat scan
2026-03-08 01:15:26.300 [1425] info  on_nebula.cpp::handle Scan complete, duration: 806
2026-03-08 01:15:26.306 [1425] info  schedule_store.cpp::save Saved nebula schedules
2026-03-08 01:15:26.307 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-08 01:15:26.443 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-08 03:17:32.444 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-08 03:17:32.599 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-08 05:10:02.598 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-08 05:10:02.694 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-08 06:33:44.696 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-08 06:33:44.818 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-08 07:01:00.914 [1425] info  DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-03-08 07:01:00.914 [1425] info  asset_mgmt.cpp::collectData Collecting asset information
2026-03-08 07:01:00.914 [1425] info  asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-03-08 07:01:00.914 [1425] info  asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-08 07:01:00.915 [1425] info  asset_mgmt.cpp::collectMemory Collecting memory information
2026-03-08 07:01:00.919 [1425] info  asset_mgmt.cpp::collectDrives Collecting drive information
2026-03-08 07:01:12.044 [1425] info  asset_mgmt.cpp::collectStartups Collecting startups information
2026-03-08 07:01:13.059 [1425] info  asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-03-08 07:01:21.469 [1425] info  client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 355488911360, \"freespace_total\": 355488911360, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 736434843648, \"freespace_total\": 736434843648, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 5723987968, \"free_virtual\": 8398303232, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2026-03-08 07:01:21.502 [1425] info  schedule_store.cpp::save Saved nebula schedules
2026-03-08 07:52:57.261 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-08 07:52:57.402 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-08 09:46:21.619 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-08 09:46:21.706 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-08 10:22:41.625 [1425] info  client.cpp::sync Command received : event.policy.refresh
2026-03-08 10:22:41.754 [1425] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-08 10:22:41.754 [1425] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-08 10:22:41.754 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-08 10:22:42.774 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "49789fabb785b01d020ca6732016ccf4:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-08 10:22:42.856 [1425] info  client.cpp::sync Command received : event.exclusion.refresh
2026-03-08 10:22:42.856 [1425] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-08 10:22:42.947 [1425] info  client.cpp::syncExclusions Updated exclusions: nebula-1772979762
2026-03-08 10:22:42.947 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1772979762
2026-03-08 10:22:42.948 [1425] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-08 10:22:42.949 [1425] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-08 10:22:42.949 [1425] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-08 11:03:45.907 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-08 11:03:45.995 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-08 12:22:03.997 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-08 12:22:04.086 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-08 13:29:34.088 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-08 13:29:34.180 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-08 14:27:38.482 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-03-08 14:27:41.234 [1423] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-03-08 14:27:41.296 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "49789fabb785b01d020ca6732016ccf4:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-08 14:27:41.716 [1423] info  update.cpp::launchAgentUpdate No agent updates available
2026-03-08 14:27:41.716 [1423] info  on_timer.cpp::update No agent updates available
2026-03-08 14:27:41.716 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-03-08 14:27:41.861 [1423] info  sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-03-08 14:27:41.861 [1423] info  sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-03-08 14:27:42.585 [1423] info  sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-03-08 14:27:42.971 [1423] info  sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.107904

2026-03-08 14:27:44.104 [1423] info  sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.107904
2026-03-08 14:27:44.104 [1423] info  sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.107904
2026-03-08 14:27:44.839 [1423] info  IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-03-08 14:27:44.969 [1423] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-03-08 14:27:44.981 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-03-08 14:27:45.125 [1423] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-03-08 14:27:45.131 [1423] info  command_history.cpp::Cleanup Performing command history cleanup
2026-03-08 14:27:45.311 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "49789fabb785b01d020ca6732016ccf4:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-08 14:39:47.192 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-08 14:39:47.280 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-08 15:09:43.127 [1425] info  client.cpp::sync Command received : event.policy.refresh
2026-03-08 15:09:43.268 [1425] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-08 15:09:43.268 [1425] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-08 15:09:43.268 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-08 15:09:44.284 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "9910b3b4763458b6bd74ed58e2cce914:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-08 15:09:44.333 [1425] info  client.cpp::sync Command received : event.exclusion.refresh
2026-03-08 15:09:44.333 [1425] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-08 15:09:44.468 [1425] info  client.cpp::syncExclusions Updated exclusions: nebula-1772996984
2026-03-08 15:09:44.468 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1772996984
2026-03-08 15:09:44.468 [1425] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-08 15:09:44.469 [1425] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-08 15:09:44.474 [1425] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-08 16:38:35.282 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-08 16:38:35.370 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-08 17:49:41.372 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-08 17:49:41.466 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-08 19:25:05.468 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-08 19:25:05.557 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-08 20:38:53.558 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-08 20:38:53.646 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-08 21:50:53.806 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-08 21:50:53.894 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-08 23:33:30.744 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-08 23:33:30.833 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-09 00:58:06.834 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-09 00:58:06.941 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-09 02:01:59.122 [1425] info  on_nebula.cpp::handle Performing threat scan
2026-03-09 02:14:15.773 [1425] info  on_nebula.cpp::handle Scan complete, duration: 736
2026-03-09 02:14:15.989 [1425] info  schedule_store.cpp::save Saved nebula schedules
2026-03-09 02:14:15.991 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-09 02:14:16.091 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-09 02:46:11.188 [1425] info  client.cpp::sync Command received : event.policy.refresh
2026-03-09 02:46:11.292 [1425] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-09 02:46:11.292 [1425] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-09 02:46:11.292 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-09 02:46:12.303 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "1d1672ee85ff821cbc778f9663c34110:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-09 02:46:12.304 [1425] info  client.cpp::sync Command received : event.exclusion.refresh
2026-03-09 02:46:12.304 [1425] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-09 02:46:12.461 [1425] info  client.cpp::syncExclusions Updated exclusions: nebula-1773038772
2026-03-09 02:46:12.461 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1773038772
2026-03-09 02:46:12.461 [1425] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-09 02:46:12.461 [1425] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-09 02:46:12.461 [1425] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-09 04:04:04.307 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-09 04:04:04.396 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-09 05:58:22.398 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-09 05:58:22.510 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-09 07:49:04.511 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-09 07:49:04.621 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-09 09:45:11.633 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-09 09:45:11.750 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-09 10:09:24.607 [1425] info  client.cpp::sync Command received : event.policy.refresh
2026-03-09 10:09:24.715 [1425] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-09 10:09:24.715 [1425] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-09 10:09:24.715 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-09 10:09:25.731 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "fee95f1312e62045797b9441a45d5231:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-09 10:09:25.732 [1425] info  client.cpp::sync Command received : event.exclusion.refresh
2026-03-09 10:09:25.732 [1425] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-09 10:09:25.882 [1425] info  client.cpp::syncExclusions Updated exclusions: nebula-1773065365
2026-03-09 10:09:25.882 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1773065365
2026-03-09 10:09:25.882 [1425] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-09 10:09:25.883 [1425] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-09 10:09:25.885 [1425] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-09 10:54:29.751 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-09 10:54:29.870 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-09 12:10:59.871 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-09 12:10:59.959 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-09 12:42:05.580 [1425] info  client.cpp::sync Command received : event.policy.refresh
2026-03-09 12:42:05.712 [1425] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-09 12:42:05.712 [1425] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-09 12:42:05.712 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-09 12:42:07.972 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "175094e6167752806f613b8ca02aa40e:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-09 12:42:07.972 [1425] info  client.cpp::sync Command received : event.exclusion.refresh
2026-03-09 12:42:07.972 [1425] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-09 12:42:08.081 [1425] info  client.cpp::syncExclusions Updated exclusions: nebula-1773074527
2026-03-09 12:42:08.082 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1773074527
2026-03-09 12:42:08.082 [1425] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-09 12:42:08.082 [1425] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-09 12:42:08.082 [1425] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-09 13:42:47.961 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-09 13:42:48.047 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-09 14:27:49.279 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-03-09 14:27:52.059 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "175094e6167752806f613b8ca02aa40e:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-09 14:27:54.729 [1423] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-03-09 14:27:54.729 [1423] info  update.cpp::launchAgentUpdate No agent updates available
2026-03-09 14:27:54.729 [1423] info  on_timer.cpp::update No agent updates available
2026-03-09 14:27:54.729 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-03-09 14:27:54.874 [1423] info  sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-03-09 14:27:54.874 [1423] info  sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-03-09 14:27:55.154 [1423] info  sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-03-09 14:27:55.292 [1423] info  sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.107914

2026-03-09 14:27:56.073 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "175094e6167752806f613b8ca02aa40e:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-09 14:27:56.178 [1423] info  sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.107914
2026-03-09 14:27:56.178 [1423] info  sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.107914
2026-03-09 14:27:56.333 [1423] info  IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-03-09 14:27:56.459 [1423] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-03-09 14:27:56.460 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-03-09 14:27:56.605 [1423] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-03-09 14:27:56.767 [1423] info  command_history.cpp::Cleanup Performing command history cleanup
2026-03-09 15:32:36.049 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-09 15:32:36.142 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-09 16:43:42.144 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-09 16:43:42.233 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-09 18:38:54.234 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-09 18:38:54.328 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-09 20:37:42.755 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-09 20:37:42.844 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-09 21:46:06.845 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-09 21:46:06.934 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-09 23:46:42.939 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-09 23:46:43.031 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-10 01:21:13.032 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-10 01:21:13.119 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-10 02:01:59.187 [1425] info  on_nebula.cpp::handle Performing threat scan
2026-03-10 02:12:29.077 [1425] info  on_nebula.cpp::handle Scan complete, duration: 630
2026-03-10 02:12:29.079 [1425] info  schedule_store.cpp::save Saved nebula schedules
2026-03-10 02:12:29.081 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-10 02:12:29.214 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-10 03:12:48.231 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-10 03:12:48.320 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-10 04:32:00.321 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-10 04:32:00.408 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-10 06:05:36.409 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-10 06:05:36.497 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-10 07:00:58.781 [1425] info  DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-03-10 07:00:58.781 [1425] info  asset_mgmt.cpp::collectData Collecting asset information
2026-03-10 07:00:58.786 [1425] info  asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-03-10 07:00:58.786 [1425] info  asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-10 07:00:58.787 [1425] info  asset_mgmt.cpp::collectMemory Collecting memory information
2026-03-10 07:00:58.787 [1425] info  asset_mgmt.cpp::collectDrives Collecting drive information
2026-03-10 07:01:10.116 [1425] info  asset_mgmt.cpp::collectStartups Collecting startups information
2026-03-10 07:01:11.131 [1425] info  asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-03-10 07:01:18.933 [1425] info  client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 366054903808, \"freespace_total\": 366054903808, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 734802198528, \"freespace_total\": 734802198528, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 3281874944, \"free_virtual\": 8404070400, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2026-03-10 07:01:18.973 [1425] info  schedule_store.cpp::save Saved nebula schedules
2026-03-10 07:57:12.499 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-10 07:57:12.590 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-10 09:45:12.592 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-10 09:45:12.700 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-10 11:32:18.701 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-10 11:32:18.815 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-10 12:52:24.817 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-10 12:52:24.905 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-10 14:28:01.453 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-03-10 14:28:06.815 [1423] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-03-10 14:28:06.817 [1423] info  update.cpp::launchAgentUpdate No agent updates available
2026-03-10 14:28:06.817 [1423] info  on_timer.cpp::update No agent updates available
2026-03-10 14:28:06.817 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-03-10 14:28:06.963 [1423] info  sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-03-10 14:28:06.963 [1423] info  sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-03-10 14:28:07.518 [1423] info  sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-03-10 14:28:07.602 [1423] info  sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.107930

2026-03-10 14:28:08.491 [1423] info  sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.107930
2026-03-10 14:28:08.491 [1423] info  sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.107930
2026-03-10 14:28:08.615 [1423] info  IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-03-10 14:28:08.740 [1423] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-03-10 14:28:08.740 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-03-10 14:28:08.909 [1423] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-03-10 14:28:08.911 [1423] info  command_history.cpp::Cleanup Performing command history cleanup
2026-03-10 14:49:24.906 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-10 14:49:25.019 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-10 16:41:55.020 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-10 16:41:55.109 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-10 18:06:31.110 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-10 18:06:31.205 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-10 19:31:08.218 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-10 19:31:08.306 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-10 20:58:26.308 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-10 20:58:26.395 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-10 22:57:14.397 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-10 22:57:14.488 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-11 00:53:20.488 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-11 00:53:20.577 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-11 02:02:00.632 [1425] info  on_nebula.cpp::handle Performing threat scan
2026-03-11 02:12:49.000 [1425] info  on_nebula.cpp::handle Scan complete, duration: 648
2026-03-11 02:12:49.008 [1425] info  schedule_store.cpp::save Saved nebula schedules
2026-03-11 02:12:49.009 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-11 02:12:49.133 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-11 03:40:07.134 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-11 03:40:07.225 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-11 05:28:07.226 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-11 05:28:07.337 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-11 06:55:25.678 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-11 06:55:25.810 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-11 07:01:00.909 [1425] info  DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-03-11 07:01:00.909 [1425] info  asset_mgmt.cpp::collectData Collecting asset information
2026-03-11 07:01:00.910 [1425] info  asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-03-11 07:01:00.910 [1425] info  asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-11 07:01:00.910 [1425] info  asset_mgmt.cpp::collectMemory Collecting memory information
2026-03-11 07:01:00.911 [1425] info  asset_mgmt.cpp::collectDrives Collecting drive information
2026-03-11 07:01:09.051 [1425] info  asset_mgmt.cpp::collectStartups Collecting startups information
2026-03-11 07:01:10.063 [1425] info  asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-03-11 07:01:18.570 [1425] info  client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 364226289664, \"freespace_total\": 364226289664, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 734071136256, \"freespace_total\": 734071136256, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 901996544, \"free_virtual\": 8372170752, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\":
2026-03-11 07:01:18.627 [1425] info  schedule_store.cpp::save Saved nebula schedules
2026-03-11 08:40:43.811 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-11 08:40:43.899 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-11 10:26:17.967 [1425] info  client.cpp::sync Command received : event.policy.refresh
2026-03-11 10:26:18.091 [1425] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-11 10:26:18.091 [1425] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-11 10:26:18.095 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-11 10:26:19.106 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "a81cfa8c3acd13e9edaf731acddad726:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-11 10:26:19.107 [1425] info  client.cpp::sync Command received : event.exclusion.refresh
2026-03-11 10:26:19.107 [1425] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-11 10:26:19.234 [1425] info  client.cpp::syncExclusions Updated exclusions: nebula-1773239179
2026-03-11 10:26:19.234 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1773239179
2026-03-11 10:26:19.234 [1425] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-11 10:26:19.234 [1425] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-11 10:26:19.237 [1425] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-11 10:36:49.904 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-11 10:36:49.993 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-11 12:01:25.995 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-11 12:01:26.082 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-11 13:27:50.084 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-11 13:27:50.171 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-11 14:28:13.777 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-03-11 14:28:19.148 [1423] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-03-11 14:28:19.153 [1423] info  update.cpp::launchAgentUpdate No agent updates available
2026-03-11 14:28:19.153 [1423] info  on_timer.cpp::update No agent updates available
2026-03-11 14:28:19.153 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-03-11 14:28:19.301 [1423] info  sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-03-11 14:28:19.301 [1423] info  sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-03-11 14:28:19.934 [1423] info  sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-03-11 14:28:20.005 [1423] info  sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.107944

2026-03-11 14:28:21.047 [1423] info  sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.107944
2026-03-11 14:28:21.047 [1423] info  sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.107944
2026-03-11 14:28:21.237 [1423] info  IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-03-11 14:28:21.364 [1423] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-03-11 14:28:21.365 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-03-11 14:28:21.509 [1423] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-03-11 14:28:21.515 [1423] info  command_history.cpp::Cleanup Performing command history cleanup
2026-03-11 15:00:32.172 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-11 15:00:32.262 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-11 15:09:24.747 [1425] info  client.cpp::sync Command received : event.policy.refresh
2026-03-11 15:09:25.085 [1425] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-11 15:09:25.085 [1425] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-11 15:09:25.085 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-11 15:09:26.096 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "70a9d52cafad93cd92b44576a575c126:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-11 15:09:26.097 [1425] info  client.cpp::sync Command received : event.exclusion.refresh
2026-03-11 15:09:26.097 [1425] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-11 15:09:26.245 [1425] info  client.cpp::syncExclusions Updated exclusions: nebula-1773256166
2026-03-11 15:09:26.245 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1773256166
2026-03-11 15:09:26.245 [1425] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-11 15:09:26.245 [1425] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-11 15:09:26.246 [1425] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-11 16:14:20.261 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-11 16:14:20.351 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-11 17:49:44.350 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-11 17:49:44.439 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-11 19:46:44.444 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-11 19:46:44.532 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-11 20:14:29.758 [1425] info  client.cpp::sync Command received : event.policy.refresh
2026-03-11 20:14:29.884 [1425] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-11 20:14:29.884 [1425] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-11 20:14:29.884 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-11 20:14:30.895 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "75b1b695ea099f81a775d34912958fc8:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-11 20:14:30.896 [1425] info  client.cpp::sync Command received : event.exclusion.refresh
2026-03-11 20:14:30.896 [1425] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-11 20:14:31.031 [1425] info  client.cpp::syncExclusions Updated exclusions: nebula-1773274470
2026-03-11 20:14:31.031 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1773274470
2026-03-11 20:14:31.031 [1425] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-11 20:14:31.032 [1425] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-11 20:14:31.032 [1425] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-11 21:31:08.744 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-11 21:31:08.855 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-11 22:52:08.860 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-11 22:52:08.971 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-11 23:24:12.302 [1425] info  client.cpp::sync Command received : event.policy.refresh
2026-03-11 23:24:12.406 [1425] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-11 23:24:12.406 [1425] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-11 23:24:12.406 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-11 23:24:14.042 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "a42d353ac1de7a07e47f261158e4a9da:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-11 23:24:14.043 [1425] info  client.cpp::sync Command received : event.exclusion.refresh
2026-03-11 23:24:14.043 [1425] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-11 23:24:14.172 [1425] info  client.cpp::syncExclusions Updated exclusions: nebula-1773285854
2026-03-11 23:24:14.172 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1773285854
2026-03-11 23:24:14.172 [1425] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-11 23:24:14.172 [1425] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-11 23:24:14.173 [1425] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-11 23:57:50.970 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-11 23:57:51.060 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-12 01:38:40.072 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-12 01:38:40.159 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-12 02:01:59.336 [1425] info  on_nebula.cpp::handle Performing threat scan
2026-03-12 02:14:21.763 [1425] info  on_nebula.cpp::handle Scan complete, duration: 742
2026-03-12 02:14:21.765 [1425] info  schedule_store.cpp::save Saved nebula schedules
2026-03-12 02:14:21.766 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-12 02:14:21.921 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-12 03:39:51.920 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-12 03:39:52.009 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-12 04:07:46.652 [1425] info  client.cpp::sync Command received : event.policy.refresh
2026-03-12 04:07:46.758 [1425] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-12 04:07:46.758 [1425] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-12 04:07:46.758 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-12 04:07:47.769 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "2b53102c21f330e8d416dd72714580ec:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-12 04:07:47.770 [1425] info  client.cpp::sync Command received : event.exclusion.refresh
2026-03-12 04:07:47.770 [1425] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-12 04:07:47.892 [1425] info  client.cpp::syncExclusions Updated exclusions: nebula-1773302867
2026-03-12 04:07:47.892 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1773302867
2026-03-12 04:07:47.892 [1425] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-12 04:07:47.893 [1425] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-12 04:07:47.893 [1425] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-12 05:40:28.010 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-12 05:40:28.376 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-12 07:00:59.467 [1425] info  DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-03-12 07:00:59.467 [1425] info  asset_mgmt.cpp::collectData Collecting asset information
2026-03-12 07:00:59.467 [1425] info  asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-03-12 07:00:59.467 [1425] info  asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-12 07:00:59.468 [1425] info  asset_mgmt.cpp::collectMemory Collecting memory information
2026-03-12 07:00:59.468 [1425] info  asset_mgmt.cpp::collectDrives Collecting drive information
2026-03-12 07:01:10.594 [1425] info  asset_mgmt.cpp::collectStartups Collecting startups information
2026-03-12 07:01:11.607 [1425] info  asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-03-12 07:01:18.978 [1425] info  client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 364469620736, \"freespace_total\": 364469620736, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 733300776960, \"freespace_total\": 733300776960, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 13337792512, \"free_virtual\": 8370253824, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\
2026-03-12 07:01:19.010 [1425] info  schedule_store.cpp::save Saved nebula schedules
2026-03-12 07:07:47.388 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-12 07:07:47.477 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-12 08:41:32.514 [1425] info  client.cpp::sync Command received : event.policy.refresh
2026-03-12 08:41:32.620 [1425] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-12 08:41:32.620 [1425] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-12 08:41:32.620 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-12 08:41:33.899 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "97f2667750a7a89dcfcb03345afd7359:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-12 08:41:33.903 [1425] info  client.cpp::sync Command received : event.exclusion.refresh
2026-03-12 08:41:33.903 [1425] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-12 08:41:34.036 [1425] info  client.cpp::syncExclusions Updated exclusions: nebula-1773319293
2026-03-12 08:41:34.036 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1773319293
2026-03-12 08:41:34.036 [1425] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-12 08:41:34.036 [1425] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-12 08:41:34.036 [1425] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-12 08:46:47.478 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-12 08:46:47.567 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-12 10:38:23.567 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-12 10:38:23.657 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-12 12:22:47.658 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-12 12:23:15.264 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-12 14:01:21.265 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-12 14:01:21.383 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-12 14:28:26.439 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-03-12 14:28:29.607 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "97f2667750a7a89dcfcb03345afd7359:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-12 14:28:31.826 [1423] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-03-12 14:28:31.826 [1423] info  update.cpp::launchAgentUpdate No agent updates available
2026-03-12 14:28:31.826 [1423] info  on_timer.cpp::update No agent updates available
2026-03-12 14:28:31.826 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-03-12 14:28:31.971 [1423] info  sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-03-12 14:28:31.972 [1423] info  sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-03-12 14:28:32.476 [1423] info  sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-03-12 14:28:32.673 [1423] info  sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.107966

2026-03-12 14:28:33.586 [1423] info  sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.107966
2026-03-12 14:28:33.586 [1423] info  sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.107966
2026-03-12 14:28:33.885 [1423] info  IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-03-12 14:28:34.034 [1423] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-03-12 14:28:34.034 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-03-12 14:28:34.250 [1423] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-03-12 14:28:34.251 [1423] info  command_history.cpp::Cleanup Performing command history cleanup
2026-03-12 14:29:05.736 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "97f2667750a7a89dcfcb03345afd7359:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-12 15:34:57.385 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-12 15:34:57.499 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-12 16:35:15.501 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-12 16:35:15.618 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-12 18:12:27.620 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-12 18:12:27.709 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-12 18:24:59.415 [1425] info  client.cpp::sync Command received : event.policy.refresh
2026-03-12 18:24:59.573 [1425] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-12 18:24:59.573 [1425] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-12 18:24:59.573 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-12 18:25:00.584 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "462813532278ae6349de664058df86e6:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-12 18:25:00.585 [1425] info  client.cpp::sync Command received : event.exclusion.refresh
2026-03-12 18:25:00.585 [1425] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-12 18:25:00.750 [1425] info  client.cpp::syncExclusions Updated exclusions: nebula-1773354300
2026-03-12 18:25:00.750 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1773354300
2026-03-12 18:25:00.750 [1425] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-12 18:25:00.751 [1425] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-12 18:25:00.755 [1425] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-12 20:11:15.710 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-12 20:11:15.797 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-12 22:08:16.787 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-12 22:08:16.876 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-12 23:32:52.897 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-12 23:32:52.984 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-13 01:27:10.986 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-13 01:27:11.073 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-13 02:01:59.200 [1425] info  on_nebula.cpp::handle Performing threat scan
2026-03-13 02:13:54.673 [1425] info  on_nebula.cpp::handle Scan complete, duration: 715
2026-03-13 02:13:54.681 [1425] info  schedule_store.cpp::save Saved nebula schedules
2026-03-13 02:13:54.682 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-13 02:13:54.793 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-13 03:25:01.806 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-13 03:25:01.920 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-13 04:27:07.120 [1425] info  client.cpp::sync Command received : event.policy.refresh
2026-03-13 04:27:07.228 [1425] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-13 04:27:07.228 [1425] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-13 04:27:07.228 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-13 04:27:08.239 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "42892fc7881b5d55af0df2167a7d7b9d:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-13 04:27:08.240 [1425] info  client.cpp::sync Command received : event.exclusion.refresh
2026-03-13 04:27:08.240 [1425] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-13 04:27:08.399 [1425] info  client.cpp::syncExclusions Updated exclusions: nebula-1773390428
2026-03-13 04:27:08.399 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1773390428
2026-03-13 04:27:08.399 [1425] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-13 04:27:08.399 [1425] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-13 04:27:08.400 [1425] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-13 05:15:43.922 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-13 05:16:09.567 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-13 06:41:39.568 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-13 06:41:39.659 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-13 07:01:00.846 [1425] info  DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-03-13 07:01:00.846 [1425] info  asset_mgmt.cpp::collectData Collecting asset information
2026-03-13 07:01:00.846 [1425] info  asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-03-13 07:01:00.846 [1425] info  asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-13 07:01:00.847 [1425] info  asset_mgmt.cpp::collectMemory Collecting memory information
2026-03-13 07:01:00.847 [1425] info  asset_mgmt.cpp::collectDrives Collecting drive information
2026-03-13 07:01:08.992 [1425] info  asset_mgmt.cpp::collectStartups Collecting startups information
2026-03-13 07:01:10.005 [1425] info  asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-03-13 07:01:17.488 [1425] info  client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 363237400576, \"freespace_total\": 363237400576, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 732514926592, \"freespace_total\": 732514926592, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 7587012608, \"free_virtual\": 8403808256, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2026-03-13 07:01:17.537 [1425] info  schedule_store.cpp::save Saved nebula schedules
2026-03-13 08:35:57.659 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-13 08:35:57.747 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-13 10:12:16.760 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-13 10:12:16.867 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-13 11:50:22.868 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-13 11:50:22.958 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-13 13:19:28.959 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-13 13:19:29.048 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-13 14:28:38.254 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-03-13 14:28:41.220 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "42892fc7881b5d55af0df2167a7d7b9d:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-13 14:28:44.619 [1423] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-03-13 14:28:44.632 [1423] info  update.cpp::launchAgentUpdate No agent updates available
2026-03-13 14:28:44.632 [1423] info  on_timer.cpp::update No agent updates available
2026-03-13 14:28:44.632 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-03-13 14:28:44.779 [1423] info  sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-03-13 14:28:44.779 [1423] info  sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-03-13 14:28:45.279 [1423] info  sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-03-13 14:28:45.456 [1423] info  sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.107980

2026-03-13 14:28:46.379 [1423] info  sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.107980
2026-03-13 14:28:46.379 [1423] info  sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.107980
2026-03-13 14:28:46.634 [1423] info  IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-03-13 14:28:46.778 [1423] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-03-13 14:28:46.779 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-03-13 14:28:46.924 [1423] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-03-13 14:28:46.927 [1423] info  command_history.cpp::Cleanup Performing command history cleanup
2026-03-13 14:28:55.072 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "42892fc7881b5d55af0df2167a7d7b9d:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-13 14:30:36.061 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-13 14:30:36.190 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-13 15:35:24.202 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-13 15:35:24.290 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-13 17:31:30.291 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-13 17:31:30.380 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-13 18:48:00.383 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-13 18:48:00.474 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-13 20:42:19.487 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-13 20:42:19.596 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-13 22:21:19.600 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-13 22:21:34.039 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-13 23:36:17.050 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-13 23:36:17.141 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-14 00:49:19.746 [1425] info  client.cpp::callSync []
2026-03-14 00:49:20.847 [1425] info  client.cpp::syncExclusions Updated exclusions: ae03ab6d8de8bf045dc3f875c32130e0
2026-03-14 00:49:20.847 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: ae03ab6d8de8bf045dc3f875c32130e0
2026-03-14 00:49:20.847 [1425] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-14 00:49:20.848 [1425] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-14 00:49:20.849 [1425] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-14 00:49:20.851 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-14 00:49:20.940 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-14 02:15:44.942 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-14 02:15:45.055 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-14 03:06:40.972 [1425] info  client.cpp::sync Command received : event.policy.refresh
2026-03-14 03:06:41.078 [1425] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-14 03:06:41.079 [1425] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-14 03:06:41.079 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-14 03:06:42.206 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "644013ce2e4ebcb44e68486033dcdf8a:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-14 03:06:42.207 [1425] info  client.cpp::sync Command received : event.exclusion.refresh
2026-03-14 03:06:42.207 [1425] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-14 03:06:42.340 [1425] info  client.cpp::syncExclusions Updated exclusions: nebula-1773472002
2026-03-14 03:06:42.340 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1773472002
2026-03-14 03:06:42.340 [1425] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-14 03:06:42.341 [1425] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-14 03:06:42.341 [1425] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-14 03:18:46.067 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-14 03:18:46.154 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-14 04:53:16.153 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-14 04:53:16.243 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-14 06:17:52.244 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-14 06:17:52.365 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-14 07:00:58.540 [1425] info  DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-03-14 07:00:58.540 [1425] info  asset_mgmt.cpp::collectData Collecting asset information
2026-03-14 07:00:58.540 [1425] info  asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-03-14 07:00:58.540 [1425] info  asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-14 07:00:58.540 [1425] info  asset_mgmt.cpp::collectMemory Collecting memory information
2026-03-14 07:00:58.540 [1425] info  asset_mgmt.cpp::collectDrives Collecting drive information
2026-03-14 07:01:07.674 [1425] info  asset_mgmt.cpp::collectStartups Collecting startups information
2026-03-14 07:01:07.685 [1425] info  asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-03-14 07:01:15.939 [1425] info  client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 360452145152, \"freespace_total\": 360452145152, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 733274189824, \"freespace_total\": 733274189824, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 5445726208, \"free_virtual\": 8386506752, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2026-03-14 07:01:16.493 [1425] info  schedule_store.cpp::save Saved nebula schedules
2026-03-14 07:01:16.504 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-14 07:01:16.609 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-14 08:34:52.610 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-14 08:34:52.699 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-14 10:30:04.701 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-14 10:30:04.791 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-14 11:51:04.793 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-14 11:51:04.880 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-14 13:01:16.881 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-14 13:01:16.969 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-14 14:28:51.143 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-03-14 14:28:55.038 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "644013ce2e4ebcb44e68486033dcdf8a:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-14 14:28:55.592 [1423] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-03-14 14:28:55.592 [1423] info  update.cpp::launchAgentUpdate No agent updates available
2026-03-14 14:28:55.592 [1423] info  on_timer.cpp::update No agent updates available
2026-03-14 14:28:55.592 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-03-14 14:28:55.737 [1423] info  sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-03-14 14:28:55.737 [1423] info  sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-03-14 14:28:56.458 [1423] info  sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-03-14 14:28:56.642 [1423] info  sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.107992

2026-03-14 14:28:57.576 [1423] info  sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.107992
2026-03-14 14:28:57.576 [1423] info  sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.107992
2026-03-14 14:28:58.218 [1423] info  IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-03-14 14:28:58.390 [1423] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-03-14 14:28:58.391 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-03-14 14:28:58.589 [1423] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-03-14 14:28:58.590 [1423] info  command_history.cpp::Cleanup Performing command history cleanup
2026-03-14 14:29:07.085 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "644013ce2e4ebcb44e68486033dcdf8a:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-14 14:37:34.970 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-14 14:37:35.059 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-14 15:48:41.060 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-14 15:48:41.167 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-14 17:06:59.169 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-14 17:06:59.256 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-14 18:42:23.258 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-14 18:42:23.345 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-14 20:41:11.346 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-14 20:41:11.435 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-14 22:24:41.433 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-14 22:24:41.546 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-15 00:12:41.548 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-15 00:12:41.653 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-15 01:58:53.655 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-15 01:58:53.742 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-15 02:01:59.837 [1425] info  on_nebula.cpp::handle Performing threat scan
2026-03-15 02:15:50.880 [1425] info  on_nebula.cpp::handle Scan complete, duration: 831
2026-03-15 02:15:50.887 [1425] info  schedule_store.cpp::save Saved nebula schedules
2026-03-15 02:15:50.888 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-15 02:15:51.032 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-15 04:05:40.050 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-15 04:05:40.163 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-15 05:22:10.165 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-15 05:22:10.262 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-15 07:07:28.263 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-15 07:07:28.351 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-15 08:35:40.571 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-15 08:35:40.660 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-15 10:04:47.672 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-15 10:04:47.759 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-15 11:23:06.772 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-15 11:23:06.860 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-15 12:37:48.862 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-15 12:37:48.950 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-15 14:05:07.153 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-15 14:05:07.242 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-15 14:29:02.935 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-03-15 14:29:06.329 [1423] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-03-15 14:29:06.330 [1423] info  update.cpp::launchAgentUpdate No agent updates available
2026-03-15 14:29:06.330 [1423] info  on_timer.cpp::update No agent updates available
2026-03-15 14:29:06.330 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-03-15 14:29:06.520 [1423] info  sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-03-15 14:29:06.520 [1423] info  sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-03-15 14:29:06.856 [1423] info  sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-03-15 14:29:07.199 [1423] info  sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.108000

2026-03-15 14:29:07.382 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "644013ce2e4ebcb44e68486033dcdf8a:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-15 14:29:08.198 [1423] info  sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.108000
2026-03-15 14:29:08.198 [1423] info  sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.108000
2026-03-15 14:29:08.307 [1423] info  IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-03-15 14:29:08.434 [1423] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-03-15 14:29:08.434 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-03-15 14:29:08.598 [1423] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-03-15 14:29:08.603 [1423] info  command_history.cpp::Cleanup Performing command history cleanup
2026-03-15 14:29:19.437 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "644013ce2e4ebcb44e68486033dcdf8a:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-15 15:30:37.244 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-15 15:30:37.358 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-15 17:18:37.360 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-15 17:18:37.447 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-15 19:06:37.449 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-15 19:06:37.537 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-15 20:12:19.538 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-15 20:12:19.630 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-15 21:20:43.631 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-15 21:20:43.727 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-15 22:30:02.742 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-15 22:30:02.831 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-16 00:21:38.832 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-16 00:21:38.920 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-16 02:08:44.922 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-16 02:08:45.025 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-16 03:35:09.027 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-16 03:35:09.149 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-16 05:09:39.150 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-16 05:09:39.238 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-16 06:03:40.441 [1425] info  client.cpp::sync Command received : event.policy.refresh
2026-03-16 06:03:40.583 [1425] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-16 06:03:40.583 [1425] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-16 06:03:40.583 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-16 06:03:41.595 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "d00fa9bf7811a16514f771a74f5f6eb8:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-16 06:03:41.596 [1425] info  client.cpp::sync Command received : event.exclusion.refresh
2026-03-16 06:03:41.596 [1425] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-16 06:03:41.701 [1425] info  client.cpp::syncExclusions Updated exclusions: nebula-1773655421
2026-03-16 06:03:41.701 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1773655421
2026-03-16 06:03:41.701 [1425] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-16 06:03:41.703 [1425] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-16 06:03:41.704 [1425] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-16 07:00:59.443 [1425] info  DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-03-16 07:00:59.443 [1425] info  asset_mgmt.cpp::collectData Collecting asset information
2026-03-16 07:00:59.443 [1425] info  asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-03-16 07:00:59.443 [1425] info  asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-16 07:00:59.444 [1425] info  asset_mgmt.cpp::collectMemory Collecting memory information
2026-03-16 07:00:59.444 [1425] info  asset_mgmt.cpp::collectDrives Collecting drive information
2026-03-16 07:01:09.583 [1425] info  asset_mgmt.cpp::collectStartups Collecting startups information
2026-03-16 07:01:10.596 [1425] info  asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-03-16 07:01:19.048 [1425] info  client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 372353314816, \"freespace_total\": 372353314816, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 731747393536, \"freespace_total\": 731747393536, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 3414593536, \"free_virtual\": 8354787328, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2026-03-16 07:01:19.152 [1425] info  schedule_store.cpp::save Saved nebula schedules
2026-03-16 07:03:57.239 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-16 07:03:57.326 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-16 08:17:46.339 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-16 08:17:46.427 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-16 09:27:05.440 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-16 09:27:05.530 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-16 11:07:53.532 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-16 11:07:53.642 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-16 12:55:54.656 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-16 12:55:54.746 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-16 14:10:36.748 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-16 14:10:36.986 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-16 14:29:13.164 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-03-16 14:29:17.125 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "d00fa9bf7811a16514f771a74f5f6eb8:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-16 14:29:18.505 [1423] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-03-16 14:29:18.505 [1423] info  update.cpp::launchAgentUpdate No agent updates available
2026-03-16 14:29:18.505 [1423] info  on_timer.cpp::update No agent updates available
2026-03-16 14:29:18.505 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-03-16 14:29:18.669 [1423] info  sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-03-16 14:29:18.669 [1423] info  sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-03-16 14:29:19.202 [1423] info  sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-03-16 14:29:19.300 [1423] info  sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.108012

2026-03-16 14:29:20.142 [1423] info  sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.108012
2026-03-16 14:29:20.143 [1423] info  sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.108012
2026-03-16 14:29:20.392 [1423] info  IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-03-16 14:29:20.520 [1423] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-03-16 14:29:20.520 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-03-16 14:29:20.668 [1423] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-03-16 14:29:20.675 [1423] info  command_history.cpp::Cleanup Performing command history cleanup
2026-03-16 14:29:21.141 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "d00fa9bf7811a16514f771a74f5f6eb8:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-16 14:38:59.397 [1425] info  client.cpp::registerRefresh nebula client refresh success
2026-03-16 14:38:59.397 [1425] info  plugin_manager.cpp::updateAuthToken sending updated auth token to epa.linux.plugin.edr
2026-03-16 14:38:59.448 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-16 14:38:59.542 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-16 16:23:23.543 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-16 16:23:23.632 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-16 17:04:34.777 [1425] info  client.cpp::sync Command received : event.policy.refresh
2026-03-16 17:04:34.918 [1425] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-16 17:04:34.918 [1425] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-16 17:04:34.918 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-16 17:04:35.929 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "a988cba4f26bf2b3e376709b12bf5840:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-16 17:04:35.930 [1425] info  client.cpp::sync Command received : event.exclusion.refresh
2026-03-16 17:04:35.930 [1425] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-16 17:04:36.083 [1425] info  client.cpp::syncExclusions Updated exclusions: nebula-1773695075
2026-03-16 17:04:36.083 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1773695075
2026-03-16 17:04:36.083 [1425] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-16 17:04:36.084 [1425] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-16 17:04:36.087 [1425] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-16 18:14:59.633 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-16 18:14:59.748 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-16 19:44:05.749 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-16 19:44:06.485 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-16 21:08:42.486 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-16 21:08:42.575 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-16 22:25:12.577 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-16 22:25:12.666 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-16 22:49:51.746 [1425] info  client.cpp::sync Command received : event.policy.refresh
2026-03-16 22:49:51.874 [1425] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-16 22:49:51.874 [1425] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-16 22:49:51.874 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-16 22:49:53.179 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "64a64492c39d48f76c305ba0070d17cc:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-16 22:49:53.179 [1425] info  client.cpp::sync Command received : event.exclusion.refresh
2026-03-16 22:49:53.179 [1425] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-16 22:49:53.333 [1425] info  client.cpp::syncExclusions Updated exclusions: nebula-1773715793
2026-03-16 22:49:53.333 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1773715793
2026-03-16 22:49:53.333 [1425] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-16 22:49:53.334 [1425] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-16 22:49:53.334 [1425] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-16 23:39:55.679 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-16 23:39:55.766 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-17 01:33:19.767 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-17 01:33:19.855 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-17 02:01:58.009 [1425] info  on_nebula.cpp::handle Performing threat scan
2026-03-17 02:15:34.001 [1425] info  on_nebula.cpp::handle Scan complete, duration: 815
2026-03-17 02:15:34.030 [1425] info  schedule_store.cpp::save Saved nebula schedules
2026-03-17 02:15:34.031 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-17 02:15:34.135 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-17 03:18:35.148 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-17 03:18:35.237 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-17 04:47:42.249 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-17 04:47:42.336 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-17 06:21:18.338 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-17 06:21:18.432 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-17 07:01:12.922 [1425] info  DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-03-17 07:01:12.922 [1425] info  asset_mgmt.cpp::collectData Collecting asset information
2026-03-17 07:01:12.922 [1425] info  asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-03-17 07:01:12.922 [1425] info  asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-17 07:01:12.923 [1425] info  asset_mgmt.cpp::collectMemory Collecting memory information
2026-03-17 07:01:12.926 [1425] info  asset_mgmt.cpp::collectDrives Collecting drive information
2026-03-17 07:01:21.089 [1425] info  asset_mgmt.cpp::collectStartups Collecting startups information
2026-03-17 07:01:22.102 [1425] info  asset_mgmt.cpp::collectInstalls Collecting installed software information
2026-03-17 07:01:30.480 [1425] info  client.cpp::reportAssetInfo Reporting ASSET_INFORMATION: {"data": "{\"computer_info\": {\"manufacturer\": \"Supermicro\", \"model\": \"Super Server\"}, \"culture\": \"en-US.UTF-8\", \"dhcp_scope_name\": \"\", \"domain_name\": \"\", \"drives\": [{\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 369231568896, \"freespace_total\": 369231568896, \"name\": \"/dev/sda5\", \"total_size\": 482051710976, \"volume_label\": \"\"}, {\"drive_format\": \"ext3\", \"encryption\": 3, \"freespace_available\": 878551040, \"freespace_total\": 878551040, \"name\": \"/dev/sda2\", \"total_size\": 1023303680, \"volume_label\": \"\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 730923368448, \"freespace_total\": 730923368448, \"name\": \"/dev/sdc1\", \"total_size\": 984369287168, \"volume_label\": \"/home2\"}, {\"drive_format\": \"ext4\", \"encryption\": 0, \"freespace_available\": 45772177408, \"freespace_total\": 45772177408, \"name\": \"/dev/sdb1\", \"total_size\": 984368562176, \"volume_label\": \"\"}, {\"drive_format\": \"vfat\", \"encryption\": 3, \"freespace_available\": 209477632, \"freespace_total\": 209477632, \"name\": \"/dev/sda4\", \"total_size\": 209489920, \"volume_label\": \"\"}], \"engine_version\": \"1.1.88\", \"fully_qualified_host_name\": \"host.aldigital24x7in.com\", \"host_name\": \"host.aldigital24x7in.com\", \"memory\": {\"free_physical\": 3452104704, \"free_virtual\": 8349544448, \"total_physical\": 65940369408, \"total_virtual\": 8589930496}, \"nics\"
2026-03-17 07:01:30.512 [1425] info  schedule_store.cpp::save Saved nebula schedules
2026-03-17 07:29:43.444 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-17 07:29:43.531 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-17 09:24:55.532 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-17 09:24:55.623 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-17 11:12:46.209 [1425] info  client.cpp::sync Command received : event.policy.refresh
2026-03-17 11:12:46.351 [1425] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-17 11:12:46.351 [1425] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-17 11:12:46.351 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-17 11:12:47.363 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "8650067253b08aea8c127afa00818634:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-17 11:12:47.363 [1425] info  client.cpp::sync Command received : event.exclusion.refresh
2026-03-17 11:12:47.363 [1425] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-17 11:12:47.468 [1425] info  client.cpp::syncExclusions Updated exclusions: nebula-1773760367
2026-03-17 11:12:47.468 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1773760367
2026-03-17 11:12:47.468 [1425] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-17 11:12:47.468 [1425] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-17 11:12:47.469 [1425] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-17 11:21:02.635 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-17 11:21:22.261 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-17 12:44:10.263 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-17 12:44:10.374 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-17 14:28:34.375 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-17 14:28:34.462 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-17 14:29:24.793 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-03-17 14:29:29.139 [1423] info  sirius.cpp::downloadUpdates package: epa.linux does not need updating
2026-03-17 14:29:29.140 [1423] info  update.cpp::launchAgentUpdate No agent updates available
2026-03-17 14:29:29.140 [1423] info  on_timer.cpp::update No agent updates available
2026-03-17 14:29:29.140 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-03-17 14:29:29.327 [1423] info  sirius.cpp::downloadUpdates package: mblinux.db.rules does not need updating
2026-03-17 14:29:29.327 [1423] info  sirius.cpp::downloadUpdates updating package: mbam-c.dbcls.linux
2026-03-17 14:29:29.594 [1423] info  sirius.cpp::backupEntry Backing up package: mbam-c.dbcls.linux
2026-03-17 14:29:29.701 [1423] info  sirius.cpp::download updated mbam-c.dbcls.linux to version 1.0.108032

2026-03-17 14:29:30.570 [1423] info  sirius.cpp::unpack Unpacked mbam-c.dbcls.linux 1.0.108032
2026-03-17 14:29:30.570 [1423] info  sirius.cpp::installDownloaded installed mbam-c.dbcls.linux 1.0.108032
2026-03-17 14:29:30.681 [1423] info  IGSDK.cpp::IGSDK_Shutdown SDK Shutdown (0)
2026-03-17 14:29:30.833 [1423] info  IGSDK.cpp::IGSDK_Initialize SDK Initialized (0)
2026-03-17 14:29:30.833 [1423] info  sirius.cpp::downloadUpdates checking for new updates
2026-03-17 14:29:30.987 [1423] info  sirius.cpp::downloadUpdates package: epa.linux.plugin.edr does not need updating
2026-03-17 14:29:30.989 [1423] info  command_history.cpp::Cleanup Performing command history cleanup
2026-03-17 15:28:52.463 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-17 15:28:52.597 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-17 16:35:28.598 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-17 16:35:28.686 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-17 17:37:34.687 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-17 17:37:34.799 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-17 18:38:09.865 [1425] info  client.cpp::sync Command received : event.policy.refresh
2026-03-17 18:38:09.971 [1425] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-17 18:38:09.971 [1425] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-17 18:38:09.971 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-17 18:38:10.983 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "8859fda478623519bb73785e3d3aecb6:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-17 18:38:10.983 [1425] info  client.cpp::sync Command received : event.exclusion.refresh
2026-03-17 18:38:10.983 [1425] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-17 18:38:11.136 [1425] info  client.cpp::syncExclusions Updated exclusions: nebula-1773787090
2026-03-17 18:38:11.136 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1773787090
2026-03-17 18:38:11.136 [1425] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-17 18:38:11.137 [1425] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-17 18:38:11.137 [1425] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-17 18:39:40.800 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-17 18:39:40.887 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-17 20:04:16.889 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-17 20:04:16.978 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-17 21:11:46.979 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-17 21:11:47.067 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-17 22:56:47.402 [1425] info  client.cpp::sync Command received : event.policy.refresh
2026-03-17 22:56:47.516 [1425] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-17 22:56:47.516 [1425] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-17 22:56:47.516 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-17 22:56:48.528 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "4123a8a3af6c154bd062e7c7b8398c11:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-17 22:56:48.528 [1425] info  client.cpp::sync Command received : event.exclusion.refresh
2026-03-17 22:56:48.528 [1425] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-17 22:56:48.625 [1425] info  client.cpp::syncExclusions Updated exclusions: nebula-1773802608
2026-03-17 22:56:48.625 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1773802608
2026-03-17 22:56:48.625 [1425] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-17 22:56:48.626 [1425] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-17 22:56:48.632 [1425] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-17 23:02:29.066 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-17 23:02:29.153 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-18 00:00:59.434 [1425] info  client.cpp::sync Command received : event.policy.refresh
2026-03-18 00:00:59.576 [1425] info  asset_mgmt.cpp::processPolicy Asset management policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-18 00:00:59.576 [1425] info  client.cpp::processPolicy Policy settings: {"policy_version": 1, "rtp_settings": {"malware": {"enabled": true}}}
2026-03-18 00:00:59.576 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new policy from nebula
2026-03-18 00:01:00.588 [1425] info  client.cpp::reportAgentInfo Reporting AGENT_INFORMATION: {"culture": "en-US.UTF-8", "dhcp_scope_name": "", "domain_name": "", "engine_version": "1.1.88", "fully_qualified_host_name": "host.aldigital24x7in.com", "host_name": "host.aldigital24x7in.com", "nics": [{"description": "em1", "ips": ["67.227.174.105"], "mac_address": "3cecef7617b8"}], "os_info": {"os_architecture": "amd64", "os_platform": "Linux", "os_release_name": "CentOS Linux 7 (Core)", "os_type": "Server", "os_version": "7.0.0"}, "plugins": [{"alerts": {"codes": []}, "plugin_version": "1.0.112", "product_name": "Linux Endpoint Detection and Response", "sdk_version": "", "update_package_version": ""}, {"alerts": {"codes": []}, "plugin_version": "1.1.88", "product_name": "Endpoint Protection", "sdk_version": "2.2.6", "update_package_version": "2.0.202602171401"}], "policy_etag": "c45c0984ce1271c23b418029bcc94f46:4c18eaf5-78d3-40af-a681-9cb065b8ca7d:76", "protection_status": {"realTimeProtection": "started"}, "schedules": [{"schedule_etag": "ff3480a1d8ac0ba87881848014870110", "schedule_id": "25f77255-7c25-4c2a-a758-1bd2d6981d24"}, {"schedule_etag": "7a184de6c08e2131e74c9b908299948b", "schedule_id": "455af8e0-5bb5-457f-8fcb-c0416e3cfccf"}], "serial_number": "0123456789", "time_zone": "EST"}
2026-03-18 00:01:00.588 [1425] info  client.cpp::sync Command received : event.exclusion.refresh
2026-03-18 00:01:00.588 [1425] info  client.cpp::handleCommandIfSimple event.exclusion.refresh - exclusions_etag is empty
2026-03-18 00:01:00.751 [1425] info  client.cpp::syncExclusions Updated exclusions: nebula-1773806460
2026-03-18 00:01:00.751 [1425] info  on_nebula.cpp::onNebulaThread mblinux received new nebula exclusions: nebula-1773806460
2026-03-18 00:01:00.751 [1425] info  exclusion_store.cpp::setFromNebula Setting exclusions from nebula exclusions
2026-03-18 00:01:00.751 [1425] info  exclusion_store.cpp::setFromNebula InvalidArgument at /src/common/exclusion_store.cpp:158 ()
2026-03-18 00:01:00.751 [1425] info  exclusion_store.cpp::setFromNebula Completed setting the exclusions from nebula exclusions
2026-03-18 00:27:59.154 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-18 00:27:59.241 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-18 01:50:47.243 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-18 01:50:47.332 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-18 02:01:59.414 [1425] info  on_nebula.cpp::handle Performing threat scan
2026-03-18 02:18:38.174 [1425] info  on_nebula.cpp::handle Scan complete, duration: 999
2026-03-18 02:18:38.178 [1425] info  schedule_store.cpp::save Saved nebula schedules
2026-03-18 02:18:38.180 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-18 02:18:38.303 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-18 03:26:09.316 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-18 03:26:09.443 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-18 04:48:57.444 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-18 04:48:57.532 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-18 06:35:09.533 [1425] info  web_socket.cpp::connectIfNeeded Attempting new websocket connection
2026-03-18 06:35:09.753 [1425] info  web_socket.cpp::connectIfNeeded WebSocket connection established
2026-03-18 07:01:00.929 [1425] info  DefaultCommandHandler.cpp::handle Received command to refresh assets
2026-03-18 07:01:00.929 [1425] info  asset_mgmt.cpp::collectData Collecting asset information
2026-03-18 07:01:00.929 [1425] info  asset_mgmt.cpp::collectData Collect types passed in: {"include_drives": null, "include_installs": null, "include_memory": null, "include_modules": null, "include_nics": null, "include_processes": null, "include_startups": null, "include_updates": null}
2026-03-18 07:01:00.929 [1425] info  asset_mgmt.cpp::collectData Collect types merged with policy: {"include_drives": true, "include_installs": true, "include_memory": true, "include_modules": null, "include_nics": true, "include_processes": null, "include_startups": true, "include_updates": true}
2026-03-18 07:01:00.930 [1425] info  asset_mgmt.cpp::collectMemory Collecting memory information
2026-03-18 07:01:00.931 [1425] info  asset_mgmt.cpp::collectDrives Collecting drive information
2026-03-18 07:01:11.149 [1425] info  asset_mgmt.cpp::collectStartups Collecting startups information
2026-03-18 07:01:11.216 [1425] info  asset_mgmt.cpp::collectInstalls Collecting installed software information